QR codes have become an integral part of our daily lives, especially in the wake of the COVID-19 pandemic. From contact tracing to payments, QR codes are everywhere. But with their widespread use comes a host of risks that consumers need to be aware of. In this article, we’ll explore the history of QR codes, their applications, and the emerging risks associated with their use. We’ll also provide tips on how to protect yourself from QR code scams.
What is a QR Code?
The QR code, or Quick Response code, was invented in 1994 by a Japanese automotive manufacturer to speed up the scanning and tracking process during production. Unlike traditional barcodes, QR codes can store significantly more information, making them versatile for various applications.
Originally designed for tracking products in factories, QR codes have since evolved to be used in postage services, retail, and even public health. Today, they are ubiquitous, appearing on everything from restaurant menus to public transport schedules.
Image: The creation of QR codes in the automotive industry.
QR Codes in Everyday Life
Contact Tracing During COVID-19
One of the most prominent uses of QR codes in recent years has been for contact tracing during the COVID-19 pandemic. Governments around the world, including Australia, mandated the use of QR codes for checking into public places like restaurants, shops, and public transport.
While this was an effective way to track potential outbreaks, it also raised significant privacy concerns. For example, in Australia, police accessed QR code check-in data for investigations unrelated to the pandemic, despite assurances that the data would only be used for contact tracing.
Image: A typical COVID-19 check-in QR code displayed at a business entrance.
QR Code Scams
Unfortunately, the widespread use of QR codes has also made them a target for scammers. Here are some common QR code scams to watch out for:
- Clickjacking: Scammers place fake QR codes in tourist spots, luring people into scanning them for information. Instead of getting useful details, victims are directed to malicious websites.
- Small Advance Payment Scams: In services like bike rentals, scammers replace legitimate QR codes with their own, tricking users into making payments to the wrong account.
- Phishing: QR codes can easily disguise phishing links. Scammers place these codes in places where users expect to scan them, such as restaurant menus or COVID-19 check-in points.
Image: A fake QR code sticker placed over a legitimate one.
The Risks of QR Codes in Uncontrolled Environments
While QR codes were initially used in controlled environments like factories and postage services, their use in public spaces has introduced new risks. In controlled environments, the potential for exploitation is limited. However, in public spaces, QR codes can be easily replaced or manipulated by malicious actors.
Data Collection and Privacy Concerns
QR codes are often used to collect consumer data, which is a valuable commodity. For example, some shops use QR codes to track customer movements and purchase history, enabling targeted marketing. However, this data can also be misused or sold to third parties without the consumer’s knowledge.
In one case, a supermarket in Australia introduced QR codes on shopping trolleys to track their movement. While this was marketed as a way to prevent trolley theft, the company’s privacy policy revealed that they were also collecting detailed consumer data, including names, phone numbers, and shopping habits.
Image: A QR code on a shopping trolley used for tracking and data collection.
QR Code Payment Scams
QR code payments are becoming increasingly popular, but they also come with risks. In China, scammers have replaced legitimate QR codes at restaurants and shops with their own, redirecting payments to their accounts. In one case, criminals stole over $24 million by replacing QR codes on shared bikes.
In Australia, major supermarkets like Coles and Woolworths are rolling out QR code payment options. While convenient, this technology is not without risks. Scammers could easily replace QR codes on products or at checkout points, leading to financial losses for both consumers and businesses.
Image: A QR code payment system at a retail store.
How to Protect Yourself from QR Code Scams
Given the risks associated with QR codes, it’s important to take steps to protect yourself. Here are some tips:
- Only Scan Secure QR Codes: Avoid scanning QR codes that are displayed in public places where they could be easily replaced. Instead, look for codes that are digitally displayed on screens or in secure locations.
- Use a Dedicated Device for Check-ins: If you’re required to scan QR codes for check-ins, consider using a separate device that doesn’t contain sensitive information.
- Be Cautious with QR Code Payments: When using QR codes for payments, double-check that you’re scanning the correct code. If possible, use payment methods that offer additional security, such as two-factor authentication.
- Read Privacy Policies: Before scanning a QR code, especially one that requires you to provide personal information, read the company’s privacy policy to understand how your data will be used.
Image: A secure QR code displayed on a digital screen at a checkout point.
Conclusion
QR codes are a powerful tool that has revolutionized the way we interact with technology. However, their widespread use has also introduced new risks, from data privacy concerns to outright scams. As consumers, it’s important to stay vigilant and take steps to protect ourselves from these emerging threats.
By understanding the risks and following best practices, we can continue to enjoy the convenience of QR codes without falling victim to their potential dangers.
This article is based on a talk delivered by Brad Lyons in 2021, a tech development and intelligence consultant with extensive experience in the private and government sectors. For more insights into emerging risks and technology, visit Tracers.au.