Loading…
Usable security for QR code
QR codes are widely used in various settings such as consumer advertising, commercial tracking, ticketing and marketing. People tend to scan QR codes and trust their content, but there exists no standard mechanism for providing authenticity and confidentiality of the code content. Attacks such as th...
Saved in:
Published in: | Journal of information security and applications 2019-10, Vol.48, p.102369, Article 102369 |
---|---|
Main Authors: | , , |
Format: | Article |
Language: | English |
Subjects: | |
Citations: | Items that this one cites Items that cite this one |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | QR codes are widely used in various settings such as consumer advertising, commercial tracking, ticketing and marketing. People tend to scan QR codes and trust their content, but there exists no standard mechanism for providing authenticity and confidentiality of the code content. Attacks such as the redirection to a malicious website or the infection of a smartphone with a malware are realistic and feasible in practice. In this paper, we present the first systematic study of usable state-of-the-art cryptographic primitives inside QR codes. We select standard, popular cryptographic schemes and we compare them based on performance, size and security. We conduct tests that show how different usability factors impact on the QR code scanning performance and we evaluate the usability/security trade-off of the considered cryptographic schemes. Interestingly, we find out that in some cases security breaks usability and we provide recommendations for the choice of secure and usable cryptographic schemes. |
---|---|
ISSN: | 2214-2126 |
DOI: | 10.1016/j.jisa.2019.102369 |