Since the emergence of QR codes into the international limelight, there have been issues regarding security. It is becoming more apparent that the codes can be used to exploit the curiosity of those who may not be familiar with them. The scanning of codes linked to malicious content, such as viruses, can put a mobile user’s private information at risk. However, the codes posing risks to privacy are not always so clear to identify.
China has recently enjoyed the successful launch of their new bullet trains. The trains are fast becoming a popular means of transportation for both locals and tourists as they can travel more than 200 miles per hour. In anticipation of this popularity, the railway authority requires that all Chinese citizens present their ID cards when getting tickets and foreigners are required to present their passports. While the aim is to prevent ticket scalping, the practice leaves passengers at risk because their information is linked to a QR code, which is then plastered on their ticket.
The code can be read by any mobile barcode scanner and unveils detailed information about the ticketholder, such as their name, address, email address and phone number. The codes are not encrypted, and all the information is linked to the codes before they are printed to the tickets. Essentially, anyone wanting access to this information can pick up discarded tickets and scan the code.
The Railway Police are urging passengers of the new train system to tear up their tickets into several pieces after their ride. No official agency has come forward thus far in regards to this glaring oversight.