You are on page 1of 42

CHAPTER-1

INTRODUCTION TO QR CODES
1.1 WHAT IS QR CODE
QR code (abbreviated from Quick Response Code) is the trademark for a type of matrix
barcode (or two-dimensional barcode) first designed for the automotive industry in Japan. A
barcode is a machine-readable optical label that contains information about the item to which
it is attached. A QR code uses four standardized encoding modes (numeric, alphanumeric,
byte / binary, and kanji) to efficiently store data; extensions may also be used
The QR Code system has become popular outside the automotive industry due to its fast
readability and greater storage capacity compared to standard UPC barcodes. Applications
include product tracking, item identification, time tracking, document management, general
marketing, and much more.
A QR code consists of black modules (square dots) arranged in a square grid on a white
background, which can be read by an imaging device (such as a camera) and processed using
ReedSolomon error correction until the image can be appropriately interpreted. The required
data are then extracted from patterns present in both horizontal and vertical components of
the image.

Fig1.1: Quick Response Code


1

The QR (Quick Response) Code is a two-dimensional (2-D) matrix code that belongs to a
larger set of machine-readable codes, all of which are often referred to as barcodes, regardless
of whether they are made up of bars, squares or other-shaped elements.
Compared with 1-D codes, 2-D codes can hold a larger amount of data in a smaller space, and
compared with other 2-D codes, QR Code Essentials.
The QR Code can hold much more data still. In addition, an advanced error-correction
method and other unique characteristics allow the QR Code to be read more reliably and
at higher speeds than other codes. Like written language, barcodes are visual representations
of information. Unlike language, however, which humans can read, barcodes are designed to
be read and understood (decoded) by computers, using machine-vision systems consisting of
optical laser scanners or cameras and barcode-interpreting software. The rules with which a
barcode is constructed (its grammar) and the character set it uses (its alphabet) are called
its symbology.

Fig 1.1.1 To barcode-reading software, both of these 1-D barcodes are identical.
Changing the height of the bars does not change the information they contain.

Differences in the second, vertical dimension of the bars and spaceswhether they are taller
or shorterdoes not matter; all that counts is how wide they are and what order they are
placed in.

HISTORY
The QR code system was invented in 1994 by Denso Wave. Its purpose
was to track vehicles during manufacture; it was designed to allow highspeed component scanning Although initially used for tracking parts in
vehicle manufacturing, QR codes now are used in a much broader context,
including both commercial tracking applications and convenience-oriented
applications aimed at mobile-phone users (termed mobile tagging). QR
codes may be used to display text to the user, to add a vCard contact to
the user's device, to open a Uniform Resource Identifier (URI), or to
compose an e-mail or text message. Users can generate and print their
own QR codes for others to scan and use by visiting one of several paid
and free QR code generating sites or apps. The technology has since
become one of the most-used types of two-dimensional barcode

1.2 DEVELOPMENT OF QR CODE


1.2.1 FROM 1-D TO 2-D CODES
After the commercial introduction of 1-D barcodes in 1966, they quickly gained widespread
acceptance. In time, however, demand grew for new types of codes that could hold more
information and use more character types, yet occupy a smaller space. Attempts were
consequently made to increase the amount of data contained in barcodes by increasing the
number of bars or creating multiple-barcode layouts. These efforts, however, resulted in a
larger barcode area, complicated reading requirements and increased printing costs. To solve
these problems, two-dimensional (2-D) codes were developed, first as stacked barcodes,
which repeat the same linear symbology vertically, and then as matrix codes, composed of
small, symmetrical elements arranged in a square or rectangle.

Multiple-barcode

2-D stacked barcode


3

2-D matrix code

Fig1.2 development of qr codes


Because 2-D matrix codes contain information in both the horizontal and vertical direction,
they met the need for high data density and small size, yet further improvements were still
to follow, including those introduced by the QR Code. The following table summarizes the
features and characteristics of some typical 2-D codes.

1.2.2 FEATURES OF CODES


The following table summarizes the features and characteristic of some typical 2-D codes.

Fig 1.2.1 features of codes

fig 1.2.2: development of qr codes with characteristics

1.2.3 STORAGE
The amount of data that can be stored in the QR code symbol depends on the datatype (mode,
or input character set), version (1, , 40, indicating the overall dimensions of the symbol),
and error correction level. The maximum storage capacities occur for 40-L symbols (version
40, error correction level L)
Maximum character storage capacity (40-L)
character refers to individual values of the input mode/datatype

Input mode
Numeric
only

max.
bits/ch
possible characters, default encoding
characters
ar
7,089

0, 1, 2, 3, 4, 5, 6, 7, 8, 9

Alphanume
4,296
ric

09, AZ (upper-case only), space, $, %, *,


+, -, ., /, :

Binary/byt
2,953
e

ISO 8859.1

Kanji/kana 1,817

13

Shift JIS X 0208

CHAPTER-2
UNDERSTANDING OF QR CODE STRUCTURE

2.1 CODE STRUCTURE

Fig 2.1 code structure

Unlike 1-D barcodes, the QR Code is a 2-D matrix code that conveys information not by the
size and position of bars and spaces in a single (horizontal) dimension, but by the
arrangement of its dark and light elements, called modules, in columns and rows, i.e. in
both the horizontal and vertical directions.
Each dark or light module of a QR Code symbola specific instance of a coderepresents a
0 or 1, thus making it machineintelligible.

Fig 2.1.1 module structure


The QR Code modules perform several functions: Some contain the actual data itself, while
others are grouped into various function patterns that improve reading performance and allow
symbol alignment, error correction and distortion compensation. The timing pattern lets the
scanning device know the size of the symbol. There is also a required quiet zone, a fourmodulewide buffer area containing no data, to ensure that surrounding text or markings are
not mistaken for QR Code data.
Conventional 2-D matrix codes required a considerable amount of time to be spent searching
a symbols code to determine its angle of orientation, position (x and y coordinates) and size.
To address this problem, the QR Code was designed with special position-detection patterns
located in three corners of each symbol. The patterns have a symmetrical scan-line ratio of
1:1:3:1:1, which allows them to be scanned from any direction within a full 360 degrees. In
addition, the positional relationship of the patterns allows quick access to the relevant
angle, position and size information contained in the codes periphery.
As a result, the QR Code does not require lengthy code searching, enabling reading speeds 20
times faster than those of conventional matrix codes. Also, searching the position detection
patterns can be performed by the scanning hardware, further increasing overall speed by
allowing image reading and data processing to be carried out simultaneously.

2.2 QR CODE SYMBOL VERSIONS


QR Codes can be generated in 40 different symbol versions, from 21 x 21 modules (version
1) to 177 x 177 modules (version 40).

Fig 2.2 symbol version


Each higher symbol version has 4 additional modules per side (16 additional modules per
symbol), and can contain a proportionally larger amount of data. The maximum amount of
data that can be contained by a given symbol is determined by its version, type of characters
and error-correction level.
2.3 READING OF QR CODES

Mobile device must have a camera

Start the QR reader app

Point the camera at the code orient code within designated area

CHA
PTER-3
TYPES OF QR CODES
(1) URL:
These are the codes that redirect the user to a website. As soon the code is scanned, the phone
browser will open and load the company website. Company can put URL QR codes on their
promotional materials so that their customers who are looking for more information can land
on their website.
(2) MECARD:
Containing contact details, these codes automatically save information in a users phone
address book. This saves users from the hassle of entering the information manually and from
making input mistakes. These codes are very useful in an event such as conventions,
conferences, and seminars where there is a need to exchange business card.
(3) VCARD:
A vCard QR code can store more data than meCard QR code, like a salutation, job title,
mobile number, work details, address, zip code, and country. Such information is useful if a
person is working on a global level and needs to share more information about to consumers.

(4) CALENDAR EVENT:


Usually found on invitation cards and movie or concert tickets, these codes have information
regarding the event date, time, and location. They can also hold event descriptions. These
codes also have an option to automatically save the event in the phones calendar.
(5) EMAIL:
When scanned, email QR codes will have an email address to provide. Email QR codes can
also open email composition window on a users phone, with the email address field already
filled in. These codes can prompt users to send an email.

(6) PHONE NUMBER:


This code is used to encode a phone number so when a phone scans it, it will produce a
number on its home screen. This encourages users to call the advertiser, rather than continue
searching. This type of QR code is especially useful for pizza delivery and similar services.
(7) SMS:
This type of QR code prompts an SMS message from the users phone, automatically
addressing and composing the text message. An SMS QR code is best used for subscription
services.
(8) GPS Map Coordinates:
Information regarding the location of a particular place or an object is stored using latitude
and longitude coordinates and can be displayed on a smartphone. This code can also provide
directions.
(10) SOCIAL MEDIA:
Use this code to get a person to like a Facebook page or retweet on Twitter. You can also use
this code to share information on social networking websites.
(11) PLAIN TEXT:
This code displays a text message to the codes scanner, and is useful for communicating
short messages.
(11) YOUTUBE VIDEO:
Embedding a YouTube video in your QR code directs users to promotional or how-to videos
about your company.
(12) LINKEDIN SHARE:
Creating a QR Code for LinkedIn lets clients and customers find your profile easily on this
popular business networking site.

10

(13) FOURSQUARE VENUE:


You can create a QR code to capitalize on the popularity for the FourSquare app, which
entices customers to check in at your location and tell their friends.

11

CHAPTER-4
CREATION AND WORKING OF QR CODES
4.1 QR CODE GENERATOR
As the inventor of the QR Code and owner of the QR Code trademark, DENSO Wave
Incorporated has allowed the patents for the code to be freely available to the public.
Consequently, many websites now feature online QR Code generators or
downloadable code-generating software. Such code generators and software are not certified
by the International Organization for Standardization (ISO), however, so there is no way of
telling if they adhere to the relevant ISO Standard 18004, which is based on the DENSO
Wave patent. As a result, the code symbols they create may not be readable by all devices or
the reading quality may be reduced. (An easy test is to create the same code symbol with two
or more online generators and compare the results. Differences in the arrangement of the
modulessimilar to the differences in language translationwill be immediately apparent.)
Of particular concern is the fact that non-ISO-compliant code generators do not determine the
minimum printable size of a given QR Code symbol. If a symbol is printed at a size that is
below the ISO-specified minimumwhich takes into account the amount of data contained
in that symbol, the symbol version and the resolution of the printing devicereadability
will be dramatically reduced.
Using QR Code-generating software that is not ISO compliant can be especially problematic
if the QR Code is to be read by smart phones, whose quality may greatly vary. Also, the QR
Code-reading software used by smart phones, like code generating software, is not
necessarily based on ISO specifications.

12

Fig 4.1 : Only ISO-compliant QR Code-generating software can ensure


maximum symbol readability and specify the minimum printable
size for a given symbol

To ensure that a QR Code will be successfully read by the highest percentage of devices,
therefore, it is essential to use code-generating software offered only by a reputable
manufacturer who can be trusted to comply with ISO specifications.

13

4.2 CREATE QR CODES BY CODE GENRATING SOFTWARES


many websites now feature online QR Code generators or downloadable code-generating
software. Such code generators and software are not certified by the International
Organization for Standardization (ISO)
Very easy to create

1. Find URL of desired information


2. Copy that URL
3. Go on http://qrcode.kaywa.com/ (one of many QR generators)
4. Paste the URL in the desired box
5. Click to generate
6. Save the QR Code picture

14

Fig 4.2 code generating software

15

Fig 4.2.1 code generating software with url

16

fig : 4.2.2 code generating software generated qr code

17

Fig 4.2.3 another code generation software

Fig 4.2.4 code generation software with different services

18

CHA
PTER-5
FUNCTIONS AND SECURITY OF QR CODES
5.1 FUNCTIONS
1 HIGH-SPEED READING:
Faster scanning and the ability to scan barcodes from a distance increase operator efficiency.
Look for devices with advanced CCD scanning technology, which enables even high-density
or poorly printed barcodes to be read at high speed and from a distance.
2. EASE OF USE:
Lightweight, ergonomic designs, featuring large display screens and easy-to-hold grips,
reduce operator fatigue, a key factor in productivity.
3. DURABILITY:
In the field, hand-held scanners and terminals are vulnerable to harsh environments and rough
handling, including being bumped or dropped. Devices featuring rugged, drop-resistant
construction and resistance to water and dust protect your equipment investment.
4. LONG BATTERY LIFE:
Scanners are available with power-saving features that result in longer operating time,
eliminating frequent, time-consuming battery changes.

5. EXPERIENCE AND REPUTATION OF THE MANUFACTURER:


Look for a manufacturer that has established itself as an industry leader and innovator, and
whose products have stood the test of time.

19

5.2 SECURITY OF QR CODES


5.2.1 THREAT MODEL
One can distinguish two different threat models for manipulating QR
Codes. First, an attacker may invert any module, changing it either from
black to white or the other
way round. Second, a more restricted attacker can only change white
modules to black and not vice versa.
BOTH COLORS
The easiest approach for attacking an existing QR Code is by generating a
sticker containing a QR Code with the manipulated QR Code in the same
style as the original QR
Code and position it over the code on the advertisement Of course this
would either require some preparation or a mobile printer and design
applications for a mobile device. At least when attacking on a large scale
against one chosen target, the time needed for preparation should not
pose a serious limitation. Since this attack is trivial, we have decided to
exclude it from the scope of this paper. However, we believe that using
this method in an attack against a real-world advertisement is a viable
option for large-scale attacks.
SINGLE COLOR
In this case we restrict ourselves to the modi_cation of a single color only.
The background for this restriction lies in the scenario of an attacker
seeking to modify a single poster on the y just by using a pen (thereby
reducing the possible modi_cations to changing white modules to black).
This restriction is the basis for the attacks further outlined throughout this
paper.
5.2.2 ATTACKING DIFFERENT PARTS
Since QR Codes contain a lot of different information, including meta
information on version, masking and source encoding, several different
regions exist that can be targeted either individually or in combination.
5.2.3 ATTACKING HUMAN INTERACTION

20

Humans can not read the code without a reader software, the information
stored within the code is completely obfuscated. But by reading the
manipulated QR code, vulnerability in the reader software or the browser
might get triggered.
1.
2.
3.
4.

Phishing and Pharming


Fraud
Attacking reader software
Social engineering attacks

5.3 SOLUTION
In this we outlined the dangers of possible attacks utilizing manipulated
QR Codes. Since QR Codes gain increasing popularity through their use
for marketing purposes, we expect that this kind of attack will receive
more and more attention by the hacking community in the future.
Furthermore, many mobile devices (e.g., Smartphones) at present are
able to decode QR Codes and access the URLs contained in them. This
adds a new dimension to the topic of trust, especially since most users are
not security-conscious enough when using their mobile phones (which
also enable the use of novel phishing techniques). In addition to phishing,
a multitude of other attack methods, both against humans and automated
systems, might be performed using QR

21

CHAPTER-6
QR CODE GENERATION
There are 6 stages in qr generation
DATA ANALYSIS
DATA ENCODING
ERROR CORRECTING
STRUCTURE FINAL MESSAGE
DATA MASKING
FORMAT INFORMATION STRING

6.1 DATA ANALYSIS


MODES SUPPORTED BY QR CODES:NUMERIC: for decimal digits from 0-9
ALPHA-NUMERIC: digits from 0-9,upper-case alphabets &
symbols($,%,*,+,-,/,space)
BYTE: strings in form of hexadecimal bytes

6.2 DATA ENCODING

STEP 1: Select error correction level.


STEP 2: Determine the smallest version for the data.
STEP 3: Add the mode indicator
22

STEP 4: Add the character count indicator


STEP 5: Encode using the selected mode
STEP 6: Breaking up to form code-words

6.3 ERROR CORRECTION CODING

Allows the QR code readers to detect & correct the errors in the
code.
Reed-Solomon error-correcting algorithm is used.
Codewords are 8 bits long and use the ReedSolomon error
correction algorithm with four error correction levels. The higher the
error correction level, the less storage capacity. The following table
lists the approximate error correction capability at each of the four
levels:
Level L (Low)

7% of codewords can be restored.

Level M (Medium)

15% of codewords can be restored.

Level Q (Quartile)

25% of codewords can be restored.

Level H (High)

30% of codewords can be restored.

In larger QR symbols, the message is broken up into several Reed


Solomon code blocks. The block size is chosen so that at most 15
errors can be corrected in each block; this limits the complexity of
the decoding algorithm. The code blocks are then interleaved
together, making it less likely that localized damage to a QR symbol
will overwhelm the capacity of any single block.
Due to error correction, it is possible to create artistic QR codes that
still scan correctly, but contain intentional errors to make them more
readable or attractive to the human eye, as well as to incorporate
colors, logos, and other features into the QR code block

6.4 STRUCTURE FINAL MESSAGE


23

If code-word is small, it is left as such.


Larger QR codes are broken up into blocks of either 15 or 16 data
code-words each.

6.5 DATA MASKING


MASKING means, changing the color of a module.
QR codes define 7 masking patterns.
For ex: in mask pattern #1, every even numbered row in the matrix
is masked

6.6 FORMAT INFORMATION STRING


Includes the error correction level & the masking pattern currently in
use.
(7x4) i.e. 28 format information strings exist.
Format string table gives the list of 28 format information strings

24

CHAPTER-7
ENCRYPTION AND
IMPLEMENTATION OF QR CODES

7.1 ENCRYPTION
Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily
understood by unauthorized people. Decryption is the process of converting encrypted data
back into its original form, so it can be understood.
The use of encryption/decryption is as old as the art of communication. In wartime, a cipher,
often incorrectly called a code, can be employed to keep the enemy from obtaining the
contents of transmissions. (Technically, a code is a means of representing a signal without the
intent of keeping it secret; examples are Morse code and ASCII.) Simple ciphers include the
substitution of letters for numbers, the rotation of letters in the alphabet, and the "scrambling"
of voice signals by inverting the sideband frequencies. More complex ciphers work according
to sophisticated computer algorithms that rearrange the data bits in digital signals.
In order to easily recover the contents of an encrypted signal, the correct decryption key is
required. The key is an algorithm that undoes the work of the encryption algorithm.
Alternatively, a computer can be used in an attempt to break the cipher. The more complex

25

the encryption algorithm, the more difficult it becomes to eavesdrop on the communications
without access to the key.
Encryption/decryption is especially important in wireless communications. This is because
wireless circuits are easier to tap than their hard-wired counterparts. Nevertheless,
encryption/decryption is a good idea when carrying out any kind of sensitive transaction,
such as a credit-card purchase online, or the discussion of a company secret between different
departments in the organization. The stronger the cipher -- that is, the harder it is for
unauthorized people to break it -- the better, in general. However, as the strength of
encryption/decryption increases, so does the cost.
In recent years, a controversy has arisen over so-called strong encryption. This refers to
ciphers that are essentially unbreakable without the decryption keys. While most companies
and their customers view it as a means of keeping secrets and minimizing fraud, some
governments view strong encryption as a potential vehicle by which terrorists might evade
authorities. These governments, including that of the United States, want to set up a keyescrow arrangement. This means everyone who uses a cipher would be required to provide
the government with a copy of the key. Decryption keys would be stored in a supposedly
secure place, used only by authorities, and used only if backed up by a court order.
Opponents of this scheme argue that criminals could hack into the key-escrow database and
illegally obtain, steal, or alter the keys. Supporters claim that while this is a possibility,
implementing the key escrow scheme would be better than doing nothing to prevent criminals
from freely using encryption/decryption.

7.2 ENCRYPTION IN QR CODES


When we talk about Encrypted Code, we do not mean that the code itself (e.g. QR Code) is
encrypted, but, instead, a part of the URL where the code is pointing is encrypted.
The Encrypted Codes feature can be used to hide or encrypt sensitive parts of the target URL
of your code or to prevent users from manipulating parts of the URL, e.g. changing the values
of parameters.

26

This can be of relevance in the following use cases:

Contests

Games

Voting

Security applications

Prevent crawling of sensitive data

Encrypted Codes are standard Dynamic Link Codes and therefore manageable, trackable and
editable like all other System Codes.
The contact data is stored in a database and accessible by providing the contact ID. Without
encryption, the URL for recalling this contact data would probably look something like this:
http://www.somesite.com/contactpage.php?contactid=12345
The problem with that approach is that someone could easily try contact IDs other than the
given ID of 12345 and collect the contact information that is associated with those other IDs.
Thats certainly something the BeeTagg Contact application has to prevent, and it can do so
by using Encrypted Codes.
The visible URL after encryption looks similar to this:
http://www.xyz.com/en/m/contact/data/-1/-1/0v0fZINM__Wc-WWFf7h93A
The last part of the URL (bold) is the ID of the contact, but in an encrypted form. Therefore,
plugging in random IDs to the URL will no longer lead you to a customers contact
information. Sure, you could encrypt the sensitive part of the URL yourself, but it means
exactly that: you need to do it yourself.

27

7.3 ENCRYPTION ALGORITHMS


XOR
XOR is not a real encryption algorithm. It only obfuscates the text, but in most cases XOR
will be sufficient. The advantage of XOR is that the length of the encrypted text has the same
length as the non-encrypted text and decryption is easier.
Rijandael
Rijandael is a standardized encryption algorithm. It is very secure, but implementation is not
as easy as with XOR and the length of the encrypted text is longer than the non-encrypted
text. Keep that in mind, because URLs have a limited length (a URL shouldnt exceed 1024
characters, because some browsers cannot handle them otherwise).
In order for Encrypted Codes to work you need to
1. Provide a secret encryption key. Secret means that you should not tell anybody and
you should not share it with others.

Example: ThI3**iS--an"EncRPtiOn::::KeY
2. Select one of the two encryption algorithms XOR or Rijandael
3. Define which part of the URL should be encrypted.

7.4 IMPLEMENTATION
To implement qr codes, a user interface code is being used

7.4.1 USER INTERFACE CODE


The user interface development of our code it consisists of two main
packages one is for design framework of our project responsible for

28

views and layout of application, and other contains main class and the
codes which generates QR code and add Encryption to them.

Fig 7.4.1: user interface code generator


29

CHAPTER-8
CHARACTERISTICS OF QR
CODE
Additional to the characteristics for two-dimensional symbol s such as large
volume data (7,089 numerical characters a t maximum), high-density recording
(approx. 100 times higher in density than linear symbols), and high-speed
reading, QR Code has other superiority in both performance and functionalities
aspects

8.1 ALL-DIRECTION (360) HIGH-SPEED READING


Reading matrix symbols will be implemented by using a CCD sensor (area
sensor). The data of the
scan line captured by the sensor will be stored into
the memory. Then, by using the software, the details will be analyzed, finder
patterns identified, and the position/size/angle of the symbol detected, and the
decoding process will be implemented.

30

Fig 8.1 all direction reading

8.2 RESISTANT TO DISTORTED SYMBOLS


Symbols often get distorted when attached onto a curved surface or by the
reader being tilted (angled between the CCD sensor face and the symbol face).
To correct this distortion, QR Code has alignment patterns arranged with a
regular interval within the range of the symbol. The variance between the Centre
positions of the alignment pattern estimated from the outer shape of the symbol
and the actual Centre position of the alignment pattern will be calculated to have
the mappings (for identifying the Centre position of each cell)corrected. This will
make the distorted linear/non-linear symbols readable.

31

Figure 8.2 : Correcting Distorted Symbol

8.3 DATA RESTORATION FUNCTIONALITY

QR Code has four different error correction levels (7%, 15%,25%, and 30% per symbol area).
The error correction functionality is implemented according to each of the smudge/damage,
and is utilizing Reed-Solomon code which is highly resistant to burst errors. Reed-Solomon
codes are arranged in the QR Code data area. By this error correction functionality, the codes
can be read correctly even when they are smudged or damaged up until the error correction
level.
32

Fig 8.3: Smudged/Damaged Symbols


8.4 LINKING FUNCTIONALITY OF THE SYMBOLS

QR Code has a linking functionality which will enable a single symbol to be


represented in several symbols by dividing it .

A single symbol can be divided into 16 symbols at maximum

Fig 8.4 linking functionality of the symbols

8.5 VARIANTS
Micro QR code is a smaller version of the QR code standard for applications where symbol
size is limited. There are 4 different versions (sizes) of Micro QR codes: the smallest is 1111
modules; the largest can hold 35 numeric characters
IQR code is an alternative to existing QR codes developed by Denso Wave. IQR codes can be
created in square or rectangular formations; this is intended for situations where a rectangular
33

barcode would otherwise be more appropriate, such as cylindrical objects. IQR codes can fit
the same amount of information in 30% less space. There are 61 versions of square IQR
codes, and 15 versions of rectangular codes. For squares, the minimum size is 9x9 modules;
rectangles have a minimum of 19x5 modules. IQR codes add error correction level S, which
allows for 50% error correction. QR Codes have not yet been given an ISO specification, and
only proprietary Denso Wave products can create or read IQR codes.
Model 1 QR code is an older version of the specification. It is visually similar to the widely
seen model 2 codes, but lacks alignment patterns

Micro QR code example

Micro QR code functional regions

Model 1 QR code example

Model 1 QR code functional regions

34

Fig 8.3.1 variants of qr codes

CHAPTER-9
APPLICATIONS AND
ADVANTAGES/DISADVANTAGES OF QR CODES

35

9.1 APPLICATIONS
Although the QR Code was originally designed to track automotive components and systems
through the manufacturing process and distribution supply chain, it has rapidly spread to
virtually every other area where traditional barcodes are used, as well as some entirely new
ones.
Typical applications include:
Manufacturing
Product traceability
Process control
Order and time tracking
Inventory and equipment management
Warehousing and logistics
Item tracking
Retailing
Point-of-purchase product identification
Sales management
Inventory control
Healthcare
Medical records management
Patient identification
Medication tracking
Equipment and device tracking
Life sciences
Specimen tracking
Transportation
Fleet management
Ticketing and boarding passes
Office automation
Document management
Marketing and advertising
Mobile marketing
Electronic tickets, coupons, payments and loyalty programs
36

9.2 ADVANTAGES AND LIMITAIONS


Advantages
1.
2.
3.
4.
5.
6.
7.
8.
9.

Fast, omni directional scanning.


High-capacity data storage.
Small size
Error correction.
Many types of data.
Distortion compensation.
Linkability (Structured Append.)
Direct Marking.
Most of all the Qr code generated have encrypted data and thus provides better safety

measure than normal codes.


10. The main advantage of a QR code is its versatility. QR codes can be used for anything
and everything. They are also beneficial for both customers and businesses
11. There is no need to write vital details down. A simple scan captures the desired
information

LIMITIONS

1. Since Qr codes are main used for marketing purpose they are now used as large
medium to encode data, so they cannot be a safe medium to encode a confidential
data.
2. Making encryption better and developing a universal decoder for decoding encrypted
codes is not available yet universally.
3. Although QR codes are popping up everywhere from on plant specimen labels to
library catalogues, there is a large demographic in society that still dont know what
QR codes represent. These proses a problem as companies and business are using the
37

QR code to advertise information that a potential customer might be interested in, but
if the customer doesnt know how to find the information, then they might not buy the
product or service and this can lose business thousands of dollars
4. Another major disadvantage of a QR code is the codes dependability on a mobile
device or smartphone. The whole concept of a QR code and its benefits are strictly
based on its ability to be scanned by a mobile device. If a consumer does not have a
mobile device or smartphone, then the QR code is not beneficial to them and they lose
out.
5. QR codes appear on billboards, branded products, product tags and business cards. A
bad print job renders your QR code useless. Blurry, crooked and bad print quality
make it impossible to scan the QR code and retrieve the information stored within.
You need to make sure your print QR codes correctly print and test them before
distribution.

9.3 LICENSE
The use of QR codes is free of any license. The QR code is clearly defined and published as
an ISO standard.
Denso Wave owns the patent rights on QR codes, but has chosen not to exercise them In the
USA, the granted QR code patent is US 5726435, and in Japan JP 2938338. The European
Patent Office granted patent "EPO 0672994". to Denso Wave, which was then validated into
French, UK, and German patents, all of which are still in force as of November 2011.
The word QR code itself is a registered trademark of Denso Wave Incorporated.In UK, the
trademark is registered as E921775, the word "QR Code", with a filing date of 03/09/1998.
The UK version of the trademark is based on the Kabushiki Kaisha Denso (DENSO
CORPORATION) trademark, filed as Trademark 000921775, the word "QR Code", on
03/09/1998 and registered on 6/12/1999 with the European Union OHIM (Office for
Harmonization in the Internal Market). The U.S. Trademark for the word "QR Code" is
38

Trademark 2435991 and was filed on 29 September 1998 with an amended registration date
of 13 March 2001, assigned to Denso Corporation.

FUTURE WORK
The possibilities for attacks proposed open up a quite large held for further research.
The main target lies in the accurate analysis and practical application of one
or more of the outlined attacks on a given target. Furthermore, it should be investigated
which parts of a QR Code are the easiest to attack, and what countermeasures can be
taken to thwart attacks.
In even more general terms, it would be very interesting to and metrics that can be
used to measure the vulnerability of QR Codes depending on a given type of attack outline
and with respect to characteristics like black/white-distribution, version, masking, etc.

39

Last but not least, other 2D-Codes such as Aztec or DataMatrix need to be analyzed in the
same way to identify possible attack vectors and find suitable countermeasures.

CONCLUSION
In general, we believe that QR codes have great potential in business media. Some
possibilities are there are many creative ideas waiting for us to explore. We examine outlined
the dangers of possible malicious attacks utilizing manipulated QR Codes.
Since QR Codes gain increasing popularity through their use for marketing purposes,
we expect that this kind of attack will receive more and more attention by the hacking
community in the future. This paper will present some security conscious of the mobile
phones users.

40

REFERENCES

[1] R. Bose and D. Ray-Chaudhuri. On a class of error correcting binary group codes*.
Information and control, 3(1):68{79, 1960.
[2] M. Canadi, W. Hopken, and M. Fuchs. Application of qr codes in online travel
distribution. In ENTER, pages 137{148, 2010.
[3] https://developers.google.com

41

[4] QR Code from Wikipedia, The free encyclopedia

[5] J. Gao, V. Kulkarni, H. Ranavat, L. Chang, and H. Mei. A 2d barcode-based mobile


payment system. In MUE, pages 320{329, 2009.
[6] ISO 16022:2006. Data Matrix bar code symbology speci_cation. ISO, Geneva,
Switzerland.
[7] http://www.sicet.org/journals/jetde/jetde10/7-So.pdf
[8] http://www.sba-research.org/wp-content/uploads/publications/QR_Code_Security.pdf

42

You might also like