QR Code Security & Privacy
Security threats (QRishing, sticker attacks), privacy considerations, cryptographic signatures, and best practices for safe QR code deployment and scanning.
QRishing: How QR Code Phishing Works
How attackers use QR codes for phishing: fake parking meters, restaurant stickers, email QR codes, and credential theft.
QR Code Sticker Attacks: Detection and Prevention
Physical QR code tampering: sticker overlay attacks, tamper-evident materials, and verification strategies.
Safe QR Code Scanning: A Consumer Guide
How to scan QR codes safely: URL preview checking, suspicious code indicators, and what to do if you scan a …
Cryptographic Signatures in QR Codes
How digital signatures verify QR code authenticity: COSE, CBOR, public key infrastructure, and offline verification.
SQRC: Secure QR Codes with Encrypted Data
DENSO WAVE's Secure QR Code: dual public/private data, encryption architecture, authorised reader requirements, and use cases.
Privacy Risks of QR Codes: What Scanners Reveal
Data exposed when scanning QR codes: IP address, device info, location, and time. Privacy implications of dynamic QR tracking.
QR Codes for Two-Factor Authentication (2FA)
TOTP authentication QR codes: otpauth:// URI format, secret key generation, authenticator app compatibility, and security best practices.
QR Code Security for Enterprise Deployment
Enterprise QR code security: access control, audit logging, domain whitelisting, certificate pinning, and compliance requirements.
EU Digital COVID Certificate: QR Code Case Study
Technical analysis of the EU DCC: CBOR encoding, COSE signing, offline verification, and lessons for future credential systems.
QR Code Malware: Threats and Mitigation
How QR codes can deliver malware: drive-by downloads, app store redirects, and scanner vulnerabilities. Defence strategies.
Anti-Counterfeiting with QR Codes
Using QR codes to combat product counterfeiting: serialisation, cloud verification, blockchain integration, and tamper detection.
QR Code Security Audit Checklist
Comprehensive security checklist for QR code deployments: generation, distribution, scanning, data handling, and incident response.
Data Protection (GDPR) and QR Codes
GDPR compliance for QR code systems: data collection notices, consent mechanisms, data retention, and user rights.
Secure QR Code Generation: Best Practices for Developers
Developer guide: input validation, output sanitisation, secret handling, HTTPS enforcement, and preventing injection attacks.
QR Code Incident Response: When Things Go Wrong
Responding to QR code security incidents: compromised dynamic URLs, sticker attacks in the wild, and public communication.