Use QR Codes Securely

Last updated: November 25, 2024
Use QR Codes Securely

QR Code Usage Guide for UBC Faculty, Staff, and Students: A Cybersecurity Perspective

QR codes can be a convenient way to direct users to specific content, but it's essential to use them responsibly and securely. This guide provides best practices for using QR codes at UBC to ensure a positive user experience and protect privacy and information security.

Scanning QR Code

Security Considerations Before SCANNING QR Codes

  • Scan with Caution: QR codes can be easily manipulated to redirect users to malicious websites or download harmful software. Be wary of scanning QR codes from unknown sources or in unfamiliar locations. Ensure the QR code is from a reliable source, such as a reputable company or organization.
  • Destination URL Inspection: Check the URL displayed on or beside the QR code before scanning. Be wary of URLs that look suspicious or contain typos.
  • QR Code Scanner App: Use a reputable QR code scanner app from a trusted source. Carefully review the app's permissions and grant only the necessary ones.
  • Data Privacy: Avoid scanning QR codes that request sensitive personal information, such as credit card numbers or social insurance numbers.
  • Social Media: Be cautious about sharing QR codes on social media, as they can be easily manipulated. Verify the legitimacy of QR codes shared by others before scanning.
  • Verify the Website: Once you've scanned the QR code, manually verify the website's URL in your browser's address bar.

Security Considerations Before GENERATING QR Codes

  • Generate QR Codes Securely: Use reputable software like Adobe, Canva, Google, or Microsoft Bing to generate QR codes. Avoid using free online generators that may compromise your data.
  • Clarity and Purpose: Clearly explain the purpose of the QR code and what users can expect after scanning.
QR Codes at Event
  • Data Privacy: Using QR codes to link to forms that collect personal information should be avoided. If necessary, be transparent about the data being collected and limit it to what's essential.
  • Testing and Accessibility: Periodically verify the destination URL of QR codes to ensure they haven't been tampered with. Use a QR code reader to scan the code and check the resulting URL. Provide the full URL alongside the QR code for users who cannot scan it.
  • Contextual Use: Avoid using QR codes on printed materials unless necessary. Refrain from using QR codes in emails and newsletters. Exercise caution with QR codes on digital signage. Avoid QR codes on social media. Use embedded content instead.
  • Event Materials: If using QR codes on event materials (roll-up banners, backdrops, table-top materials, etc.), ensure materials are regularly checked for tampering. Ensure constant supervision of event booths and/or tables.

By following these guidelines, you can ensure that QR codes are used effectively and securely at UBC.

Please note: This is a general guide, and specific use cases may require additional considerations. Consult with Privacy Matters @ UBC for tailored advice.

Go Further...

Privacy Matters @ UBC

Safety & Risk Services | 2389 Health Sciences Mall
University Counsel | 6328 Memorial Road,
UBC Cybersecurity | 6356 Agricultural Road
E-mail privacy.matters@ubc.ca

UBC Crest The official logo of the University of British Columbia. Urgent Message An exclamation mark in a speech bubble. Caret An arrowhead indicating direction. Arrow An arrow indicating direction. Arrow in Circle An arrow indicating direction. Arrow in Circle An arrow indicating direction. Chats Two speech clouds. Facebook The logo for the Facebook social media service. Information The letter 'i' in a circle. Instagram The logo for the Instagram social media service. Linkedin The logo for the LinkedIn social media service. Location Pin A map location pin. Mail An envelope. Menu Three horizontal lines indicating a menu. Minus A minus sign. Telephone An antique telephone. Plus A plus symbol indicating more or the ability to add. Search A magnifying glass. Twitter The logo for the Twitter social media service. Youtube The logo for the YouTube video sharing service. Bell Warning