Most people have seen QR codes (Quick Response Codes), although they have only been common in North America since 2006. They were invented in Japan in 1998 in order to make the inventory of automobiles easier during manufacture. They quickly became popular in other industries due to the easy of readability and the capacity for storing large amounts of data. It's interesting to note that Denso Wave, a subsidiary of Toyota, holds the patent rights to the QR code but has chosen not to exercise them. There are other patent rights on both the code and the name, QR code, so it is important for all companies using them to make sure that they are using both a standard type and one that is licensed.

The Scoop on QR Codes

As for the data that QR codes contain, please look at this very good diagram from Wikipedia. There are also different versions of QR codes. For example, Version 4, the most common today holds up to 55 characters, but soon there will be much higher versions. Already there is a Version 10 containing 174 characters and additional tracking boxes (not just the 3 that appear on the version above). Here is the new Version 40 that can contain 142 characters. How to read and use QR codes is very simple. First, download an app program for QR codes to your mobile phone equipped with a camera. There are lots of them, but RedLaser is a good one for both Apple or Android types. Blackberry users can choose QR Scanner Pro. After you follow the directions, you simply take a picture of the QR code you wish to scan, making sure you are as close as possible and without glare. Once the app has recognized the code, it will take you to the designated website on your mobile device. Here are some cautions. I'm going to quote directly from the Wikipedia article. There are now safeguards being developed to protect against these atagging (attack tagging) problems, but it's a good idea to check before you download an app.The sources for this information has all be carefully checked by Wikipedia contributors. Please refer to the original article.

Malicious QR Codes combined with a permissive reader can put a computer's contents and user's privacy at risk. This practice is known as "atagging", a portmanteau of "attack tagging." They are easily created and may be affixed over legitimate QR Codes. On a smartphone, the reader's many permissions may allow use of the camera, full internet access, read/write contact data, GPS, read browser history, read/write local storage, and global system changes. Risks include linking to dangerous websites with browser exploits, enabling the microphone/camera/GPS and then streaming those feeds to a remote server, analysis of sensitive data (passwords, files, contacts, transactions), and sending email/SMS/IM messages or DDOS packets as part of a botnet, corrupting privacy settings, stealing identity, and even containing malicious logic themselves such as JavaScript or a virus. These actions may occur in the background while the user only sees the reader opening a seemingly harmless webpage. In Russia, a malicious QR Code caused phones that scanned it to send premium texts at a fee of USD$6 each.

Unfortunately the use of QR codes has become a huge security risk for mobile phones, according to e-Cycle.

Mobile phones and tablets contain an overwhelming amount of confidential data. Sensitive emails, business contacts and passwords are all available on cell phones and pads. Making this information susceptible to hackers can be disastrous and while most people have learned to think twice before clicking on a suspicious link that was emailed to them, they do not exercise the same level of caution when it comes to QR codes. This lack of protection makes QR codes a growing risk in mobile security. Users should be aware of the mobile security risk that QR codes pose and view the website they are directed to before scanning. Various QR code applications allow the option to preview the link prior to scanning the barcode. This precaution prevents the user from scanning a code when the URL appears suspicious. Often times when a QR code is fraudulent, it will lead the user directly to a login screen. Cybercriminals use this form as a trap to retrieve personal information. In most instances, personal information should not be required when scanning a QR code. Legitimate codes will automatically complete a request or will only require contact information for subscriptions.   To view the rest of this article, click here.

Another way is to use a QR Code app that checks the codes before they are opened such as Norton Snap. If there is a "bad" code the reader program or app will notify you and advise not to open it. Businesses should also clearly state what you will see after opening a QR code. Just as with e-mail and phone calls no one should give out private information after opening up a code. Now there are programs that can change what you see when you open up a code. It is not always just the home page of a website. It can be a video, a sales page - any number of things and the site can be changed as often as every minute by the program or plugin. Google Chrome has a setting that allows you to create a QR code just by right clicking on a website. 

So that's the scoop on QR codes. It seems that QR codes as well as Bar codes are here to stay and both are very useful. Restaurants and real estate offices especially have adopted them wholeheartedly. They are easy to make and easily converted to data or directed to websites. After having lived in Japan for 15 years myself I hand it to the Japanese to have invented something so useful and small, like one of their small computers or semiconductors. By the way, QR Codes can also be used with Kanji, the lettering used by the Chinese and Japanese, so they have been completely adopted in China, even being used on subway passes and soon on passports. What's your experience with QR codes? Please leave a comment below.