QR code security risks
If you use QR codes, be sure you’re cognizant of the potential security risks.
QR codes are a highly convenient way to link a physical object to a URL. Point your phone’s camera at the 2D barcode and you’re instantly taken to a website.
That’s something which can have security consequences, as mobile guru Terence Eden explains.
Recently, Islington Council in London has partnered with Verrus to bring mobile phone payments to car parking.
It’s a really simple way to improve paying for parking - but it does leave open some fairly serious security risks.
Initial impressions
Islington Parking QR CodeThe QR codes being used by Islington Council are fairly clearly displayed on the side of the parking meters - but there is no printed call to action.
Which raises the question - what does scanning the code do?
From a practical point of view, would anyone scanning the code know that it allowed them to pay with their phone?
From a security point of view, does the QR code belong to the parking company? Could someone malicious have stuck this code onto the machine?