Abstract: The COVID-19 pandemic created a need that increased the use of Quick Response (QR) codes. The need to minimize contact with items handled by multiple people, for example, drove restaurants to replace menus with QR codes on tabletops. Scanning a QR code with a smartphone camera presents the user with the option to open a website URL displaying something simple as a restaurant menu or to check-in to health care and trusted payment applications. As with other technology solutions, QR codes come with risks. Accessing a website from a smartphone creates the potential for a cybersecurity hack. For this project, the team conducted primary research and investigated cyber risks associated with QR codes. We tested multiple QR code scanning software and documented multiple threat vectors present in many of the publicly available QR code scanning software products. Initial research focused on Android smartphone applications.
Download this article: JISAR - V16 N1 Page 13.pdf
Recommended Citation: Homan, J., Breese, J., (2023). QR Code Hacking – Detecting Multiple Vulnerabilities in Android Scanning Software. Journal of Information Systems Applied Research16(1) pp 13-20. http://JISAR.org/2023-1/ ISSN : 1946 - 1836. A preliminary version appears in The Proceedings of CONISAR 2022