Next Article in Journal
TEEDA: An Interactive Platform for Matching Data Providers and Users in the Data Marketplace
Next Article in Special Issue
Risk Measurement Method for Privilege Escalation Attacks on Android Apps Based on Process Algebra
Previous Article in Journal
Adoption of Sustainable Technology in the Malaysian SMEs Sector: Does the Role of Government Matter?
Open AccessArticle

Security and Privacy of QR Code Applications: A Comprehensive Study, General Guidelines and Solutions

1
DAIS, Università Ca’ Foscari Venezia, 30172 Venezia, Italy
2
College of Computer Sciences and Information Technology, King Faisal University, Al-Hassa 31982, Saudi Arabia
*
Author to whom correspondence should be addressed.
Information 2020, 11(4), 217; https://doi.org/10.3390/info11040217
Received: 2 March 2020 / Revised: 6 April 2020 / Accepted: 14 April 2020 / Published: 16 April 2020
(This article belongs to the Special Issue Cyberspace Security, Privacy & Forensics)
The widespread use of smartphones is boosting the market take-up of dedicated applications and among them, barcode scanning applications. Several barcodes scanners are available but show security and privacy weaknesses. In this paper, we provide a comprehensive security and privacy analysis of 100 barcode scanner applications. According to our analysis, there are some apps that provide security services including checking URLs and adopting cryptographic solutions, and other apps that guarantee user privacy by supporting least privilege permission lists. However, there are also apps that deceive the users by providing security and privacy protections that are weaker than what is claimed. We analyzed 100 barcode scanner applications and we categorized them based on the real security features they provide, or on their popularity. From the analysis, we extracted a set of recommendations that developers should follow in order to build usable, secure and privacy-friendly barcode scanning applications. Based on them, we also implemented BarSec Droid, a proof of concept Android application for barcode scanning. We then conducted a user experience test on our app and we compared it with DroidLa, the most popular/secure QR code reader app. The results show that our app has nice features, such as ease of use, provides security trust, is effective and efficient. View Full-Text
Keywords: QR codes; barcode scanners; Android security; QR code security; QR code privacy QR codes; barcode scanners; Android security; QR code security; QR code privacy
Show Figures

Figure 1

MDPI and ACS Style

Wahsheh, H.A.M.; Luccio, F.L. Security and Privacy of QR Code Applications: A Comprehensive Study, General Guidelines and Solutions. Information 2020, 11, 217. https://doi.org/10.3390/info11040217

AMA Style

Wahsheh HAM, Luccio FL. Security and Privacy of QR Code Applications: A Comprehensive Study, General Guidelines and Solutions. Information. 2020; 11(4):217. https://doi.org/10.3390/info11040217

Chicago/Turabian Style

Wahsheh, Heider A.M.; Luccio, Flaminia L. 2020. "Security and Privacy of QR Code Applications: A Comprehensive Study, General Guidelines and Solutions" Information 11, no. 4: 217. https://doi.org/10.3390/info11040217

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop