Is there an application where you can generate encrypted QR Codes?
I havent a lot of literature on encrypting QR codes out there. We are looking to implement something that clients can send us encrypted information and we scanning them on our site.
Has any of you been involved in a project such as this?
It's important to remember that QR Codes do not have to represent a URL. They can be an encrypted lookup code that points an authorised reader to a location from where they can pick up the information that is being shared.
QR Codes actually cannot be deleted. There's a logical reason for this, and it has to do with your customers' experience. Let's say you have a code printed on a flyer, but now the campaign is over. Logically, you would delete that code in your account because you no longer need it for your campaign.
What is a password-protected QR code and how does it work? Password-protected QR codes are QR codes in which the content or information stored in the QR code can only be accessed and viewed after the scanners entered the right password.
The complexity of a QR code also means that there are a practically infinite number of possible permutations — everyone on earth can assign a unique QR code to every photo, link, and product ever created, and we'll never run out.
Other answers suggest you could use the QR code to encode a URL, and then ensure the service at that URL provides the authentication / security you need. If the channel you're using to communicate with your client is digital and internet-connected, maybe that makes sense ... and if it does make sense, you don't need a QR code at all, just send the URL. As Tadmas pointed out, QR is just an encoding.
However, I'll infer from your original question that the channel you're using is analog (paper??), or digital but not internet-connected (digital photos of a paper original or screen shot, or ??). That's not the most usual use case -- not what most of the respondents on this forum would naturally consider -- but I can imagine some realistic use cases e.g. for bills or payment data where that could be happening.
If that's true -- if for some reason you have to transmit the actual data through a non-internet channel, and the actual data has to be wrapped in a QR code format, then there's a different way to do this.
The obvious approach (hi-level) looks like this
message
--> (compress) --> compressed message
--> (encrypt) --> encrypted compressed message
--> (QR encode) --> QR of encrypted compressed message
... send over channel ...
encrypted compressed message <-- (QR decode) <--
compressed message <-- (decrypt) <--
message <-- (decompress) <--
In which your primary challenge is to choose compression & crypto algorithms that suit your purposes.
Note well, crypto is non-obvious, approach with respect & caution, don't just slam something together ...
Compressing before encrypting is a best practice. It isn't always needed as a separate step, because some crypto algorithms perform compression for you -- for example, PGP compresses data before encrypting. Others don't. If you're not sure or the approach needs to be general (work for different choices of crypto algorithm) you can always compress; it's safe, just sometimes pointless.
Choice of crypto algorithm has many implications (key management etc. -- huge topic). However one of the implications is especially relevant to QR codes -- how much the crypto step bloats your message. QR code blocks have a limited capacity of 2953 bytes of 8-bits each. If the message you're transmitting is close to this limit, you'll want to choose a crypto algorithm that has output size equal to input size (AES is one example). If the message is much smaller than this limit, then you won't care about this (could use the highly-bloating PGP for example).
If you can find compression and encryption algorithms that work for both you & your client (and a safe way to distribute keys and so on), then I don't think it's particularly hard to satisfy your original request. Don't try to encrypt the QR code itself (not sure that terminology actually makes any sense) but instead, compress and encrypt your data, then QR-encode the resulting encrypted data. Nothing to it.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With