Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

AFAIK in my jurisdiction the QR codes are a simple number, which the app reports along with the names of the people who have checked in or you are checking in. The number represents all the data that UK code is trying to convey. Not sure why the UK code needs all of that within itself rather than having a lookup table of some sort the number points to.


If the lookup table was stored on the server, requesting the data would effectively provide the user location to the central server. This is the part that isn't allowed.

I suspect the lookup table is too big to store on the device itself.


Why would the app need to do a lookup? Store the numbers, and if/when you test positive then submit them along with your bluetooth keys.

Seems to me like a lot of these problems go away if governments stop making things more complicated than they need to be.


Well that's possible, but doesn't add any additional security and has the negative effect that users can't see where they have scanned into on their device (e.g. on the NHS app you can go to 'venue data' and see where you have logged into).

If one of your user stories involves users being able to see the names/addresses of venue's they have visited, you will either need to store the venue name in the QR code or do a lookup.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: