Cwa-documentation: What use has the "Enter TAN" box inside the "Have you been tested box"?
Your Question
- Documentation File: https://github.com/corona-warn-app/cwa-documentation/blob/master/solution_architecture.md#retrieval-of-lab-results-and-verification-process
- Question: Why is there this box inside of the app?
Is the only use case for it when user already called the verification hotline and got a TeleTAN to enter it there?
Who issues TANs? Only the hotline or also other bodies?
Edit: Seems like the health authority can also issue TANs, do they only issue them via phone or via text too?
Are these also only valid for one hour?
Related Issue
Ein-Tim
All 8 comments
The tan box can be found here
Click Next steps
it is not there if you have scanned a QR code
dsarkar
on 18 Jan 2021
dsarkar
on 18 Jan 2021
Thanks @dsarkar but what is the use of this box?
Is this only used if you already called the hotline and want to enter the TAN? Or is it possible to get a TAN without calling the hotline (more specific, is it possible that a lab issues such a TAN which you can enter there)?
Ein-Tim
on 18 Jan 2021
@Ein-Tim, I will forward the question.
dsarkar
on 19 Jan 2021
@Ein-Tim
The best explanation about this is in Verification Server - Architecture Overview
There is some confusion between the app and the documentation, because when the documentation refers to TeleTAN, this is labelled TAN in the app UI.
From the table Core Entities I've extracted two relevant rows:
|Entity| Definition|
| ------------- |:-------------:|
|TAN| Is a proof that the user has a SARS-CoV-2 Test with status positive. Depending on the context the TAN has a different length. Has a default length of 128 Bit. |
|teleTAN| Is a subtype of TAN with reduced length and lifetime. This TAN is handed over via phone and contains only uppercase letters and numbers, excluding 0,O and I,1,L. Length of teleTAN is 9 characters, plus 1 check character. The lifetime of a teleTAN is 1h. |
The role descriptions:
- Hotline User: user with the role “c19hotline”
- Health Authority User: user with the role “c19healthauthority”
are different, but that only seems to make a difference in how their actions are signed. They are both using the Portal Server to generate a teleTAN for the user to input this into the screen labelled "TAN" in the app.
I can only pick this information from the documentation. I can't tell you if the role "Health Authority User" is being actively used at the moment.
MikeMcC399
on 19 Jan 2021
Thank you very much @MikeMcC399.
So, this box can be used in two cases:
a) You called the verification hotline and did not click on "Enter TAN" field after calling them and waiting for callback but rather dismissed the flow and are now seeing this screen.
b) You did not call the hotline but received a TAN from the health authority which you can now enter in the "Enter TAN" box.
Still my other two questions stay:
- Does the health authority issue the TANs only via phone or via text too?
- Is it possible that a lab issues such a TAN which you can enter there?
Ein-Tim
on 19 Jan 2021
@Ein-Tim I got feedback: The only way teleTANs are issued is via the hotline in verbal form.
dsarkar
on 21 Jan 2021
Okay thanks.
Will close this Issue now.
Ein-Tim
on 21 Jan 2021
Related issues
MikeMcC399
·
3Comments
AndiLeni
·
3Comments
cknoll
·
3Comments
kbobrowski
·
3Comments
marcopashkov
·
3Comments
Most helpful comment
@Ein-Tim I got feedback: The only way teleTANs are issued is via the hotline in verbal form.