As you build, as you implement decentralized digital health credential systems, keep these broad points in mind

By Tim Spring

Indicio is a leading developer of decentralized digital health credentials and leads the Cardea community group at Linux Public Health Foundation. When it comes to building and using decentralized digital health credentials for managing Covid testing and vaccination, there’s a lot to consider. We want to share what we’ve learned through successful development and trials, and hope these eight rules will be a useful guide if you’re a policy or decision maker thinking about implementation and a helpful reminder if you’re an engineer focused on building a system.

1. The thing just has to work — This may sound like a no-brainer, but from our experience, this can be often overlooked. Want broad adoption? Your application must be fast and functional. If it causes too much friction people either won’t use it or they’ll look for ways around it.

2. When in doubt throw it out — Don’t include a data point unless you have a strong use case for that information. This keeps the data to a minimum, requiring less load time and storage, and provides fewer chances for the information to be misused or data lost.

3. Don’t reinvent the wheel — If you are making a passport, driver’s license, certification, or form, make the credential a digital twin of that form so people will find it easier to recognize it and adopt.

4. Go with open source over proprietary — Open-source products lead to easier fixes, upgrades, and competition to keep the price down. There’s a community of expert developers backing the product — and interoperability is built in. Proprietary often means expensive upgrades or expansions, or obsolescence and replacing an entire system.

5. There must be a backup plan — Ideally you have multiple backup plans. If the technology isn’t available what happens? You need to maintain some kind of offline option or option for people without access to a phone or unable to use a phone.

6. Test across a wide range of devices — Compatibility and accessibility go hand in hand: What works on Apple might not work on android — or any other phone people might have access to. The same goes for internet browsers. The best thing you can do is break it first—so you can fix it before people rely on it.

7. Partner with businesses for the rollout — To drive adoption, people will need some sort of incentive to use the credential along with places to use it. People will go with the option that requires the least amount of effort; but if they are turned away when trying to use your credential, they will be unlikely to use it again.

8. Start now — No technology is perfect; some bugs will always need to be worked out; but those who build early will see the most benefits. Implementation is a teacher. They will be able to improve their systems, learning from experience, while everyone else is still working on their first attempt.

Interested in learning more about digital health credentials, self-sovereign identity, and trusted data ecosystems? Get in touch with our team at Indicio to discuss the use case you are looking for and a tailored assessment and plan for its implementation.