QR codes have become a convenient tool in everyday life, but at the same time turned into a tool of scammers. Cybercriminals are increasingly using fake QR codes for phishing attacks, forcing users to enter personal data on fraudulent sites.
Specialists of the University of Rochester Offered a solution – self-testing QR codes with double modulation (self-Authenticating Dual-Modulated, SDMQR) capable of protecting from such threats.
New technology works due to a cryptographic signature built into QR codes. Official organizations can register their URLs in advance, and smartphones, scanning the code, will be able to instantly check its authenticity. If the code leads to a reliable source, the user will receive security confirmation. If the address is unknown, the system will warn about a possible risk.
An example of the SDMQR code (University of Rochester):
SDMQR codes look like ordinary QR codes, but instead of traditional squares, elongated ellipses are used. Modern smartphone chambers easily recognize such complex shapes. This allows you to store more data without loss of functionality.
The developers Garase Sharma and Irving Barron filed a patent for the technology and received a grant from the US National Scientific Fund to study the commercial use of SDMQR. One of the possible areas of implementation is the replacement of traditional UPC barcodes, which will allow companies to use QR codes to label goods, preserving more information in the limited packaging space.
In addition to changing the form, researchers also work on QR codes with color differentiation. Such codes will be able to direct users to several different sites, depending on the scanning conditions. Companies are interested in using SDMQR codes not only to increase safety, but also for branding packaging, reducing dependence on traditional black and white codes.