QR codes have become more popular than ever. However, one needs to keep in mind that QR codes have been designed for traceability and not authentication. So, how do you secure QR code? Fortunately, this is possible and we show you how.
As the world has undergone a rapid digital transformation, spurred in part by the global pandemic, the QR code has gone from being a quirky gimmick to a genuine contender in our arsenal of digital tools. We’re doing more things than ever online, and even when we’re out and about, we don’t want to touch too many things or spend too much time waiting around in enclosed spaces.
QR codes are a perfect solution, because they’re easy to make, can contain a huge amount of content, and we all generally have the means to scan them in our pockets thanks to a mobile app on our preferred device. They’ve been around for a while, but they’ve really come into their own in the last couple of years. But while QR codes check some of the convenience and ease of use boxes, they’re not the best choice for counterfeit protection.
Because standard QR codes are so easy to fake, they can’t be used to verify that a product is genuine or that a service is being provided by a bona fide company. However, you aren’t restricted to only standard QR codes. Thanks to the increase in demand for easy to use, easy to create QR codes, there are some innovative options to take your codes to the next level.
Here’s what you need to know, and how this security and authentication issue can be remedied, and how you might create a secured QR code.
QR Codes Made for Traceability Not Authentication
One of the biggest problems with QR codes, and the reason people are asking how to secure QR code, is that QR codes are made for traceability and not for authentication.
So, on their own, QR codes can deliver a lot of very important content to customers, but it can’t necessarily guarantee that the product or service they are getting is the real deal. At least, not on its own.
QR Codes for Sharing Information
While you might still be wondering how to secure QR code, there’s no denying that QR codes are the perfect way to share data with customers.
They’re very quick to set up. In fact, all you need is the link to a URL that contains the data you want to share, and you can have a QR code set up immediately thanks to an online generator. Unlike a link that users have to type in, there’s no chance that they will get it wrong, so also no chance they’ll get frustrated and look elsewhere.
QR codes take up a lot less space on printed marketing materials too, and since they’re usually black and white, they’re even great for low-cost flyers. You can share more data with even a small flyer, and you can save money by printing in monochrome!
QR codes are even popular on business cards now, to send recipients directly to a quote request or contact page on your website.
Why Are QR Codes Not Secure?
The primary reason why QR codes are not secure enough to be used to verify products or services is that they are relatively easy to reproduce.
Nearly anyone can create a QR code thanks to an online generator and link it to a URL pointing to a malicious website that seems to be legitimate. This will mislead users as it creates a false sense of security to the customer.
Because it’s so easy to create your own version of a QR code and redirect users who scan it anywhere you choose, and tell them anything you like, on its own, QR codes can’t be used as a security feature. They also can’t be relied on to verify the authenticity of any item or document.
However, there are ways to combine standard QR codes with additional security measures, so that the code itself can be verified as legitimate, and the link it redirects to is therefore valid by association.
Add Some Holes
It might seem like a really low-tech answer to the question of how to secure QR code, but many companies are choosing to combine a series of tiny, precisely positioned holes to their QR codes.
If the person looking at the code doesn’t know they are there, they probably won’t be noticed, and because they’re in precise locations, they can be used to authenticate the code itself. Think of it as a kind of tiny, security focused braille!
Of course, if you were to put holes into the paper like braille, the person who is holding the code would be able to feel them, and if all your marketing materials have those features, someone would probably notice that they are there.
However, this technique is known as micro-perforation and it is frequently used to secure banknotes.
Holograms are another way that some companies are choosing to verify that a QR code is genuine, increasing their security and ensuring that companies can use them as an authenticating measure.
Instead of the standard two colour QR code we’re all familiar with, these codes overlay the code itself with a hologram image. The code can still be read with a traditional QR code reader, but they are much harder to fake. These kinds of QR are codes can often be seen in China for products such as lubricants and liqueurs. However, since these holograms are very easy to spot, it’s also easy to see that an attempt to secure the code has been made. Which will only inspire cyber criminals to try harder.
Covert Versus Overt Security Measures
The problem with any security measures on a QR code is that criminals and hackers are getting smarter and more sophisticated. Which means that even if you use a feature like holograms, they’re visible to the people who want to redirect your customers, and with enough time, money and skill, anything can be faked.
So, a hologram will probably only work for a little while, before it’s reproduced, and you’re back at square one.
A covert solution, like the small holes mentioned, is very hard to spot at first glance, and can be very hard to reproduce. If people don’t know they are there, and exactly what pattern they form, it’s a lot harder to recreate them and thus provide a better protection against attacks.
Covert security features on a QR code are mostly invisible to the naked eye, so it can take a long time before anyone looking to fake your code even realize they exist – which makes covert a better solution than overt, in this case!
The Cryptoglyph and Secured QR code Solution
When it comes to solutions to the problem of how to secure QR code, nothing has come as close as the Cryptoglyph.
This patented technology uses the micro holes idea, but instead of putting them in the paper, they are printed right into the clear coat of your printed materials. They’re invisible to the naked eye, won’t change the color or design of the piece, and can’t even be felt. In fact, unless you know they’re there, you’ll never know they’re there!
Because Cryptoglyphs are also designed to be a one-of-a-kind authenticator, you’d not only have to know they are there, but also knowing the exact pattern that was used for a particular code. This makes them almost uncrackable, and impossible to easily forge.
Cryptoglyph is a relatively low-cost way to ensure that anything that has your QR code on it is easily verifiable thanks to a dedicated mobile app on your phone. So you can finally use your QR code not only to share information, but also to verify that the product or service is genuine thanks to the dedicated software. No more fakes, frauds or redirects to competitor’s websites and products!
The QR code can redirect the user to a website where he can download the dedicated mobile app on his device and then perform the verification. The dedicated mobile app can be protected by username and password in case the software verification of the security feature needs to be restricted to certain users. Of course, one has to make sure that the downloaded App is the official one.
Another possibility would be to use the Secured QR code technology. This technology follows the same principle as Cryptoglyph but adds the tiny holes into the black color of the QR code.
How to secure QR codes?
You might think that if you’re not using QR codes for authentication, you don’t need to worry about whether they are protected or not. However, because they are so much more popular today, and because they are used to direct customers to information, they can be misused under nearly any circumstance.
Imagine if a competitor were to use a similar flyer to redirect users to their own website? Or a QR code that is linked to an order and payment form were to redirect to a fraudster’s malicious page – your customers might very well enter their payment information on a site that doesn’t belong to you!
The rise in cyber crime, phishing and hacking has permeated every area of technology, and QR codes are not immune. So, if you’re going to use QR codes for anything from sharing information, to track and trace applications or anti-counterfeiting, you should be using a secure option.
Work with the Leaders in QR Code Security
The good news is that while you do need to know the difference between an unsecure and a secured QR code, you don’t have to reinvent the wheel to upgrade yours.
At AlpVision we provide high tech security solutions like Cryptoglyph and Secured QR codes, and it’s a lot easier than you think to change all your QR codes from easily forged standard versions to high tech, high security alternatives.
QR codes are not going anywhere. At least, not anytime soon. We’ve discovered their true worth, and they’re being used on everything from products to business cards to official documents. It’s likely that as we all get used to the ease and convenience they offer, we’ll see them used in more and more places, and for more applications.
So don’t wait until all your competitors are rolling out their QR code programs to act! Talk to the experts in secure QR code technology, and find out how you can transform your processes, products and services by integrating next generation QR codes. If you’re not sure whether you should go for Cryptoglyph or Secured QR code, download our complimentary whitepaper that describes the differences between both technologies.
Download your whitepaper