Safe Mobile Payments Crucial

Despite an overwhelming positive response to QR Codes and the willingness of some companies to explore the limitless possibilities brought on by the technology, some people, including some big tech guys out there, continue to speculate about the negative impact that QR Codes may bring. Their argument is not without some truth in it, particularly on the security front. 

Even I have to admit that there are security issues especially when it comes to paying through the phone. On the positive side, there are solutions that advertising agencies and branding strategists should consider before rolling out their QR Code marketing plans. 

QR Code hijacking is not common, as of yet, but like link-jacking, it can happen. And now that more people have come to understand and accept QR Codes, it is not long before the bad guys caught on. But what can we do about them exploiting the technology and spoiling everything for the good guys who are genuinely using QR Codes on a personal and professional level? 

Explain away - The biggest mistake that anyone can do when using QR Code is to leave things in the dark. Explain away. If you are going to be printing a QR Code on a signage, then take the time to explain it. There is a fine balance to everything – do you want to ride the curiosity wave or bring things out into the open so that it is more practical for users. So that users feel more secure and willing to scan the code. I suppose it is fine to leave things obscure if it is a branding exercise. But for the sake of practicality, explain what the code does and if possible, print the URL out beside the QR Code. 

For payment purposes, use https URLs to assure users – Sure, it is convenient if you could pay by phone but you need to go out of your way to ensure that the process is a secure one. Some mobile browsers do not display the URL that they are visiting, warn them. Teach them how to check for the URL and warn them that if the URL is not a https URL, to log out or not reveal their personal details on the page. 

Point the QR Code to a secure payment processor – I have observed that some websites continue to require their users to key in username, passwords and worse yet, credit card information and PIN numbers into the phone whenever they wanted to make a payment. DON’T. Just imagine that there is some spiteful individuals or groups of people lurking in the background just waiting for the person to finish the mobile transaction and take off with the phone.

To make it safer for the individual, point the QR Code to a secure payment processor that does not save the password and username to the phone’s memory. 

Let’s make QR Code safe and convenient for smartphone users, everyone.