I read a lot about QR codes and how the code itself can lead to serious security threats. But one thing that I have not encountered is the following.
In the following scenario: I have a QR code that displays some of my data, you can say: - Name - Address - List of things that I am allowed to do
And I look through my code to see its contents, add some stuf to the list of things that I am allowed to do, and retype the QR code. The next day I get to work, checking my code, and I am allowed to do the extra thing that I added to the code.
My question is: how can I stop this scenario. Please note that it is not possible to check if my data matches DataBase data.
Additional Information:
I use the phone combination in conjunction with Sencha Touch 2 to create my QR code reader.
This is an Android app designed for Android 4.0 devices only.
QR codes are provided once a year.
If someone scans their QR code last year, this will not work.
Please note: theoretically, if he changes the date on the code that he can enter, this is exactly what I'm trying to block.
Some employees have access to an application that reads code.
The application does not have the ability to check the data on the QR code, so it should be something that uses only the data on the QR code.
source
share