Mobile marketers love these barcodes , but as consumers embrace them, unscrupulous efforts grow.
It’s difficult to open a magazine or a flyer, these days, without seeing QR codes in all of the adds, but just as their popularity grows, so does their attractiveness to unethical individuals who would take advantage of this opportunity to cause harm.
These little black and white codes may look simple enough, but they may now pose an underlying threat.
It took quite a while for consumers to start to feel the enthusiasm for QR codes that mobile marketers have felt from the start. This has meant that individuals who would seek to use them for harmful purposes have left them alone for quite some time. But as the scanning trend continues to grow, so have the hazards associated with the activity.
Malicious QR codes have started to pop up here and there now that the technology has become commonplace.
Though it is still rare for malicious QR codes to appear, they have started showing up on occasion, and their impact can be quite damaging. This is because there are far more mobile device users that have barcode scanners than there are those who have protection against the type of attack that a tainted scan could present.
QR codes are meant to make it easy to redirect a device user to an app or a website to provide information, generate a download, view a video, or even to help buy a product or make a charitable donation. However, when a permissive reader app has been used, even a seemingly harmless scan could place the user’s privacy at risk.
The most common strategy that is used in order to encourage malicious barcode scans is simply to place a sticker with the harmful code overtop of the legitimate square. Therefore, one of the best efforts that a device user can make to protect his or her security is simply to double check that the QR codes they scan are printed directly onto materials from companies that they trust, and aren’t printed onto a sticker. Downloading a scanner app with built in protection is also a highly recommended activity.
The think tank has raised considerable concerns regarding consumer safety and security.
In 2012, a geolocation privacy bill by Senator Al Franken (D-Minnesota) was approved by the Senate Judiciary Committee, in order to provide the users of smartphones with a greater degree of control over the way that their data is controlled.
However, the Information Technology and Innovation Foundation feels this legislation is problematic.
The law that was proposed would make it necessary for app developers to require users to specifically opt in to programs that would allow for the collection or disclosure of geolocation data. It would no longer be permitted for apps to automatically select that option, so that users would need to actively opt out if they did not wish to share their information in that way.
The geolocation data was not being protected by the companies that collected it, said Franken.
According to the senator, the “Companies that collect our location information are not protecting it the way they should.” At that time, he made reference to a number of errors and blunders regarding privacy, which had drawn considerable media attention. This included reports that Android and iPhone devices were sending the geolocation data of their users to Google and Apple.
Not to mention the CarrierIQ fiasco. That company was a part of a high profile discovery in 2011, when the researcher demonstrated that its software was capable of logging the keystrokes that were made on smartphones.
While it is Franken’s intention to reintroduce the geolocation privacy bill in 2013, Information Technology and Innovation Foundation (ITIF), a think tank, is openly arguing that this proposed law may not encourage positive changes. In fact, it called the legislation “particularly problematic for apps that are supported by location-based advertising.”
It explained that the bill, which was designed to protect a user’s privacy in the face of geolocation technology and use, would require a user to have to give consent every time the app intends to work with a new ad network. This, they say, would generate awkward consumer notices. The think tank’s behaviors in the past have not indicated that they are adverse to advertising techniques such as pop-ups, which they recently used to state that they were rejecting do-not-track requests.
