What use has the "Enter TAN" box inside the "Have you been tested box"?

[Ein-Tim]

Your Question

• Documentation File: https://github.com/corona-warn-app/cwa-documentation/blob/master/solution_architecture.md#retrieval-of-lab-results-and-verification-process
• Question: Why is there this box inside of the app?

1. Is the only use case for it when user already called the verification hotline and got a TeleTAN to enter it there?

2. Who issues TANs? Only the hotline or also other bodies?

Edit: Seems like the health authority can also issue TANs, do they only issue them via phone or via text too?
Are these also only valid for one hour?

---

Related Issue

corona-warn-app/cwa-wishlist#331

[dsarkar]

The tan box can be found here
Click Next steps

it is not there if you have scanned a QR code

[dsarkar]

[Ein-Tim]

Thanks @dsarkar but what is the use of this box?
Is this only used if you already called the hotline and want to enter the TAN? Or is it possible to get a TAN without calling the hotline (more specific, is it possible that a lab issues such a TAN which you can enter there)?

[dsarkar]

@Ein-Tim, I will forward the question.

[MikeMcC399]

@Ein-Tim
The best explanation about this is in Verification Server - Architecture Overview

There is some confusion between the app and the documentation, because when the documentation refers to TeleTAN, this is labelled TAN in the app UI.

From the table Core Entities I've extracted two relevant rows:

Entity	Definition
TAN	Is a proof that the user has a SARS-CoV-2 Test with status positive. Depending on the context the TAN has a different length. Has a default length of 128 Bit.
teleTAN	Is a subtype of TAN with reduced length and lifetime. This TAN is handed over via phone and contains only uppercase letters and numbers, excluding 0,O and I,1,L. Length of teleTAN is 9 characters, plus 1 check character. The lifetime of a teleTAN is 1h.

The role descriptions:

• Hotline User: user with the role “c19hotline”
• Health Authority User: user with the role “c19healthauthority”

are different, but that only seems to make a difference in how their actions are signed. They are both using the Portal Server to generate a teleTAN for the user to input this into the screen labelled "TAN" in the app.

I can only pick this information from the documentation. I can't tell you if the role "Health Authority User" is being actively used at the moment.

[Ein-Tim]

Thank you very much @MikeMcC399.

So, this box can be used in two cases:

a) You called the verification hotline and did not click on "Enter TAN" field after calling them and waiting for callback but rather dismissed the flow and are now seeing this screen.
b) You did not call the hotline but received a TAN from the health authority which you can now enter in the "Enter TAN" box.

Still my other two questions stay:

1. Does the health authority issue the TANs only via phone or via text too?
2. Is it possible that a lab issues such a TAN which you can enter there?

[dsarkar]

@Ein-Tim I got feedback: The only way teleTANs are issued is via the hotline in verbal form.

[Ein-Tim]

Okay thanks.
Will close this Issue now.