Qcheck




WHAT ARE QR CODES & HOW THEY WORK?


QR (Quick Response) codes are two-dimensional barcodes that store data. They can hold URLs, text, Wi-Fi credentials, contact info, payment details, etc. are Scannable using a smartphone camera or QR code scanner app. They are used in marketing, payments, authentication, and more.
  1. Data Encoding:
    2. Information (URL, text, etc.) is converted into a QR code pattern.
  2. QR Code Generation:
    3. Created using QR code generators in static or dynamic format.
  3. Scanning:
    4. A QR scanner (phone camera or app) detects the black-and-white pattern.
  4. Decoding:
    5. The scanner reads the pattern and extracts the stored information.
  5. Action Execution:
    6. The user is redirected to a website, downloads a file, or makes a payment, based on the QR code's data.

QR CODES AND THEIR SECURITY CONCERNS:


QR codes facilitate social engineering attacks due to the fact users have to be willing to place a degree of blind faith that they will perform as advertised. QR codes are widely used for payments, authentication, and data sharing, but they pose significant security risks. Cybercriminals exploit them for phishing attacks, malware distribution, and payment fraud by replacing legitimate codes with malicious ones. Users may unknowingly share sensitive data or install malware. To mitigate these risks, businesses must implement security measures like URL verification, encrypted QR codes, and user awareness training to prevent potential cyber threats.

THE PROBLEM WE WANT TO ADRESS:


Key Security Problems with QR Codes:
  1. QRishing (QR Phishing Attacks)
  2. Fake Payment QR Codes (UPI, Paytm, Google Pay Scams)
  3. Malicious QR Codes Distributing Malware
  4. Privacy & Tracking Risks
These are all the problems we want to address in this project by combining it into a single main problem. This makes the project more powerful and useful by covering QR phishing, fraud, malware detection, and privacy protection in one system.

WHAT ARE WE PROPOSING TO SPECIFICALLY DESIGN AND IMPLEMENT?


  • What Are We Proposing to Specifically Design and Implement? To address phishing, payment fraud, malware risks, and privacy threats in QR codes, we are proposing to design and implement a terminal-based QR Code Security Scanner with the following features:
  1. QR Code Scanner (Core System)
    2. A Python-based terminal tool that scans and decodes QR codes from images.Extracts embedded data (URLs, payment links, or text) for security analysis.
  2. API-Based Security Checks (Phishing & Malware Detection)
    3. Integrates VirusTotal API to check if a QR code's URL is linked to phishing or malware.Uses Google Safe Browsing API to verify if the link is blacklisted or suspicious.
  3. AI-Powered Fake Payment QR Code Detection
    • Train a machine learning model to classify real vs. fake payment QR codes.
    • Analyse payment QR codes based on:
      • UPI ID Structure (e.g., detecting fake payment IDs).
      • Domain Legitimacy (Ensuring payment URLs belong to real merchants).
      • Shortened URLs (Commonly used by fraudsters).
  4. Privacy Protection & Tracking Detection
    5. Identify tracking QR codes that collect user data.Warn users before opening data-harvesting links
  5. Cloud-Based Scan History (Firebase Integration)
    6. Store scanned QR code data in Firebase for future security analysis.Users can view past scan logs for reference.


Back to Home