QR codes have been around for nearly three decades. Over the years, they gained a little traction as a cool, novel feature, often to showcase a forward-thinking, innovative campaign. But the technology was not universally embraced, and QR codes appeared likely to become a footnote in the history of digital technology.
Then came the pandemic. The (literally) overnight shift to remote work and social distancing created an urgent need for solutions, including touchless technology. Strained business owners scrambled to adapt, looking for anything that would help keep them safe and operational. Enter QR codes.
From scanning menus at restaurants to checking into doctor’s appointments and completing health forms, QR codes have enabled engagement from a safe distance. Thanks to QR codes, consumers can easily access websites, submit orders, and even make payments. Businesses can connect with their customers while maintaining health and safety protocols. Government authorities have used QR codes to facilitate contact tracing and visitor processing at border checkpoints. QR codes have accelerated the cashless, paperless society, allowing for exchanges when the world needed them most.
Given anecdotal evidence about the rise of QR codes, I was curious about how often people were actually using them. To find out, my company conducted a follow-up to a September 2020 report on QR code adoption. The findings revealed significant changes in consumer attitudes and uses of QR codes, even over a few short months.
For example, 83% of consumers surveyed reported that they used a QR code to process a payment in the last year for the first time ever. More interesting, 54% used a QR code to make a payment for the first time in the last three months alone.
It’s amazing to think that a barcode-like feature created in 1994 would have its “moment” a full generation later. But what’s next? How do QR codes evolve from here? Are they a creature of the moment, or are they here to stay?
Think back to pre-pandemic life. While dining at a restaurant, you were provided with a physical menu, and a server greeted you and explained the menu. At the doctor’s office, you manually filled out pages of physical paperwork (remember those tiny boxes?). These methods of engagement hadn’t changed in generations. Consumers may have incorporated technology into their daily lives, but service experiences hadn’t caught up. QR codes were rarely used for these everyday interactions.
Fast forward to 2021. Everything has changed. And QR codes—once just a cool, innovative add-on—have become a practical necessity.
Elements of this shift are expected to last long past the pandemic. As many industries are discovering, people prefer the convenience of digital access and will continue to request it going forward. This impacts nearly every industry, requiring long-term solutions to keep customers, partners, and employees happy. QR codes are likely to be part of those solutions.
Although QR code usage has increased, consumers’ understanding of QR codes’ powers and capabilities has not. Many still don’t know that a QR code can open a URL or download an application when scanned. While not surprising, that is dangerous: If more people are using the technology for the first time but don’t understand how it works or what it can do, there is a huge cybersecurity risk for both consumers and businesses.
Any increase in technology adoption without corresponding security protocols creates opportunities for bad actors, phishers, and scammers. Unfortunately, QR codes can be published with malicious intent and without raising red flags. Even consumers who say they can spot a malicious URL or website feel significantly less confident in their ability to spot a malicious QR code.
It’s important to note that security threats do not lie in the actual QR code itself but rather in the lack of public awareness about how QR codes work. Users must realize that malicious QR codes exist and can take advantage of people by sending them to mock websites that look legitimate but are instead perfect replicas, strategically designed to steal personal and financial information. What appears to be an easy scan, coupled with the general lack of zero-trust security on mobile devices, can lead to trouble.
Security concerns—especially considering the rise in mobile attacks, the increased sophistication of hackers, and the tremendous amount of data on mobile devices—are vulnerabilities that the general public must be aware of when opening a URL, sending a text, or using personal devices on public domains. As we settle into an even more digital landscape, companies should urge their employees to remain vigilant. Be wary of QR codes scanned in public, especially those that request sensitive information. Of course, a warning isn’t enough unless you have a way to ensure that every code is valid. That’s why it’s critical to use high-performing (and regularly updated) security solutions on all devices.
Digital transformation, like the rise of QR codes, has major implications for consumers and businesses. Consumers are attracted to the “instant” lifestyle, and technology has provided a bridge across many industries to deliver what is needed quickly and efficiently. We are not likely to go backward and erase the progress we’ve made in simplifying processes that let us access what we need when we need it.
But cybersecurity must keep pace with that transformation. The pandemic rapidly accelerated the pace of adoption, and in too many cases, businesses and individuals jumped on board without adopting necessary cybersecurity measures.
Although the crystal ball is a little cloudy as to where we are going, we are almost certain to see both touchless and location-agnostic engagement become ubiquitous. And there is a tremendous amount of education necessary to support the outcomes—the good, the bad, and the ugly—affiliated with the associated technologies. Let’s get to work.