Decoding QR Codes: Simple Scans, Big Impact

Did you scan it?

Nowadays, we use Google Pay, Apple Pay, or Phone Pay as if they’re going to cover our bills for us, lol. But when it comes to making payments, we still need to scan the QR code provided by the recipient. Let’s understand the base of QR code today.

Barcode Invention

Norman Joseph Woodland and Bernard Silver invented the barcode and got it patented in the US in 1952. It was inspired by Morse code, using thin and thick bars. It took over 20 years for the invention to become popular. Barcodes became common in the 1970s and are now widely used in everyday transactions. They are utilized in many areas, such as in retail for fast checkout and inventory management; in shipping for tracking packages; in libraries for book management; and in healthcare for accurate patient and medication identification, among other applications.

What Created the Need for QR Codes?

The need for QR codes arose because of several limitations of traditional barcodes. QR codes were created to address the demand for higher data capacity, faster scanning from any angle, and built-in error correction, all within a compact design. QR codes can also encode a variety of data types, such as URLs and contact details, making them more versatile.

QR Code Invention

QR codes were invented in 1994 by the Japanese company Denso Wave for tracking automotive parts. QR codes consist of black squares on a white background, which are readable by cameras. They use Reed-Solomon error correction to ensure accurate interpretation, extracting data from patterns in both horizontal and vertical directions.

What makes QR code special?

1. QR codes can store a large amount of data, including alphanumeric characters, special symbols, and binary data.
2. They can still be read even if part of the code is damaged or obscured, thanks to built-in error correction mechanisms.
3. It can be scanned quickly from multiple angles, making them convenient and easy to use in various situations.
4. It even holds significant amounts of data in a small space, making them ideal for use on labels, packaging, and other limited areas.
5. It can trigger a variety of actions beyond just displaying information, such as launching apps, initiating calls, or sending texts.

During the COVID pandemic, QR codes became popular for touchless interactions, replacing physical menus with online versions in restaurants and providing quick access to updated information. They were used by local TV stations to link to pandemic-related content. In Australia, QR codes were required for contact tracing at various venues, and similar systems were implemented in Singapore, Taiwan, the UK, and New Zealand. Additionally, QR codes are included on COVID-19 vaccination certificates also for verification purposes.

Type of QR codes

Static QR Codes: Stores fixed information that cannot be changed once generated. Ideal for permanent data like URLs, contact details, and plain text, these codes are simple and cost-effective but lack flexibility for updates.

Dynamic QR Codes: These are versatile, allowing the encoded information to be updated without altering the physical code. They support tracking and analytics, making them suitable for marketing campaigns and content management.

Custom QR Codes: These are integrate brand elements like logos and colors into the design, enhancing brand recognition while maintaining functionality. They can be either static or dynamic, combining visual appeal with utility.

Structure of QR code

QR code is made up of tiny squares, known as modules. These modules are the fundamental unit of QR code. Think of them as the pixels of the QR code, storing all the data. It starts from the bottom right, these blocks zigzag upward, creating the rows and columns of the QR code.

Understanding the sub-parts:

1. Position Detection Patterns: Large squares in three corners that help scanners identify the code’s orientation.
2. Alignment Patterns: Smaller squares throughout the code that ensure it can be read accurately, even if distorted. It even helps to scan the QR at any angle.
3. Timing Patterns: Alternating black and white modules between position detection patterns to help with data structure.
4. Version Information: A QR code’s size (number of rows and columns) is determined by its version number, ranging from 1 to 40. Version 1 has 21x21 modules, Version 2 has 25x25, and so on. The higher the version number, the more modules it has, and the more data it can store.
5. Format Information: Bits near the position detection patterns that store error correction level and mask pattern.
   Format information in a QR code specifies the error correction level, allowing the code to be read even if damaged. There are four standard levels:
   Level L (Low): Up to 7% damage can be corrected.
   Level M (Medium): Up to 15% damage can be corrected.
   Level Q (Quartile): Up to 25% damage can be corrected.
   Level H (High): Up to 30% damage can be corrected.
   The percentage indicates how badly the QR-Code may be damaged in order to still be readable. However, as the error correction level increases, the possible amount of stored data decreases at the same time.

6. Quiet Zone: The empty margin around the QR code, providing space for the scanner to differentiate the code from its surroundings.

7. Data Area: The space where the actual information is stored in an encrypted format.

How QR codes work?

QR codes really work hard, don’t they? And look at you — just as busy! Not being sarcastic, just trying to stay optimistic.

Security and privacy concerns

1. Phishing Attacks:
   QR codes can be easily manipulated to redirect users to malicious websites designed to steal sensitive information, such as login credentials and personal data. Like a QR code placed on a promotional flyer that redirects to a fake login page mimicking a popular service.
   Users should verify the source of the QR code and organizations can implement URL previews before redirection.
2. Malware Distribution:
   Scanning a QR code can lead to the automatic download of malware onto a user’s device. For example, a public QR code leading to the download of a malicious app that compromises device security.
   Use trusted QR code scanning apps that provide a security check before proceeding with downloads.
3. Data Harvesting:
   QR codes can be used to gather data about users, such as their location, device type, and other metadata without their explicit consent. For example, a QR code in a restaurant menu that collects data for marketing purposes without informing the user.
   Ensure transparency by informing users about data collection and provide opt-out options.
4. QR Code Tampering:
   Physical QR codes can be easily tampered with or replaced, leading users to unintended and potentially harmful destinations. Think of a situation where a QR code on a public notice board being replaced with one that directs to a malicious website.
   Regularly monitor and verify the integrity of publicly displayed QR codes. Use tamper-evident labels.
5. Privacy Invasion:
   Scanning a QR code can unintentionally provide access to personal information stored on the device. For example, a QR code that prompts the user to grant access to contacts, messages, or other sensitive data.
   Limit the permissions granted to apps that scan QR codes and use privacy-focused scanning apps.
6. Unverified Content:
   QR codes can link to unverified or harmful content that can mislead or harm the user. For example, a QR code leading to fake news or harmful content without the user’s knowledge.
   Implement verification mechanisms for content linked via QR codes and educate users about potential risks.
7. Financial Fraud:
   QR codes used in payment systems can be exploited for financial fraud, leading users to transfer money to fraudulent accounts. For example, a QR code on an invoice leading to a fake payment portal.
   Verify payment details manually or through trusted channels before completing transactions.

QR codes are evolving beyond simple links. Think of scanning a code on a product to access its entire lifecycle, from production to recycling. Or, envision interactive city maps where QR codes on buildings reveal historical facts or augmented reality experiences. In healthcare, codes could securely store patient records. Personalized QR codes that bridge the physical and digital worlds, revolutionizing how we interact with information and our environment.

So, the next time you scan any QR code, remember its working, types, and most importantly, security implications.
Until next Thursday, keep scanning and keep learning!