{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T03:40:00Z","timestamp":1772163600230,"version":"3.50.1"},"publisher-location":"Cham","reference-count":31,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319584232","type":"print"},{"value":"9783319584249","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,8,13]],"date-time":"2017-08-13T00:00:00Z","timestamp":1502582400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-58424-9_12","type":"book-chapter","created":{"date-parts":[[2017,8,12]],"date-time":"2017-08-12T07:33:44Z","timestamp":1502523224000},"page":"207-219","source":"Crossref","is-referenced-by-count":10,"title":["Security Threats and Solutions for Two-Dimensional Barcodes: A Comparative Study"],"prefix":"10.1007","author":[{"given":"Riccardo","family":"Focardi","sequence":"first","affiliation":[]},{"given":"Flaminia L.","family":"Luccio","sequence":"additional","affiliation":[]},{"given":"Heider A. M.","family":"Wahsheh","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,8,13]]},"reference":[{"key":"12_CR1","unstructured":"2D Technology Group Inc. (2016). Barcode security suite. \nhttp:\/\/www.2dtg.com\/node\/74\n\n."},{"key":"12_CR2","doi-asserted-by":"crossref","unstructured":"Dabrowski, A., Krombholz, K., Ullrich, J., & Weippl, E. (2014). QR inception: Barcode-in-barcode attacks. In Proceedings of the 4th ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM\u201914), November 7, Scottsdale, Arizona, USA (pp.\u00a03\u201310).","DOI":"10.1145\/2666620.2666624"},{"key":"12_CR3","unstructured":"Denso Wave Inc. (2017). SQRC\u00ae;\u00a0Secret-function-equipped QR Code. \nhttps:\/\/www.denso-wave.com\/en\/adcd\/product\/software\/sqrc\/sqrc.html\n\n."},{"key":"12_CR4","unstructured":"European Union Agency for Network and Information Security (ENISA) (2014). Algorithms, key size and parameters report 2014. \nhttps:\/\/www.enisa.europa.eu\/publications\/algorithms-key-size-and-parameters-report-2014\n\n."},{"key":"12_CR5","doi-asserted-by":"crossref","unstructured":"Gao, J., Kulkarni, V., Ranavat, H., Chang, L., & Mei, H. (2009). A 2D barcode-based mobile payment system. In Third International Conference on Multimedia and Ubiquitous Engineering (MUE\u201909), Qingdao, China, June 4\u20136 (pp.\u00a0320\u2013329)","DOI":"10.1109\/MUE.2009.62"},{"key":"12_CR6","unstructured":"GitHub. Official ZXing \u201cZebra Crossing\u201d project home (website). \nhttps:\/\/github.com\/zxing\/zxing\/\n\n."},{"key":"12_CR7","unstructured":"GitHub. Short Payment Descriptor project home (website). \nhttps:\/\/github.com\/spayd\/spayd-java\n\n."},{"key":"12_CR8","unstructured":"Google. Google Safe Browsing API (website). \nhttps:\/\/developers.google.com\/safe-browsing\/\n\n."},{"key":"12_CR9","doi-asserted-by":"crossref","first-page":"493","DOI":"10.1109\/IIH-MSP.2014.129","volume-title":"Proceedings of the Tenth International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIHMSP\u201914), Kitakyushu, Japan, August 27\u201329","author":"T. Ishihara","year":"2014","unstructured":"Ishihara, T., & Niimi, M. (2014). Compatible 2D-code Having tamper detection system with QR-code. In Proceedings of the Tenth International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIHMSP\u201914), Kitakyushu, Japan, August 27\u201329 (pp.\u00a0493\u2013496). Piscataway, NJ: IEEE."},{"key":"12_CR10","unstructured":"ISO\/IEC Standard (2006). ISO\/IEC 16022:2006, Information technology \u2013 Automatic identification and data capture techniques \u2013 Data Matrix Bar code Symbology Specification."},{"key":"12_CR11","unstructured":"ISO\/IEC Standard (2008). ISO\/IEC 16022:2008, Information technology \u2013 Automatic identification and data capture techniques \u2013 Aztec Bar code Symbology Specification."},{"key":"12_CR12","unstructured":"ISO\/IEC Standard (2015). ISO\/IEC 15438:2015, Information technology \u2013 Automatic identification and data capture techniques \u2013 PDF417 Bar code Symbology Specification."},{"key":"12_CR13","unstructured":"ISO\/IEC Standard (2015). ISO\/IEC 18004:2015, Information technology \u2013 Automatic identification and data capture techniques \u2013 QR code 2005 Bar code Symbology Specification."},{"key":"12_CR14","doi-asserted-by":"crossref","unstructured":"Jin, X., Hu, X., Ying, K., Du, W., Yin, H., & Peri, G. (2014). Code injection attacks on HTML5-based mobile for apps: characterization, detection and mitigation. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS\u201914) (pp.\u00a066\u201377).","DOI":"10.1145\/2660267.2660275"},{"key":"12_CR15","unstructured":"Kaspersky Lab (2011). Malicious QR Codes: Attack Methods & Techniques Infographic. \nhttp:\/\/usa.kaspersky.com\/about-us\/press-center\/press-blog\/2011\/malicious-qr-codes-attack-methods-techniques-infographic\n\n."},{"key":"12_CR16","doi-asserted-by":"crossref","unstructured":"Kharraz, A., Kirda, E., Robertson, W., Balzarotti, D., & Francillon, A. (2014). Optical delusions: A study of malicious QR codes in the wild. In 44th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN\u201914), 23\u201326 June, Atlanta, GA, USA (pp.\u00a0192\u2013203)","DOI":"10.1109\/DSN.2014.103"},{"key":"12_CR17","doi-asserted-by":"crossref","unstructured":"Kieseberg, P., Leithner, M., Mulazzani, M., Munroe, L., Schrittwieser, S., Sinha, M., & Weippl, E. (2010). QR code security. In Proceedings of the 8th International Conference on Advances in Mobile Computing and Multimedia (MoMM\u201910), Paris, France, November 8\u201310 (pp.\u00a0430\u2013435)","DOI":"10.1145\/1971519.1971593"},{"key":"12_CR18","doi-asserted-by":"crossref","unstructured":"Kieseberg, P., Schrittwieser, S., Leithner, M., Mulazzani, M., Weippl, E., Munroe, L., & Sinha, M. (2012). Malicious pixels using QR codes as attack vector. In Trustworthy ubiquitous computing. Atlantis Ambient and Pervasive Intelligence (Vol. 6, pp. 21\u201338).","DOI":"10.2991\/978-94-91216-71-8_2"},{"key":"12_CR19","doi-asserted-by":"crossref","unstructured":"Krombholz, K., Fruhwirt, P., Kieseberg, P., Kapsalis, I., Huber, M., & Weippl, E. (2014). QR code security: A survey of attacks and challenges for usable security. In Proceedings of the Second International Conference on Human Aspects of Information Security, Privacy, and Trust (HAS\u201914), 8533 (pp.\u00a079\u201390).","DOI":"10.1007\/978-3-319-07620-1_8"},{"key":"12_CR20","unstructured":"Peng, K., Sanabria, H., Wu, D., & Zhu, C. (2014). Security overview of QR codes. MIT Student Project: \nhttps:\/\/courses.csail.mit.edu\/6.857\/2014\/files\/12-peng-sanabria-wu-zhu-qr-codes.pdf\n\n."},{"key":"12_CR21","unstructured":"Phishtank: Phishtank API (website). \nhttps:\/\/www.phishtank.com\/\n\n."},{"key":"12_CR22","doi-asserted-by":"crossref","unstructured":"Razzak, F. (2012). Spamming the Internet of Things: A possibility and its probable solution. In Proceeding of the 9th International Conference on Mobile Web Information Systems (MobiWIS\u201912), Niagara Falls, Canada, August 27\u201329 (pp.\u00a0658\u2013665).","DOI":"10.1016\/j.procs.2012.06.084"},{"key":"12_CR23","volume-title":"QR & barcode reader (secure)","author":"Red Dodo","year":"2014","unstructured":"Red Dodo. (2014). QR & barcode reader (secure). \nhttp:\/\/reddodo.com\/qr-barcode-scanner.php\n\n."},{"key":"12_CR24","unstructured":"Soon, T. J. (2008). QR code. Synthesis Journal, 59\u201378. \nhttps:\/\/foxdesignsstudio.com\/uploads\/pdf\/Three_QR_Code.pdf\n\n."},{"key":"12_CR25","doi-asserted-by":"crossref","unstructured":"Starnberger, G., Froihofer, L., & Goschka, K. (2009). QR-TAN: Secure mobile transaction authentication. In International Conference On Availability, Reliability and Security (Ares \u201909), Fukuoka, Japan, March 16th\u201319th (pp.\u00a016\u201319).","DOI":"10.1109\/ARES.2009.96"},{"key":"12_CR26","volume-title":"Norton snap QR code reader","author":"Symantec Corporation","year":"2015","unstructured":"Symantec Corporation. (2015). Norton snap QR code reader. \nhttps:\/\/support.norton.com\/sp\/en\/us\/home\/current\/solutions\/v64690996_EndUserProfile_en_us\n\n."},{"key":"12_CR27","unstructured":"Tec-it. (2015). Overview: 2D Barcode Symbologies. \nhttp:\/\/www.tec-it.com\/en\/support\/knowbase\/barcode-overview\/2dbarcodes\/Default.aspx\n\n."},{"key":"12_CR28","first-page":"52","volume-title":"17th International Conference on Financial Cryptology and Data Security (FC\u201913), Okinawa, Japan, April 1, LNCS, 7862","author":"T. Vidas","year":"2013","unstructured":"Vidas, T., Owusu, E., Wang, S., Zeng, C., Cranor, L., & Christin, N. (2013). QRishing: The susceptibility of smartphone users to QR code phishing attacks. In 17th International Conference on Financial Cryptology and Data Security (FC\u201913), Okinawa, Japan, April 1, LNCS, 7862 (pp.\u00a052\u201369). Berlin: Springer."},{"key":"12_CR29","doi-asserted-by":"crossref","unstructured":"Wang, P., Yu, X., Chen, S., Duggisetty, P., Guo, S., & Wolf, T. (2015). CryptoPaper: Digital information security for physical documents. In Proceedings of the 30th Annual ACM Symposium on Applied Computing (SAC\u201915), Salamanca, Spain, April 13\u201317 (pp.\u00a02157\u20132164).","DOI":"10.1145\/2695664.2695727"},{"key":"12_CR30","volume-title":"Mathematical method of 2-D barcode authentication and protection for embedded processing","author":"V. Yakshtes","year":"2012","unstructured":"Yakshtes, V., & Shishkin, A. (2012). Mathematical method of 2-D barcode authentication and protection for embedded processing. \nhttps:\/\/www.google.com\/patents\/US8297510\n\n."},{"key":"12_CR31","unstructured":"Yao, H., & Shin, D. (2013). Towards preventing QR code based for detecting QR code based attacks on android phone using security warnings. In Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security (ASIA CCS\u201913), Hangzhou, China, May 8\u201310 (pp.\u00a0341\u2013346)"}],"container-title":["Computer and Network Security Essentials"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-58424-9_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,8,12]],"date-time":"2017-08-12T07:38:39Z","timestamp":1502523519000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-58424-9_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,8,13]]},"ISBN":["9783319584232","9783319584249"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-58424-9_12","relation":{},"subject":[],"published":{"date-parts":[[2017,8,13]]}}}