Network Security & Vulnerabilities
      Back to home
      1. Knowledge Base, Articles & Resources from the Verification Experts
      2. FAQ
      3. Network Security & Vulnerabilities

      Are QR Codes Generated by VeEX Test Sets Considered Secure?

      YES! The QR Code generation function in VeEX products is not connected to the Internet, so they can't be hacked by bad actors to make QRs point to malicious URLs. However, in general, one shall only use smartphones to scan QRs from trusted sources.

      At VeEX, Internet security is always on the top of our mind. We understand that QR codes can be a security concern, since humans can't read them to validate their content (as we do with written URLs) without scanning them. For that reason, as a general rule, one shall only use smartphones to scan QRs from trusted sources. At VeEX, we do our best to maintain our trusted partner status with all our customers and users.

      Icon depicting a malicious QR Code with security issues, like phishing or scam.In the News: Recent news reports in 2022-2023 highlighted some alarming incidents of phishing campaigns aimed at various companies in the USA. Those campaigns involved the use of malicious QR codes in emails and attached PDFs, with the intention of stealing Microsoft account credentials.

      Although QR codes are generally considered safe, it is important to note that they can be manipulated by scammers if they gain access to the source. This is because QR codes may all appear similar to our eyes. It is possible for a malicious QR code to lead you to a spoofed website that aims to drop various types of malwares or steal sensitive information, such as login credentials, credit card details, and/or money.

      The security risks associated with QR codes derive from the destination link encoded in QR codes, rather than the codes themselves. Scanning a malicious QR code leading to a malicious link is the same as clicking on said link.

      However, most QR scams or phishing attempts rely on the use of the internet or physical stickers to lure unsuspected people into scanning QR codes pointing to malicious URLs. On VeEX products, the on-screen QR code generation functions are not connected to the Internet or use any external information, so they can't be hacked or manipulated by external bad actors to make them point to malicious URLs.

      Security Tips:

      • Avoid third-party QR scanner applications - All smartphones today come with native QR code scanning capability within the camera app itself.
      • Only scan QR codes from trusted sources.
      • Verify URLs - When you scan a QR code with the camera app on your smartphone, you may get a notification pop-up on the screen immediately after the camera's QR code sensor detects and captures the code. The confirmation prompt shows the main URL domain it would take you to. Make sure it is from veexinc.com.
      • Check for Encryption - The pages targeted by our instruments' NoApp test results transfer via QR code use SSL encryption. The destination link you see must be HTTPS://. If you see unencrypted HTTP:// then there may be something wrong.

      Related Test Solutions

      • NoApp Guide - Using QR Codes and NoApp Service to Transfer Test Result Data
      • NoApp - Product page
      ©2023 VeEX Inc.                 Published: August 2023