QR Codes Come with Inherent Security Risks

QR codes used for mobile marketing may expose customers to security breaches. A few simple precautions taken by both businesses and customers will guarantee safety and transaction security.

QR codes are one of the most appealing mobile marketing strategies in today's world of advertising. However, some entities use these codes for malicious purposes. Businesses and customers should not hesitate to take advantage of this remarkable communication method. However, both entities need to take precautions that will ensure the protection of customer information.

Malicious QR codes may be used to connect customers to phishing websites. Also, malicious QR codes may connect customers to malware. One story of QR code malware involves a customer who tried to download an application from a website given by a QR code. The website instead directed the customer's smart phone to send numerous text messages to a fraudulent text message service. For each text, the customer was charged several dollars.

How Businesses Can Protect Their Customers

--Alert customers about what they should expect when using a QR code. Some text adjacent to the code should tell customers if they will be directed to a coupon or to a website. When customers know what to expect, they will be suspicious if they are directed somewhere different.

--Use a short domain. The domain used for the connected website should be short enough to fit on the screen of the customer's smart phone. Short domains make customers feel more confident about visiting a website.

--Use security to protect online transactions. Hypertext Transfer Protocol with Secure Sockets Layer technology, or HTTPS, will help to keep online transactions safe. If the website connected to the QR code will require customers to input sensitive information, then HTTPS should be used.

How Customers Can Protect Themselves

--Preview the connection. Many smart phone apps provide not only the ability to scan a code but also the ability to preview the connected webpage. Customers should install these apps so that they can always see where their browser is pointed. If the website looks suspicious (spelling errors, grammatical mistakes, etc.), then customers should not click because the site could be a phishing site.

--Back up smart phone information. Usually, smart phone information is always backed up anytime the user connects the phone to a computer. However, some users don't make a habit of regularly syncing their information to their PCs. If a malicious website destroys smart phone information, then consumers will be able to replace the information as long as they have a backup source.

--Use caution when banking or conducting transactions on a smart phone. Smart phones may store a variety of sensitive contact and financial information. Not only hackers but also pickpockets may get access to that information if a smart phone is penetrated or stolen. Even someone looking over a user's shoulder can read credit card information in a public place.

QR codes provide a dynamic opportunity for both companies and businesses. With just a few precautions, businesses will protect customer information, and customers will protect their smart phone against malicious attacks.