cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
dheff
Viewer

QR Codes

HI all,

 

  Just curious of the danger of using QR codes.  My current company has a survey.... I am already authenticated by a login but am required to scan a QR code to get to the survey.  Should this be a privacy / security concern on my part?

4 Replies
Caute_cautim
Community Champion

@dheff   I have found some links, which maybe useful to you on the issues with QR codes:

 

1)  https://blog.1password.com/qr-codes-cybersecurity-risks/?utm_source=google&utm_medium=cpc&utm_campai...

 

2)  https://www.computer.org/publications/tech-news/trends/qr-code-risks

 

3)  https://www.washingtonpost.com/technology/2021/10/07/are-qr-codes-safe/

 

4)  https://www.wxii12.com/article/fbi-and-cybersecurity-experts-warn-about-qr-code-privacy-and-security...

 

5)  https://www.fastcompany.com/90740485/how-qr-codes-work-and-what-makes-them-dangerous

 

These resources should give you a reasonable assessment of the issues whether they are security or privacy issues or not and what guidance you need to provide.

 

Regards

 

Caute_Cautim

 

 

CraginS
Defender I

The QR code is most likely just a URL encoded into teh graphic. You said you are logged ini, presumably to yoru company's internal network. Use a QR reader that shows you the URL without automatically going there, and inspect it.

Is the survey on an internal server in the company, or on an external survey host like SurveyMonkey? If on an external service server, you are at the mercy of the survey service's practices adn contracts.

Does teh URL appear to have a token that uniquely identifies you? You can tell by sharing the URL with a a co-worker's and comparing them. 

Even though a unique URL ID for you does impact your privacy, unless they tell you the survey is anonymous, I would expect them to knwo how each employee completes the survey.

Good luck on the detective work.

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
Cynthia859
Newcomer I

Yes, QR codes are completely free to use and can be generated in any QR code software available online, as long as the QR solution is generated as a static QR code.  HCA Rewards 401k

Caute_cautim
Community Champion

@Cynthia859It does not help certainly during the pandemic, that certain governments created QR code based passports, and then went and released all the details including the encoding within public accessible Github repositories.  From a privacy perspective, open to modification, and certainly not dependable at all.

 

Therefore infinitely open to modification and fraud.

 

Regards

 

Caute_Cautiim