Prevent QR code from being copied and QR code should be scanable by my mobile app only

Question

I am using qr code for anti-counterfeiting solutions. But the problem with Qr code is that anyone can easily create a copy of my qr code or anyone can easily read the qr code with "qr code reader" mobile application and can create the same qr code like mine.
if my application reads this fake qr codes then it shows the "valid product" message instead of "fake product" message.

So i just want to know that if there is any way to protect qr code from being copied or can i make qr code which can be readable by my mobile app only and not by any other "qr code reader" application.

Answer 1

I think Jeff Green has the correct answer

Some companies pair a serialised QR code with a PIN code. It can be copied but the platform will detect multiple scans from different devices and locations and can send an alert.

Pavin Wilson repeated Jeff Green's idea

The other option is to create a two step process wherein one is a unique number via qr or bar code and the other is linked through ones own proprietary identification system.

Pairing a PIN with a QR Code allows copying BUT with alerts, will allow multiple scans to be uniquely identified.

With such a system, in place, a business could have the best of both worlds: unique AND traceable multiple QR code scans.

So, for example, a restaurant could offer a menu, on an outdoor digital billboard, so each customer who scans the billboard QR code---no matter the quantity of customers---could be uniquely traced, by a matching PIN.

Why use a matching PIN? So each customer who scaned the same QR code would receive targeted discounts, associated with the same QR code.

For example, once the first customer who scans the QR code, a full menu appears. That first customer would have the best discounts, while the following customers, who scared the same QR code, would receive fewer discounts.

Sometimes copy-scanning the same QR code is useful.

Answer 2

Some companies pair a serialised QR code with a PIN code. It can be copied but the platform will detect multiple scans from different devices and locations and can send an alert.

There are also screen solutions as mentioned such as this.

https://ypbsystems.com/en/protect-code-anti-copy-code/

Answer 3

There are different ways to do that: you can insert a copy-sensitive digital image at the center of the QR Code (called copy detection pattern or secure graphic). The secure graphic will naturally degrade and lose information if a counterfeiter tries to copy it, due to uncontrollable effects of dot gain and ink smearing. You can also embed a digital watermark by inserting small modifications that are hard to notice into the QR Code cells. These are generally easier to counterfeit though. A third approach consists in installing a high resolution camera on the printing or production line, and capture the small print variations of each printed QR Code.

The common point of these 3 approaches is that you need a specific app on your smartphone to make the authentication. If a consumer makes a normal scan of the QR Code (e.g. with the iPhone camera app), he can on land a page that will instruct her to download this app. Of course the brand owner needs to communicate to his customer or user base on how to authenticate its products. Good example on how this is done can be seen with Scantrust secure QR Code here:

https://www.dupont.com/water/resources/anti-counterfeiting-solutions.html

https://www.nexans.com/business/Telecom---Data/Local-area-network/lan_systems_blog/lan_systems_blog_posts/20.2019-Scantrust.html

Answer 4

The condition that only your app can scan your QR can be achieved by encrypting the text you want to convert into QR before converting it using any encryption algorithm and key and again after the QR code is scanned using the same algorithm to decrypt the encrypted text obtained .In this way if any other scanner scans it it will not perform the final algorithm you did to convert it into original text and hence your QR will be secure. However, copying of QR can be done .

Answer 5

There are apps that do what you are looking for. Hologram, marks etc are a waste of money except maybe for preventing some new unscrupulous elements. Even if the app is copied, Google won't allow apps of the same name which automatically grants it a first level protection. Hence this will work. The other option is to create a two step process wherein one is a unique number via qr or bar code and the other is linked through ones own proprietary identification system. Other can be qr, bar too or even a scratch code. Any app can be used as effect is the same. Only difference is that the first one is easy to use.

Answer 6

There is no way to accomplish this. QR is merely a format to store information. It does not provide confidentiality in any way.

You are looking at a systemic issue. For fraud detection, you want to use a technology where replication is hard. QR on the other hand is designed to make replication easy. QR codes are redundant and can still be read if a rather large portion of them is lost. QR codes are therefore - even on a basic level - the exact thing you don't want to use to establish the authenticity of an object.