The inventor of the QR code, a brilliant Japanese technical wizard called Masahiro Hara, is now jaded with his invention. This is something that happens all too often on the internet when an idea spreads around the globe and some malice, unintended by the inventor, starts to spread. It is what happened to Pepe the Frog, and Mr. Hara now feels it is happening with QR codes.
His main issue is that they are now being used for payments.
Why are QR Payments a Problem?
Hara told Japanese Newspapers in 2019 that he feels responsible for QR codes not being as secure as they need to be for digital payments. He had originally invented it to make parts easier to find for car manufacturers, way back in 1994. Nowadays, it is one of the largest facilitators of payments, with billions of people using them to transfer money to each other. The issue with them is simple – they do not tell you what information they are going to give to you in advance.
Why Should Webmasters Care?
Good webmasters do everything they can to improve the security of their site – that’s why it’s so recommended to use a website support service, as they will stay on top of security updates for their webmaster. Consumers need to trust a website completely and often don’t think twice about scanning a QR code.
The issue for webmasters is that if a hacker can get access to a website without being detected, they can simply replace a QR code that leads to incorrect payment information or to a bogus, DNS-spoofed link that immediately installs trojans on the unsuspected visitor’s computer. If this happens, the knock-on implications on a webmaster can be huge as the site starts to lose trust and traction gets reversed.
How Can Diligent Webmasters Combat the Issues?
Combatting this flaw in how QR codes operate is not an easy task, and the solution will vary on a case-by-case basis. If you use many QR codes on your site, simply checking them every day is not an option. Instead, it might be necessary to create a bot hosted on a different server, which monitors the code behind the QR code for differences and deviations. Having this automated monitoring will help to improve a site’s security by a great deal.
In other instances, a QR code preview might be appropriate. Many people are arguing for all QR codes to come with previews and a virus check. Virus checks are nowhere near perfect, especially if the hacker is coding their own trojan, but they will help to prevent a lot of hacks.
One of the most important things, however, is just to educate yourself about hacking in general. If you don’t have a dedicated website support service to monitor and update your site whenever there is a need, you should keep up to date with hack reports and new hacking techniques – if you can afford it, it might be a good idea to seek advice from a white-hat hacker too.
