Abstract
Quick response (QR) codes have been widely used in mobile applications, especially mobile payments, such as Alipay, WeChat, PayPal, etc due to their convenience and the pervasive built-in cameras on smartphones. Recently, however, attacks against QR codes have been reported and attackers can capture a QR code of the victim and replay it to achieve a fraudulent transaction or intercept private information, just before the original QR code is scanned. In this study, we enhance the security of a QR code by identifying its authenticity. We propose, which embeds a QR code with information of the screen which displays it, thereby the QR code can reveal whether it is reproduced by an adversary or not. In, PWM frequency of screens is exploited as the unique screen fingerprint. To improve the estimation accuracy of PWM frequency, incorporates a model for the interaction between the camera and screen in the temporal and spatial domains. Extensive experiments demonstrate that can differentiate screens of different models, types, and manufacturers and thus improve the security of QR codes.
Hao Pan
Researcher | Microsoft Research Asia
My research interests include mobile computing, wireless communication and sensing, human-computer interaction and computer vision.