While I don’t agree that we should have the CST everywhere, the reality now is that it’s here and it’s likely stay around for a while. I’m not antivax or anything (I am fully vaccinated), but I don’t like that we put so much restrictions on people without
The itsme® situation
The reason I don’t like itsme® is that it is built by the biggest multinational banks. The anarchist in me says that authentication on a governmental level thinks that this kind of information and authority does not belong in the private sector (see this Dutch article for an interesting read). And definitely not in the hands of banks who want to gain more power and control. Mobile providers are in on it as well, and they are proven not to be on the level of security that I desire. And finally, there is a (rather high) pricetag for developers who want to use it. They definitely don’t want small developers to use it.
Luckily, itsme® isn’t a legal requirement (yet), so there’s a way around it. Unfortunately, it isn’t easy for non-technical people and isn’t documented well. That’s where I try to fill the gap today. This small explanation should give you
Sidenote: the easier way
While these steps show you how to get your Covid Safe Ticket in the government-provided app, one easier way around this is by simply downloading a PDF version and showing that one on your phone. You can download these as described here. It requires only your eID.
Setup another authentication method
On a PC, go to CSAM.be (official authentication platform of the federal government). This website is used by all other government websites to verify your identity. This way, you only need one set of credentials for everything any government in this country does. It’s great! Once you’ve selected your language, choose to manage your digital keys. Sign in using your eID.
After you’ve signed in with your eID, pick either the login with email or login with authenticator code to set up those methods of authentication. Both methods work for Covid certificates, it’s just a matter of which method is easier for you. Or, if you really want to, you can set up both. This might be easy if you cannot use one of the two. If you ever happen to lose access to either email or your Authenticator app, you can always use your eID on this website again to disable the methods and set them up again.
As always, pick a password that you don’t use anywhere else. And at the very least: don’t use the same password as your email. This is especially important for this site, because these credentials can be used to sign you in into multiple government websites.
Back to the app!
Now, in the app, instead of using itsme® as authentication method, choose “login with eHealth”. The text might make it seem as if you can only use this method for your children, but this isn’t true.
Here, use the credentials that you set up a minute ago. After you’ve signed in and have been redirected a few times, you should come back to the app to see your certificate(s)!
Head me up on Twitter if anything is unclear!