Skip to content
Inherent Privacy Logo Inherent Privacy

QR Codes

Introduction

QR codes, invented in 1994, gained widespread adoption during the COVID-19 pandemic as a touchless way to access information and services. While these two-dimensional barcodes offer convenience for sharing links and data, they’ve also become tools for potential privacy violations and security threats, as users cannot easily verify their contents before scanning.

Providers

Apple Camera App

Built-in QR scanning sends data through Apple’s servers for malware checking. In 2020, researchers discovered that iOS’s QR scanner could be tricked into displaying misleading URLs, though this was later patched. The app collects metadata about scanned codes.

Google Lens

Google’s scanning tool analyzes QR contents and integrates with search history. In 2022, privacy researchers found that Lens was sharing scanning data with Google’s advertising systems. The service retains history of scanned codes unless manually deleted.

Kaspersky QR Scanner

Security-focused scanner that checks URLs against known threats. However, in 2021, concerns arose about the company’s data collection practices and potential ties to foreign governments. The app requires significant permissions for full functionality.

Open-Source Scanners

Apps like Binary Eye offer transparent, privacy-focused alternatives. These scanners process QR codes locally without sending data to remote servers, though they may lack advanced security features found in commercial options.

Recommendations

  1. Use trusted QR code scanning apps with privacy features
  2. Verify URLs before visiting linked websites
  3. Be cautious of QR codes in public places
  4. Limit app permissions for QR scanners
  5. Consider manual input for sensitive information
  6. Keep scanning apps updated for security patches

Actions

  • Install a privacy-focused QR code scanner
  • Review and restrict scanner app permissions
  • Clear QR code scanning history if available
  • Enable URL preview before opening links
  • Update your QR scanning apps
  • Remove unnecessary QR scanner apps
  • Consider using offline scanners for sensitive codes