Quick Response (QR) code security and threats

Abstract

The use of Quick Response (QR) codes has increased rapidly in consumer use during the last years. The increase has also attracted malicious users who tamper legitimate codes or steal personal ones. Contrary to what one would think, the security measures surrounding QR codes has not been able to keep up as well as it should have. This topic is very important in networking and cyber security as QR codes possess security risks and are not talked about that much. Previous research shows that QR codes can be used in phishing and malware download campaigns. They also show that researchers have come up with numerous own solutions to defend against these attacks. This thesis is a literature review on previous studies that focus on the attacks and security solutions surrounding QR codes. This has been done using the IEEE Xplore and ACM Digital Library databases to find the research material. Key findings of this thesis are that QR codes can be utilized to perform hard to notice attacks, and that the current mainstream applications do not possess high enough security to protect against these attacks.