Encrypted QR Code System

Authors

  • Herny Ramadhani Mohd Husny Universiti Kuala Lumpur
  • Norhaiza Ya Abdullah Universiti Kuala Lumpur
  • Wan Hazimah Wan Ismail Universiti Kuala Lumpur
  • Nik Aisar Nurlisa Nik Ahmad Nizar Universiti Kuala Lumpur

Abstract

QR code (Quick Response Code) is the trademark for a type of matrix barcode, which is a machine-readable optical label that contain information about the item to which it is attached. Nowadays QR Code is commonly and widely used because people can easily access the information contained in the QR code through a smartphone by scanning the codes. Unfortunately, the unprotected QR code can easily be read by everybody that possess a QR scanner. Malware can easily be sent to infect victim’s smartphone and an attacker can steal and change the data without the victim consent hence data integrity is compromised. In order to enhance the security level of the normal QR code, AES 256 encryption algorithm will be added. This encrypted QR code is generated by web based system using username and password of the verified user. Registered user must use specific encrypted QR scanner (QRais scanner) to decrypt the encrypted QR code. QRais Scanner is developed in Android platform and will use the username and password of the verified user. The other QR scanner will not be able to decrypt the encrypted QR code. Encrypted QR code system is tested using functionality and security testing. Modules is tested based on specific scenario and identified security requirements. Result shows that data contained in the encrypted QR code is protected and only verified user able to use QRais Scanner to decrypt the encrypted QR code. For that reason, encrypted QR code system can be used as an alternative of secure method that able to protect data confidentiality and integrity. The system is also very convenient for user to use because it is developed in Android platform.

Published

2017-12-21

Issue

Vol. 2 No. 1 (2017)

Section

Articles

Submission of an original manuscript to the Journal of Computing Technologies and Creative Content (JTeC) will be taken to mean that it represents original work not previoussly published, that it is not being considered elsewhere for publication. All submitted articles that are published by JTeC cannot be published anywhere by the authors unless with the permission by JTeC Editors. JTeC reserves the right to the publications of the articles it published, and reserves the right to reuse the articles elsewhere for academic purposes, while still retaining the names of the original authors with the original articles.

JTeC takes the stance that the publication of scholarly research is meant to disseminate knowledge and in a not-for-profit regime, benefits neither publisher nor author financially. It sees itself as having obligation to its author and to society to make content available online now that the technology allows for such possibility.