SQRC: QR Codes seguros con datos encriptados

Embed This Widget

Theme


      
    

Widget powered by . Free, no account required.

DENSO WAVE's Secure QR Code: dual public/private data, encryption architecture, authorised reader requirements, and use cases.

SQRC: Secure QR Codes with Encrypted Data

SQRC (Secure QR Code) is a proprietary technology from DENSO WAVE (the inventor of QR codes) that adds an encrypted private data layer to standard QR codes.

How SQRC Works

An SQRC contains two data layers:

  1. Public data: Readable by any standard QR code scanner (e.g., a product name or public URL)
  2. Private data: Encrypted data readable only by authorised SQRC readers with the correct cryptographic key

Both layers coexist in the same QR code symbol. Standard scanners read only the public data; SQRC-enabled scanners with the right key also access the private data.

Technical Architecture

  • The public and private data share the same module grid
  • Private data is encrypted using a symmetric key (AES)
  • The key is pre-provisioned on authorised reader devices
  • The QR code's visual appearance is identical to a standard QR code
  • No visual indicator distinguishes an SQRC from a regular QR code

Use Cases

Product authentication: Public layer shows product information; private layer contains a cryptographic proof of authenticity that only verified scanners can validate.

Access control: Public layer displays a generic message; private layer contains access credentials readable only by authorised terminals.

Document security: Public layer shows a document summary; private layer contains a signature or verification code.

Supply chain: Public layer provides basic product tracking; private layer contains confidential supply chain data.

Limitations

  • Proprietary: SQRC technology is controlled by DENSO WAVE
  • Special readers required: Standard smartphone cameras cannot read private data
  • Key management: Distributing and managing symmetric keys is operationally complex
  • Cost: SQRC readers and licensing are more expensive than standard QR infrastructure
  • Limited adoption: Outside specific Japanese industrial applications, SQRC has limited market penetration

Alternatives

For most applications, alternative approaches provide similar security:

  • Digitally signed QR codes (open standards, any scanner)
  • Dynamic QR codes with server-side authentication
  • Standard QR codes linking to authenticated web services
  • NFC with secure element for high-security applications

Key Takeaways

  • SQRC provides dual public/private data layers in a single QR code
  • Private data requires authorised SQRC readers with pre-provisioned keys
  • Proprietary technology from DENSO WAVE with limited global adoption
  • Open alternatives (COSE/CBOR signatures) are more widely supported
  • Best suited for closed industrial ecosystems where DENSO WAVE hardware is standard