Normal QR Code Versus Signed/Verifiable QR Code

You have likely seen a lot more QR codes over the last two years due to the pandemic. At many restaurants, for example, which are keen not to share physical menus, customers scan a QR code with their phone camera to open a website for the online menu.

What is a QR code?

Short for Quick Response, a QR code stores all kinds of information that can be scanned and accessed by a digital device such as your smartphone.
The machine-readable format can also be printed on a piece of paper.
While barcodes are one-dimensional, which means that information can be scanned only horizontally, QR codes are two-dimensional. Hence, information on a QR code can be read both horizontally and vertically, allowing it to store more data.
QR codes allow you to download applications, join WiFi networks without having to key in any password, scan coupons, and much more. They can be embedded on a company’s website to gather feedback, facilitate registrations, collect customer data, and order details. QR codes can be used on physical products as a way to provide more information.
QR codes are also used for document verification to check if a credential is genuine. This has gained popularity during the pandemic with some countries opting for QR code-based vaccination certificates to open up travel and business.

Normal QR Code vs Signed/Verifiable QR Code

Normal QR Code	Signed/Verifiable QR Code
A normal QR code contains information that can be read and understood by any QR code viewer. They typically carry a URL and a scan of such QR codes reroutes to a separate site.	A signed QR code encodes the verifiable data set or information within the QR itself, rather than on any website.
In a normal QR code, information can be edited and altered, making the verification process untrustworthy and vulnerable to hacking. To address this issue, a signed or verifiable QR code is used, particularly in the case of sensitive information. Sensitive data could be your bank details, educational details, and medical information, among others.	The information is secure and cannot be altered or tampered with, nor can it be scanned and accessed by everyone. This is because the original data/information in the QR code is digitally signed.
	Example: In the case of COVID-19 vaccination certificates, for example, data identifying the vaccination event and the beneficiary is encoded within a QR code and then digitally signed, making it tamper-proof. Only a verifying authority with a secure key can validate this information accurately by matching it with the signing key of the QR code.

Normal QR Code

Signed/Verifiable QR Code

A normal QR code contains information that can be read and understood by any QR code viewer. They typically carry a URL and a scan of such QR codes reroutes to a separate site.

A signed QR code encodes the verifiable data set or information within the QR itself, rather than on any website.

In a normal QR code, information can be edited and altered, making the verification process untrustworthy and vulnerable to hacking. To address this issue, a signed or verifiable QR code is used, particularly in the case of sensitive information. Sensitive data could be your bank details, educational details, and medical information, among others.

The information is secure and cannot be altered or tampered with, nor can it be scanned and accessed by everyone. This is because the original data/information in the QR code is digitally signed.

Example: In the case of COVID-19 vaccination certificates, for example, data identifying the vaccination event and the beneficiary is encoded within a QR code and then digitally signed, making it tamper-proof. Only a verifying authority with a secure key can validate this information accurately by matching it with the signing key of the QR code.

All content on this page by eGov Foundation is licensed under a Creative Commons Attribution 4.0 International License.

PreviousPrinting Certificates at a Facility NextWhat Information Goes Into a QR Code?

Last updated 1 year ago