QR Codes are becoming more ubiquitous in a post-covid world. But, what does this mean from a security perspective?
The Rise of QR Codes
There is no denying that QR codes have become a part of daily life since the coronavirus pandemic. Mobile devices have become imperative and even the non tech-savvy have been forced to switch to digital. Whether in the role of consumer or employee, these codes have become a necessity. This means that people are connecting their devices with other devices, applications and services in a way they never have before. In a new study by MobileIron, 64% of respondents stated that QR codes make life easier in a touchless world.
QR’s Role in the Switch to Digital
84% of respondents have scanned a QR code before. 32% of this figure report using the codes in the past week and 26% at least in the past month. Over the past six months, 38% of respondents have scanned a QR code at a restaurant bar or cafe. There has also been high usage of QR codes at retailers (37% of respondents) and on a consumer product (32%).
Welcoming QR with Open Arms
Many of the respondents are “team QR”. In fact over half of respondents (53%) want to see this method used more broadly in the future. Nearly half of respondents (43%) plan to use QR as a payment method soon. A similarly high figure (40%) would vote using a QR code in the mail if this became an option.
The Dark Side of QR
Despite the positive side of QR codes there is a part that is still poorly understood by many. For example, 71% of respondents reported not being able to distinguish between a legitimate or malicious QR code. Around half of the respondents (51%) have privacy, security or financial concerns – and rightly so. Hackers are capitalising on the shift to QR and increasingly targeting mobile devices with sophisticated attacks.
Security Risk
While most respondents (67%) are aware that QR codes can open a URL, they are less aware of the other actions that QR codes can initiate. Yet, mobile devices are an easy target for hackers. Mobile user interface prompts users to take immediate actions with limited available information. Additionally, mobile users are often distracted, making it easier to fall victim to an attack.
