Usually on Friday’s we do a community showcase highlighting the top discussions and contributors in the 2D barcode space, but not this week. Instead, we thought we would switch it up a bit and talk about some important news that affects Tag.
You may have heard about it already, but over the last few days people were buzzing about malicious QR codes that were uncovered on a Russian website. If you didn’t hear what happened here’s a synopsis: QR codes were placed on a Russian website telling people it lead to an instant messenger app to download on their phone. When users downloaded malware that they thought was the messenger app, it began sending messages to a premium subscriber that netted the cybercriminals between $5 and $10 a pop.
Following the news, the Tag team was approached with two questions/concerns from the community:
- Some marketers voiced concern that consumer awareness of malicious links behind 2D barcodes might lead to reluctance to scan.
- Community members asked if Tag was better suited than current QR services in the market for handling this kind of issue
Will Malicious Codes Lead To Reluctance To Scan?
To address the first point it helps to take a step back. As 2D barcodes become more popular with consumers and marketers, it gives cybercriminals a way to repurpose existing scams into a new package. This means that marketers will have to face the same challenges with 2D barcodes that they do with every other medium.
However, just as the emergence of email spam led to filters and junk mail folders, the right solutions will bring forth the same kind of protection. In Tag’s case, we already have some means of protection in place that I will delve into later in the post.
The best defense against malicious codes is consumer education. In the case of the QR codes found on the Russian website, after people scanned they still had to take the action of agreeing to download the malware. We all exercise a discerning eye when we suspect an email we receive to be spam and therefore potentially malicious. Consumers have to practice the same caution when assessing the placement of a 2D barcode and ultimately what actions the experience it leads to is asking you to take.
Here are a couple questions the customers could have asked themselves to avoid scanning infected links:
- Does the website where the QR code is placed look legitimate?
- After scanning, what mobile website am I delivered to? If it’s asking me to download an app, it should be from a trusted marketplace.
Does Tag Offer Better Protection?
The short answer is yes. Because all Tags are re-routed through the cloud, there is a means of blacklisting codes that are reported as malicious. Since anyone can create QR codes that either link directly to a site instead of being routed through the cloud, the ability to blacklist a link and protect against future scams simply isn’t there.
The concern that has been driving discussions regarding malicious codes is a legitimate one and one that Tag takes very seriously. We want to assure our customers that our platform maintains a backend process with filters and safeguards that detect and help prevent malicious links from infecting Tags. Marketers already consider and prepare for potentially harmful content on other digital mediums such as email and websites; however, the reasons the same discussions aren’t perpetuated around malware threats on other mediums is because there are appropriate protections in place against such threats and consumers are aware of these safeguards. We want our customers to also be aware of the protections Tag has in place to help protect their security.
For marketers who want the most control over their audience’s experience from the branding of the code itself to the backend analytics and defense against cybercriminals in an all-in-one solution, the Tag platform makes the most sense.
Do you think incidents of malicious QR codes could make people reluctant to use them in mobile marketing? Let us know with your comments below or on Facebook or Twitter.