Free Essay

Qr Code Security

In: Computers and Technology

Submitted By prodeano
Words 4675
Pages 19
QR Code Security
Peter Kieseberg, Manuel Leithner, Martin Mulazzani, Lindsay Munroe, Sebastian Schrittwieser, Mayank Sinha, Edgar Weippl
SBA Research Favoritenstrasse 16 AT-1040 Vienna, Austria

[1stletterfirstname][lastname]@sba-research.org ABSTRACT
This paper examines QR Codes and how they can be used to attack both human interaction and automated systems. As the encoded information is intended to be machine readable only, a human cannot distinguish between a valid and a maliciously manipulated QR code. While humans might fall for phishing attacks, automated readers are most likely vulnerable to SQL injections and command injections. Our contribution consists of an analysis of the QR Code as an attack vector, showing different attack strategies from the attackers point of view and exploring their possible consequences.

Figure 2: QR Code cards, public transport vehicles, etc. Indeed, this mechanism has a vast number of potential applications [4, 1, 2, 13, 9]. For instance, the sports brand Umbro have embedded QR codes into the collars of England football shirts, sending fans to a secret website where prizes can be won. In this paper, we explore the structure and creation process of QR codes as well as potential attacks against or utilizing QR codes. We give an overview of the error correction capabilities and possible ways to alter both error correction data and payload in order to either modify or inject information into existing codes. Furthermore, we explore numerous vectors that might enable an attacker to exploit either the user’s trust in the content embedded in the code or automated processes handling such codes. Our main contributions are: • to outline possible modifications to different parts of QR Codes such as error correction codes or masking, • to describe resulting attack vectors, both against humans (e.g. phishing attacks) and automated processes (e.g. SQL injections).

1. INTRODUCTION
A QR (“quick response”) code is a two dimensional barcode invented by the Japanese corporation Denso Wave. Information is encoded in both the vertical and horizontal direction, thus holding up to several hundred times more data than a traditional bar code (Figure 1). Data is accessed by capturing a photograph of the code using a camera (e.g. built into a smartphone) and processing the image with a QR reader.

Figure 1: Barcode QR Codes (Figure 2) have rapidly gained international popularity and found widespread adoption, especially in Japan where its ability to encode Kanji symbols by default makes it especially suitable. Popular uses include storing URLs, addresses and various forms of data on posters, signs, business

2. BACKGROUND
QR Codes [11] have already overtaken the classical barcode in popularity in some areas. This stems in many cases from the fact that a typical barcode can only hold a maximum of 20 digits, whereas as QR Code can hold up to 7,089 characters. Combined with the diversity and extendability offered, this makes the use of QR Codes much more appealing than that of barcodes. Statistically, QR Codes are capable of encoding the same amount of data in approximately one tenth the space of a traditional bar code. A great feature of QR Codes is that they do not need to be scanned from one particular angle, as QR Codes can be read regardless of their positioning. QR codes scanners are capable of determining the correct way to decode the image due to the

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. TwUC’10, 8-10 November, 2010, Paris, France.

three specific squares that are positioned in the corners of the symbol and the alignment blocks. QR Codes were initially used by vehicle manufacturers for tracking parts. After a while, companies began to see the variety of different use cases for QR Codes. The most popular commercial use for QR Codes is in the telecommunications industry, where the increasing adoption of smartphones seems to be the biggest driver of their popularity [13, 5, 6]. With the technology of mobile phones constantly evolving, especially in the area of mobile internet access, QR Codes seem to be an adequate tool to quickly and efficiently communicate URLs to users. This also allows offline media such as magazines, newspapers, business cards, public transport vehicles, signs, t-shirts or any other medium that can accept the print of a QR Code to be used as carriers for advertisements for online products [7].

• Alignment Patterns (4): Alignment Patterns support the decoder software in compensating for moderate image distortions. Version 1 QR Codes do not have Alignment Patterns. With growing size of the code, more Alignment Patterns are added. • Format Information (5): The Formation Information section consists of 15 bits next to the separators and stores information about the error correction level of the QR Code and the chosen masking pattern. • Data (6): Data is converted into a bit stream and then stored in 8 bit parts (called codewords) in the data section. • Error Correction (7): Similar to the data section, error correction codes are stored in 8 bit long codewords in the error correction section. • Remainder Bits (8): This section consists of empty bits if data and error correction bits can not be divided into 8 bit codewords without remainder. The entire QR Code has to be surrounded by the so-called Quiet Zone, an area in the same color shade as white modules, to improve code recognition by the decoder software.

2.1

QR Codes

QR Codes consist of different areas that are reserved for specific purposes. In the following we refer to version 2 of QR Codes (Figure ??), because version 1 does not contain all patterns.

2.2 Capacity and Error correction code
The capacity of a QR Code depends on several factors. Besides the version of the code that defines its size (number of modules), the chosen error correction level and the type of encoded data influence capacity. • Version: The 40 different versions of QR Codes mainly differ in the number of modules. Version 1 consists of 21x21 modules, up to 133 (lowest error correction level) of which can be used for storing encoded data. The largest QR Code (Version 40) has a size of 177x177 modules and can store up to 23,648 data modules. • Error Correction Level: Error Correction in QR Codes is based on Reed-Solomon Codes [14], a specific form of BCH error correction codes [3, 8]. There are four levels (Table 1) of error correction that can be chosen by the user at creation time. L M Q H 7% 15% 25% 30%

Figure 3: Structure of QR Code Version 2 • Finder Pattern (1): The finder pattern consists of three identical structures that are located in all corners of the QR Code except the bottom right one. Each pattern is based on a 3x3 matrix of black modules surrounded by white modules that are again surrounded by black modules. The Finder Patterns enable the decoder software to recognize the QR Code and determine the correct orientation. • Separators (2): The white separators have a width of one pixel and improve the recognizability of the Finder Patters as they separate them from the actual data. • Timing Pattern (3): Alternating black and white modules in the Timing Pattern enable the decoder software to determine the width of a single module.

Table 1: Error Correction Levels Higher error correction levels increase the percentage of codewords used for error correction and therefore decrease the amount of data that can be stored inside the code. • Encoded Data: QR Code can use different data encodings (see Section 3.2.2 for detailed information on character encoding modes). Their complexity influences the amount of actual characters that can be stored inside the code. For example, QR Code Version 2 with lowest error correction level can hold up to 77 numeric characters, but only 10 Kanji characters.

3. 3.1

SECURITY OF QR CODES Threat Model

One can distinguish two different threat models for manipulating QR Codes. First, an attacker may invert any module, changing it either from black to white or the other way round. Second, a more restricted attacker can only change white modules to black and not vice versa.

3.1.1

Both colors

The easiest approach for attacking an existing QR Code is by generating a sticker containing a QR Code with the manipulated QR Code in the same style as the original QR Code and position it over the code on the advertisement. Of course this would either require some preparation or a mobile printer and design applications for a mobile device. At least when attacking on a large scale against one chosen target, the time needed for preparation should not pose a serious limitation. Since this attack is trivial, we have decided to exclude it from the scope of this paper. However, we believe that using this method in an attack against a real-world advertisement is a viable option for large-scale attacks.

Figure 4: Effects of masking Mask Pattern 000 001 010 011 100 101 110 111 Condition (i + j) mod 2 = 0 i mod 2 = 0 j mod 3 = 0 (i + j) mod 3 = 0 ((i/2) + (j/3)) mod 2 = 0 (ij) mod 2 + (ij) mod 3 = 0 ((ij) mod 2 + (ij) mod 3) mod 2 = 0 ((ij) mod 3 + (ij) mod 2) mod 2 = 0

3.1.2

Single color

In this case we restrict ourselves to the modification of a single color only. The background for this restriction lies in the scenario of an attacker seeking to modify a single poster on the fly just by using a pen (thereby reducing the possible modifications to changing white modules to black). This restriction is the basis for the attacks further outlined throughout this paper.

3.2

Attacking different parts

Table 2: Mask Pattern References and conditions

Since QR Codes contain a lot of different information, including meta information on version, maskings and source encoding, several different regions exist that can be targeted either individually or in combination.

3.2.2

The character encoding (mode)

3.2.1

The masks

There are several different source encodings (Table 3) specified for the information contained in the code, thereby maximizing the capacity in exchange for increased complexity: • Numeric mode (just encoding digits, thus being able to pack a lot of data in one picture), • Alphanumeric mode (a set of characters containing upper case letters and several additional characters like $ or whitespace), • 8-bit mode (able to encode the JIS 8-bit character set (Latin and Kana) in accordance with JIS X 0201) or • Kanji characters (Shift JIS character set in accordance with JIS X 0208 Annex 1 Shift Coded Representation) to name the most popular. The character encoding itself is defined at the start of the data part by the leading 4 bits. The following table gives an overview on the possible values for the mode: Changing the mode indicator gives the encoded data a whole new meaning. Especially when considering 8-bit Byte mode instead of other modes, or even alphanumeric mode instead of e.g. Numeric mode, launching code injections (e.g. SQL injections) could become feasible (8-bit mode even allows for even more complex tricks using control characters).

Masks are used to generate QR Codes with a good distribution of black and white modules (close to 50:50 and distributed well over the whole code). This increases the contrast of the picture and thus helps devices to decode it. According to the standard, when generating a QR Code, every mask of the 8 specified ones is applied and each result is rated. The mask that results in the best distribution according to the rating is chosen (the effect of using correct masks can be seen in Figure 4. The bar before shows the number of white and black elements before any masking was applied, after the numbers after the best masking was used). There is always only one mask in use in a given QR Code, it is encoded together with the version in a separate block of the code using strong BCH encoding. In the conditions in Table 2, i refers to the row position of the module and j to its column position. The mask is black for every module the condition is valid for and white for the rest. Targeting the mask can change quite a lot in the whole data and error correction part, still, this can be a useful basis for additionally applying other methods. A problem when changing the masking is that it is encoded separately, utilizing a strong error correction algorithm.

indicator 0001 0010 0100 1000 0011 0101 1001 0000

mode Numeric mode Alphanumeric mode 8-bit Byte mode Kanji mode Structured append FNC1 (first position) FNC1 (second position) Terminator

3.2.4

Mixing modes

It is possible to use several different modes within one QR Code (this is especially useful to increase density when encoding different types of data). To achieve this, several data segments with their own mode indicators and character count indicators simply get concatenated (see figure 5). Again, we can identify four approaches of utilizing this feature of QR Codes for attacks: • Changing modes of segments: This works like an attack on the mode of a QR Code that does not use mixed modes, but is reduced to one segment only, thus leaving other parts of the data untouched. • Inserting new segments: Split an existing segment into two new segments, one with the old header (mode indicator and character count indicator) and one with a newly defined header. • Deleting existing segments: Overwrite the space used by the mode indicator and the character count indicator of the segment with additional data, thus reducing the number of segments. Additionally the character count indicator of the segment before can be changed to allow the data of the deleted segment to be appended. • Structured Append: The structured append mode allows for the concatenation of up to 16 QR Code symbols, so a lot of data can be stored in this sequence of QR Codes. It is designed in a way that decoding is independent from the order the symbols are read. The basic idea of exploiting this lies in adding such a segment that points to another QR Code that is stuck right beneath the original one. However, this attack requires stickers prepared in advance, making it less practical (it is far more work than just putting a prepared sticker on top of the original QR Code, especially since the structured append mode is quite complex). The main problem with all attacks against the mode (especially insertion and deletion of segments) is that they usually have a very high impact on the error correction codewords. Probably this attack can be used in combination with an attack on the error correction part itself. Changing modes of existing segments should be attempted to be combined with color changes in the data section (and of course the error correction part), since it could be a valuable aid in case there are not enough white modules left for changing (remember that, as a prerequisite, we only consider changing one color to the other without the possibility to do the reverse). Also changing modes like numeric and alphanumeric to 8-bit would suddenly allow for unprintable control characters like delete (Figure 5).

Table 3: Mode indicators An advanced attack against the mode can be mounted by mixing different modes in one QR Code (see the section below).

3.2.3

Character Count Indicator

Right after the mode indicator, the next bits indicate the character count of the data that follows. The actual size of the character count indicator largely depends on the mode in use and the version of the QR Code (higher versions contain more data, thus the character count indicator is longer). See the table below for lengths for the most popular modes (Table 4).

Version 1-9 10-26 27-40

Numeric 10 12 14

Alphanumeric 9 11 13

8-bit 8 16 16

Kanji 8 10 12

Table 4: Length of character count indicator

Looking at this target we see two main approaches for an attack: Producing buffer overflows or buffer underflows. • Buffer underflow: We change the character count indicator to resemble a lower number than in the original QR Code. Thus, a decoding device should only decode the first few letters as message, leaving out the rest. This is especially useful in case the original link that was encoded contained suffixes. Since the size of the data part is fixed, everything after the anticipated number of bytes is either seen as a new segment (see mixed modes), or (in case of a terminator mode indicator) as filler. Since this is only a minor change in the data part (only the length is changed), this should in turn result in only a minor change in the error correction values and might still be decodable. Special attention should also be paid to a possible combination of this attack with other targets in case mixed modes are used. • Buffer overflow: We change the character counter indicator to a higher number, so the decoding device tries to decode parts of the filler as data (if we can even change the filler we gain valuable space for including additional data). Again, one of the drawbacks of this method lies in the error correcting (and especially error detecting) abilities of the Reed-Solomon-Code. It would be especially interesting to try to launch a code injection attack using this method.

3.2.5 Data part and error correction
The largest part of a QR Code is made up of the parts containing data and error correction codewords. The data part itself can consist of segments using several different encodings, each with its own header specifying the mode in use and the length of the data following (see subsections on modes above). For a given version and error correction level, the part in the QR Code that represents the data codewords and the part representing the error correction codewords can be defined easily without decoding, since the length of the data

Figure 5: Message containing several modes part is not depending on the actual length of the data (the data is filled up with padding patterns to the full length). For the position of the data part, please look at Figure 3 in Section 2. The exact length of the data part can be derived from the standard. By design, any changes in the underlying data directly reflect on both the data and the error correction part. The Reed-Solomon encoding is able to detect several changes in either the data or the error correction part and provides decoding to the original message even after a moderate number of modifications/errors have been introduced, i.e. if Qi denotes the 100% correct QR Code for message Mi , then a QR Codes Qi with only minor deviations to the original code Qi can still be decoded back to Mi . This feature, while designed to protect the integrity of the code as much as possible, serves as an important prerequisite for our attack: We don’t need to change the meaning of the original QR Code Qi to exactly match the QR Code Qj , i = j containing our manipulated QR Code Mj , we just need to reach a code Qj that is decoded to the same message. In traditional computer security, this is analogous to a NOP sledge. Figure 6 illustrates the outline of this attack. The green circles denote QR Codes representing exact messages (i.e. containing no errors), the blue circles the set of erroneous QR Codes that get decoded to the same message due to the error correcting features of the Reed-Solomon code. F denotes the set of QR Codes that get detected as incorrect by the encoding but can’t be corrected.

4.1 Attacking Automated Processes
As QR Codes are a standardized way of encoding information we strongly believe that the majority of software developers do not treat the encoded information as possibly insecure input. As described in detail in the previous section, different parts of the QR Code could be manipulated in order to change the encoded information. Depending on the programs that process the encoded information, whether this would be in logistics, public transportation or in a fully automated assembly line, attacks on the reader software as well as the backend are theoretically possible. Without proper sanitation this could by used by an adversary for the following, non-exhaustive list of attacks. Similar attacks using RFID chips and SQL injections have been shown to be very effective [15], as input sanitation was not employed in these examples. • SQL injection: We believe that many automated systems store and process the encoded information in a relational database. By appending a semicolon followed by a SQL query like ;drop table to the encoded information, manipulations to the backend database are possible (provided the DBMS allows for multiple queries in a single line). This would delete the table specified in the command, resulting in a denialof-service attack. More specific attacks may include adding a user, executing system commands (e.g., by using the stored procedure xp_cmdshell on Microsoft SQL Server), or altering data such as prices or passwords within the database. • Command injection: If the encoded information is used as a command line parameter without being sanitized, this could be easily exploited to run arbitrary commands on behalf of the attacker, which may have disastrous consequences for the security of the operating system e.g., installing rootkits, DoS, or connecting a shell to a remote computer under the control of the attacker. • Fraud: Changes to the automated system can be used to commit fraud, by tricking the system e.g., into believing that it processes a cheap product A while processing the more expensive product B.

Figure 6: Attacking data codewords

4.2 Attacking Human Interaction 4. QR CODES AS ATTACK VECTORS
We believe that manipulated QR Codes can be used for a plethora of attacks. Depending on whether the reader is a human or an automated program (e.g., in logistics), different scenarios are possible and outlined in this section. Humans can not read the code without a reader software, the information stored within the code is completely obfuscated. But by reading the manipulated QR code, a vulnerability in the reader software or the browser might get triggered. • Phishing and Pharming: If QR Codes are used for links in augmented reality scenarios, an attacker might

set up a fake website and redirect users by changing the QR Code. This is dangerous if some form of credentials are needed to access the website. The user has no possibility to verify that the link is not modified. • Fraud: QR Codes are often used in advertisements to direct the target audience to special offers or additional information about specific products. If the QR Code can be manipulated to redirect the user to a cloned website, an adversary could sell the solicited product without ever fulfilling the contract. The victim implicitly trusts the advertising company by following the link. • Attacking reader software: Different implementations of the reader software on computers or cell phones might be attackable via command injection or traditional buffer overflows if the encoded information is not sanitized. An attacker might gain control over the entire smartphone, including contact information or the victim’s communication content like Email or SMS. • Social engineering attacks: Building on these attacks, more specific attacks like spear phishing or other variants of social engineering are enabled, depending on the goal of the attacker. Leaving a poster of a QR Code on the parking lot of a company (instead of the traditional attack with an USB drive) offering discount in a nearby restaurant is a new attack vector which is likely to be successful.

codes. This especially holds true if proper input sanitization is not performed prior to processing the contained data.

6. REFERENCES
[1] H. S. Al-Khalifa. Utilizing qr code and mobile phones for blinds and visually impaired people. In ICCHP, pages 1065–1069, 2008. [2] A. Alapetite. Dynamic 2d-barcodes for multi-device web session migration including mobile phones. Personal and Ubiquitous Computing, 14(1):45–52, 2010. [3] R. Bose and D. Ray-Chaudhuri. On a class of error correcting binary group codes*. Information and control, 3(1):68–79, 1960. [4] M. Canadi, W. H¨pken, and M. Fuchs. Application of o qr codes in online travel distribution. In ENTER, pages 137–148, 2010. [5] J. Gao, V. Kulkarni, H. Ranavat, L. Chang, and H. Mei. A 2d barcode-based mobile payment system. In MUE, pages 320–329, 2009. [6] J. Z. Gao, L. Prakash, and R. Jagatesan. Understanding 2d-barcode technology and applications in m-commerce - design and implementation of a 2d barcode processing solution. In COMPSAC (2), pages 49–56, 2007. [7] J. Z. Gao, H. Veeraragavathatham, S. Savanur, and J. Xia. A 2d-barcode based mobile advertising solution. In SEKE, pages 466–472, 2009. [8] A. Hocquenghem. Codes correcteurs dˆAZerreurs. a˘ ´ Chiffres, 2(147-156):4, 1959. [9] Y.-P. Huang, Y.-T. Chang, and F. E. Sandnes. Ubiquitous information transfer across different platforms by qr codes. J. Mobile Multimedia, 6(1):3–14, 2010. [10] ISO 16022:2006. Data Matrix bar code symbology specification. ISO, Geneva, Switzerland. [11] ISO 18004:2006. QR Code bar code symbology specification. ISO, Geneva, Switzerland. [12] ISO 24778:2008. Aztec Code bar code symbology specification. ISO, Geneva, Switzerland. [13] S. Lisa and G. Piersantelli. Use of 2d barcode to access multimedia content and the web from a mobile handset. In GLOBECOM, pages 5594–5596, 2008. [14] I. Reed and G. Solomon. Polynomial codes over certain finite fields. Journal of the Society for Industrial and Applied Mathematics, 8(2):300–304, 1960. [15] M. R. Rieback, B. Crispo, and A. S. Tanenbaum. Is your cat infected with a computer virus? In PERCOM ’06: Proceedings of the Fourth Annual IEEE International Conference on Pervasive Computing and Communications, pages 169–179, Washington, DC, USA, 2006. IEEE Computer Society.

4.3

Further Research

The possibilities for attacks proposed in this paper open up a quite large field for further research. The main target lies in the accurate analysis and practical application of one or more of the outlined attacks on a given target. Furthermore, it should be investigated which parts of a QR Code are the easiest to attack, and what countermeasures can be taken to thwart attacks like the ones proposed in this paper. In even more general terms, it would be very interesting to find metrics that can be used to measure the vulnerability of QR Codes depending on a given type of attack outline and with respect to characteristics like black/white-distribution, version, masking, etc. Last but not least, other 2D-Codes such as Aztec [12] or DataMatrix [10] need to be analyzed in the same way to identify possible attack vectors and find suitable countermeasures.

5. CONCLUSION
In this paper we outlined the dangers of possible attacks utilizing manipulated QR Codes. Since QR Codes gain increasing popularity through their use for marketing purposes, we expect that this kind of attack will receive more and more attention by the hacking community in the future. Furthermore, many mobile devices (e.g., smartphones) at present are able to decode QR Codes and access the URLs contained in them. This adds a new dimension to the topic of trust, especially since most users are not security-conscious enough when using their mobile phones (which also enables the use of novel phishing techniques). In addition to phishing, a multitude of other attack methods, both against humans and automated systems, might be performed using QR

Similar Documents

Premium Essay

We Can, but Should We?

...patient information with the use of quick response, or QR codes. These codes are placed on stickers, bracelets, and cards for wallets. When paramedics scan the QR code, they gain access to the patient’s health profile, which contains basic personal information, allergies, medications, and emergency contacts. With instant access to this vital information, medical errors are reduced, and the time that they would otherwise spend obtaining this information is cut. Some people believe that this is a wonderful advancement, and it “could benefit so many folks” (Davis), while others are concerned and skeptical about this new technology. Benefits One advantage of utilizing QR codes in emergency response situations is the shortened time spent obtaining vital patient health information. By cutting down time, paramedics are able to make treatment decisions more quickly. “Every second counts during medical emergencies, and quick access to medical information can be the difference between life and death” (Rich). Immediate access to the individuals medical data will allow for more accurate and effective health interventions. Another convenience to quick response codes is the reduced risk of medical errors. Medical mistakes are one of the leading causes of death in the United States. According to a report by the Institute of Medicine, a “reasonable estimate” is that medical mistakes now kill around 200,000 Americans every year( Gupta). With QR...

Words: 1446 - Pages: 6

Free Essay

Qr Code Usage

...Running head: QR CODES: WE CAN BUT SHOULD WE 1 We Can but Should We? QR Code Usage Kaesha D. Lynch Chamberlain College of Nursing QR CODES: WE CAN BUT SHOULD WE 2 We Can but Should We? QR Code Usage What are QR codes? How are they used? The appearance of cube-like encrypted codes, known as QR(Quick Response)codes are conveniently placed in advertisements on trains, buses, newspapers, magazines, business cards, and flyers to quickly upload information via smartphones, laptops, and tablets making information accessible to the population. A QR code is a type of two-dimensional bar code or UPC label that is used to provide easy access to information through a smartphone with a camera and software application. These codes are an advanced form of a barcode that can store over a vast amount of text information. QR codes have become somewhat popular in today’s fast- paced society due to the rapid transmission of information. Companies such as LifeSquare, ID Amber, and ScanMedQR.com utilize QR codes by storing personal information making it accessible to First Responders in case of an emergency. These codes have both advantages and disadvantages. Lifesquare provides the convenience of having the encrypted QR code in sticker form that can be placed on multiple personal items and locations such as wallets, cards, bags, and refrigerators. Lifesquare is the first emergency health information company to integrate with local emergency response. Authorized......

Words: 1223 - Pages: 5

Free Essay

Qr Codes

...list I compiled of positives and negatives concerning QR codes. Pros Easy to make. All you really need is a free QR code generator, and there are plenty of them floating around the Internet. Cost effective. Since most of the QR code generators are free, making the actual codes is inexpensive. The cost of printing materials can also remain relatively low, since they can be used on business cards or stickers. Stores can print their QR codes in ads, which they already invest money into. Anyone can make a QR code. Saves paper. People can scan a QR code to do things like enter contact information or store a coupon on a cellphone. Instead of having to carry paper coupons, people can just scan a QR coupon and have it available in their phone. Very quick transfer of information. Since the advent of DSL internet and now the 4G network for cellphones, people have gotten very used to getting information very quickly. Relatively small in size. This makes the codes great to put on business cards, in a corner of an ad, somewhere on a coupon, or anywhere there is a small bit of space. These codes can be made much smaller than the information they contain. So instead of placing a long, ugly, URL, on an advertisement or resume, simply place a small QR code. Cons Potential for over usage. Marketers should be aware that placing a QR code absolutely everywhere can be overkill. Reputation issues. Many people are making their QR code that link to social media, such as Facebook. This......

Words: 500 - Pages: 2

Free Essay

Novel Educational Information System for Holy Quran Using Qr Codes

...Infrastructure 2014), May 13-15, 2014 Amman, Jordan Paper Code. No. 1569888215 Novel Educational Information System for Holy Quran Using QR Codes 1King 2Jordan Heider A. Wahsheh1, Yarub A. Wahsheh2, Reem A. Wahsheh3 Khalid University/ College of Computer Science, Computer Science Department Abha, Saudi Arabia heiderwahsheh@yahoo.com University of Science and Technology / CIT Faculty, Network Engineering & Security Department Irbid, Jordan y_wahsha@yahoo.com 3Yarmouk University / Faculty of Education, Department of Curriculum and Instruction Irbid, Jordan reem_ahmad_wahsha@yahoo.com ABSTRACT Quick Response Code (QR code) is a matrix barcode that can be read using smart phones, increasingly used in education, industry, virtual stores, product tracking, item identification and advertising. In educational fields a collection of resources can be encoded using QR codes, mobile devices can be used as an effective educational tool in the classroom. It can contain additional resources supporting multimedia, URLs and other related information. One special type of education is the Holy Quran learning. In this paper we propose novel educational information system that attaches QR code labels to each page in the Holy Quran, with specific proposed structure to help in Holy Quran education, linking the hard copy pages to audio streaming links, translation, interpretation and other related information. QR codes can contain control data and......

Words: 2218 - Pages: 9

Premium Essay

Student

...Maria Rodriguez Colorado University Introduction Medical Economics, a QR code is a two dimensional bar code holding the same information but in a smaller space. QR stands for quick response and was created by a Japanese corporation Denso-Wave in 1994. (Medical Economics, June 25, 2012). The use of the QR code is revolutionizing technology that can be used to provide personal health records for patients, link to online resources and track inventory in offices. In this scenario, the residents of Marin County, California whose population mostly consists of the elderly have heard about a pilot study, but are skeptical about this new “fangled technology”. This population is concerned on whether or not they should participate in this study and have many questions that need answers. The purpose of this research is to help this population understand the advantages and disadvantages of participating in this study, to determine whether or not the use of QR codes and stickers offer promise in emergency situations, and to help this population make the best educated decision. Body The use of technology has come to increase patient safety and quality of care and through the use of QR coding is making information more accessible to people making it easy to be retrieved from any smartphone. The use of QR codes has its advantages and disadvantages. For example, one of the advantages of using QR codes in healthcare is that they get their patients involved in their health......

Words: 968 - Pages: 4

Premium Essay

Introduction to Information Management

...Introduction to Information Management IST621 Summer 2014 Research and Reflection on IM Success and Failure Syracuse University School of Information Studies Dexi Kong Success case #1: Yo, an English slang is now the name of a widely successful app. How it works? Nothing but sending “Yo” to your friends--Stupid but simple. The app, which debuted in April, has been downloaded two million times, according to Or Arbel, the chief executive. "We Yo with co-workers alerting them that a meeting is starting; I Yo with my wife as a 'hi' during a busy day, I Yo with friends, without any more expectation or need than a Yo back." -- Investor of Yo John Borthwick As much as $10 million. That is the valuation investors have assigned to the new smartphone app. ere is how it success, from my personal perspective. Usefulness is the success metric of any technology rather than capabilities. Say, we need alert someone of something. A phone call might be too intrusive or unnecessary, a text message is not noticeable enough, an email may be even more ignorable. Fortunately, now we have Yo, that could help us fill this gap, fill those tiny moments that we don’t want it to be ignored but would rather not bother others by making a phone call. Technology is meant to simplify people’s life. By using this app, we can save lots of words by simply saying “Yo”. Under certain context, it’s not necessary to “make things so clear”, both the massage deliver and receiver knows......

Words: 3113 - Pages: 13

Premium Essay

Website Igration

...Inventory Management Just Being Frilly- Children’s Clothing Store   Running a small business seems easy enough until you start getting busy. Most small businesses go under within the first year because of the lack of preparation, inventory management, and lack of business model. ¬For any business to succeed you must act as if you are running a major corporation with the model, planning, inventory control, budgeting, and marketing. Although, you might be the sole person responsible for all of these actions, ensuring that all of this is done will help with a successful future for your company. Controlling inventory does not have to be a complex task. It is a process and thoughtful inventory management. There are no hard and fast rules to abide by, but some extremely useful guidelines to help your thinking about the subject. A five step process has been designed that will help any business bring this potential problem under control to think systematically thorough the process and allow the business to make the most efficient use possible of the resources represented. The final decisions, of course, must be the result of good judgment, and not the product of a mechanical set of formulas. Five Steps are: 1. Inventory Planning: Knowing what you will need when you will need it. 2. Order schedules: Ordering specific days of the week. This will aid in maximizing shipping costs, and help with the planning. 3. Inventory Levels: Knowing what your threshold levels......

Words: 1032 - Pages: 5

Premium Essay

Innovation of Economy

...ticketing is being sold inside the bus by the bus ticketing and this is primitive. I would like to propose the use of Mobile smart phone using NFC and QR code as a new ticketing strategy this would ease the long queue experienced by passengers all day. QR code (abbreviated from Quick Response Code) is the trademark for a type of matrix barcode (or two-dimensional barcode) first designed for the automotive industry in Japan. A barcode is an optically machine-readable label that is attached to an item and that records information related to that item while Near field communication (NFC) is a set of standards for smartphones and similar devices to establish radio communication with each other by touching them together or bringing them into close proximity, usually no more than a few inches. Present and anticipated applications include contactless transactions, data exchange. With these two set of technology we could make the transportation system in Nigeria a much efficient system In Nigeria the use of smart phone is high which are capable of either QR code reading or NFC. I am suggesting using the both option to complement each other. The simple logic is for the state bus agency to develop one customized application that would make people either purchase through QR code or Through NFC technology. The State bus conductor could a QR tag reader/NFC reader could be installed on all Bus so as to enable people to pay. This solution would solve the issue of long queues on the......

Words: 332 - Pages: 2

Premium Essay

Environmental Management

...COVENTRY UNIVERSITY AUSTON INSTITUTE Of Management Master of Business Administration IN ENGINEERING MANAGEMENT Quality And Environmental Management Systems (AUM 06 EMD) (Case Study) STUDENT NAME : Rituraj Saikia STUDENT ID : G1102894U LECTURER : Low Chin Yong WORDS : 3489 Table of Contents 1 Scope Of Environmental Management Strategy 3 1.1 The needs and expectations for development of an environment management strategy 3 1.2 The constraints under which the environmental strategy can be developed are identified 4 1.3 A clear and concise statement of environmental objectives 5 2 Determine Environmental Strategy Development Process 6 2.1 Principal stakeholders are identified 6 2.2 Stakeholders are consulted to obtain acceptance of the strategy development process 7 3 Identify Resources To Undertake Environmental Strategy Development 8 3.1 Resource requirements of the model/process adopted are identified in an accurate and comprehensive manner 8 3.2 Accurate detailed financial budgets are prepared within the scope of the strategy development 9 3.3 Human resource requirements for strategy developments: 9 3.4 Facilities and equipment needs for strategy developments are identified to ensure all requirements can be met on time 10 4 Identify Environmental Assets, Problems And Opportunities 10 4.1 Data are identified and collated in a comprehensive manner relevant to the scope and models......

Words: 3961 - Pages: 16

Free Essay

Can We Should We

...In this paper we begin with a short history of the Quick Reaction code (QR code) and move onto the QR code in marketing and how it can be similarly used in the healthcare field from advertising to take-home monitoring equipment for patients. We discuss a study conducted by Lin C, Tsai F, Tsai W, Wen H, & Hu M., 2012 and how the use of QR codes has help to decrease wait times in the pharmacy and actually increase accuracy of dispensing correct medications. After discourse on personal information we will end this paper with a few healthcare related ethical concerns. We come to the conclusion that QR codes could be beneficial to the public and private sectors of healthcare. Quick reaction codes (QR code) had their beginning in auto manufacturing plants in Japan in 1994; QR codes were designed to help track automobiles during the manufacturing process (Gottesman, & Baum, 2013). Like many other technologies, when shortly after their initial production, QR codes were found to be useful in many other areas than just automobile manufacturing. QR codes have recently been heavily used for marketing. The QR code is able to hold a significant amount of information and anyone with the correct tool to read the code is able to extract this information such as a website or such that for a consumer could lead to a shoe store, a hair salon, or even an electronics store. From auto manufacturing to marketing the QR code has found its way into the field of healthcare. The healthcare......

Words: 1348 - Pages: 6

Free Essay

Qr Code

...VISIBLE LIGHT NETWORKING WITH QR CODES A PROJECT REPORT FOR CSE 561 RYDER ZIOLA AND WILLIAM WEBB 1. Motivation and Design Considerations Telecommunications networks and the internet have enabled many different forms of communication - email, phone, instant messaging, etc. For most users, the fact that all of these are mediated by external networks is not important. However, some users, for instance, human rights activists operating in certain countries, may wish transfer digital data in a fashion that is anonymous, leaving no identifying traces on either participating machine nor any electronic record of the communication in the network. Physical storage media, such as CDs and portable hard drives are possible candidates if mail or an inperson handoff is allowed, but such media can also carry physical evidence, such as hair or fingerprints, and also serial numbers or metadata attached to the stored files. Any of these things could potentially compromise collaborators. Another possibility is to instead execute file transfers between portable machines in a way that uses no physical media and does not rely on any telecom network or exchange of addresses. Smart phones are natural candidates, being portable and increasingly ubiquitous, so for this project, we attempted to leverage common built-in functionality to create a secure channel with the desired properties. We note that many smart phones can communicate via IR ports, but there is always the possibility the that IR......

Words: 1972 - Pages: 8

Free Essay

Math Apptivity Using Qr Codes

...using QR Codes   MR. DENNIS E. CABAIS Maysan National High School MATH   Math Apptivity using QR Codes MATH   Math Apptivity Using QR Codes Mr. Dennis E. Cabais Maysan National High School ABSTRACT A QR code (Quick Response code) is a two-dimensional matrix barcode that is readable by a QR code reader on devices such as iPads, iPhones, smart phones, android phones with built-in cameras or computers with cameras. The code consists of black modules arranged in a square pattern on a white background. The information encoded may be text, a URL link, a website, contact details, a link to a YouTube, a Google map, video, sound or other data. QR codes are common in Japan, and are one of the most popular types of two-dimensional barcodes. The QR code was designed to allow its contents to be decoded at high speed. This study is an experimental study, atleast five apptivities were created to test how effective the strategy is. Students were allowed to connect to the WIFI of the school (if the room is near the Computer Lab) and with the hotspot created by one of their classmates using her own smartphones. Lucky enough, that in one class there is atleast 6 smartphones/android phones. This scenario gave the class a chance to participate and do their tasks by groups. This study explored and analyzed teaching methods and processes that incorporate QR codes and mobile devices into the classroom. The primary data indicated that with QR codes it......

Words: 543 - Pages: 3

Premium Essay

Contracts

...[pic] Mobile App Proposal - Company Name - May 21, 14 Direct Contact 1-800-555-5555 Email email@address.com Table Of Contents 01. Client Name 02. Introduction 03. Project Overview & Objectives 04. Mobile Website / Mobile Applications Development Strategies 05. Analytics 06. Secure Hosting 07. Maintenance 08. Client Responsibilities 09. Monthly Fees 10. White Label Contracts 11. Billing Schedule 12. Terms and Conditions (YOUR COMPANY) is pleased to submit a proposal for the development of a mobile app to (CLIENT NAME). The terms of this proposal are valid for up to sixty days after being presented. Client Name Project Name: (YOUR COMPANY) will design and develop a custom mobile friendly website for (CLIENT DOMAIN). The mobile friendly website will be designed to ultimately drive customer retention and overall sales for (CLIENT NAME). Introduction DEAR (CLIENT), We welcome the opportunity to build a cutting-edge mobile website and deploy to market a mobile app for (CLIENT NAME) that will increase sales and customer retention. (YOUR COMPANY) is a mobile marketing agency focused on providing cost-effective mobile marketing tools. From iPhone applications to iPad applications to HTML5 applications (YOUR COMPANY) delivers mobile apps and mobile websites on every platform. (YOUR COMPANY) will put you in front of your customers on devices they access most with information and tools that make it easy for......

Words: 1366 - Pages: 6

Free Essay

Student

...Understanding The QR Code This… …Is NOT This! U P C B A R C O D E …or This! Typical Information encoded into a QR Code • URL • Plain Text • SMS (text message) You will need a Smartphone* with an ADJUSTABLE FOCUSING Camera and a barcode scanning app. An app which allows you to use your LED flash light is GREAT to get a better read of the code. Most apps can scan UPC codes and QR Codes which comes in handy if you want to look up reviews for products when you are in the store (UPC). * Smartphone is iPhone, Android, Blackberry and Windows 7 Phone Where are QR Codes Found? WEARABLE R E TA I L / C ATA L O G Magazine and Magazine Ads DRIVE BY STOREFRONT T R A N S P O R TAT I O N A P P L I C AT I O N S Inside Outside WINE INDUSTRY Watch This Barrel Being Made MEDIUM TOAST ITALY What Would happen if you were able to add a link to a wine Sommelier at point of purchase? Would you sell more wine if the consumer were better able to make and informed decision? What if that code took you to a video of the grapes in the bottle being picked on a sunset evening and people enjoying the wine? Would experiencing the wine visually help you sell the product? Consider that in 1994 book style boxes were the deciding factor in over 44% of the point of purchase transactions at retail stores because of the added selling information. Information helps SELL Interview with the author or additional......

Words: 555 - Pages: 3

Premium Essay

Eswdatfwt

...MaSh Club Recruitment for Junior Coordinators 2014 GENERAL INSTRUCTIONS: Candidates are required to submit their one page resume along with answers to the following questions. Please adhere to the word limit given. Please mail your 1 page resume along with this document to mash.iimb@gmail.com as a single (.doc/.docx) file and rename it as name_roll e.g.kotler_1411xxx (last page in the doc/docx file must contain your resume). Please make the subject line of the mail as ‘MaSh Club Selections 2014 1411xxx’. 1. Name: Ankit Sahu 2. Roll No. : 1411144 3. Section: C 4. Why MaSh? (Maximum 100 words) Since I have come to IIMB, I have been relatively more interested in Marketing. MaSh will give me an opportunity to explore the same. Apart from this, it provides a platform to organize events and work with a great team. It also give the best chance to interact with Marketing firms. This is why I would like to be part of MaSh. 5. Why you? (Maximum 100 words) I am a hardworking and result oriented person and give my 100% in any responsibility I take up. Being a General Secretary of my hall and captain of an event (in my undergrad college), I have shown good team work and leadership skills. Whether it being the internships, B.Tech project or any other event i have worked on challenging problems. My engineering acumen and problem solving skills are reflected in the results that I have produced through my work. So I believe that my abilities make......

Words: 651 - Pages: 3