skip to main content
10.1145/3372224.3418165acmconferencesArticle/Chapter ViewAbstractPublication PagesmobicomConference Proceedingsconference-collections
poster

Toward a secure QR code system by fingerprinting screens

Published: 18 September 2020 Publication History

Abstract

Quick response (QR) codes have been widely used in mobile applications, due to its convenience and the pervasive built-in cameras on smartphones. Recently, however, QR codes have been reported suffering attacks for being sniffed just before the QR code is scanned, which lead to financial loss. In this study, we propose ScreenID, for enhancing the QR code security by identifying its authenticity, which embeds a QR code with information of unique screen fingerprint - PWM frequency. PWM frequencies are adjusted to different values by screen manufacturers, therefore can successfully differentiate screens. To improve the estimation accuracy of PWM frequency, ScreenID incorporates a model for the interaction between the camera and screen in the temporal and spatial domains. Extensive experiments demonstrate that ScreenID can differentiate screens of different models, types and manufacturers and thus improve the security of QR codes.

References

[1]
Xiaolong Bai, Zhe Zhou, XiaoFeng Wang, Zhou Li, Xianghang Mi, Nan Zhang, Tongxin Li, Shi-Min Hu, and Kehuan Zhang. 2017. Picking up my tab: Understanding and mitigating synchronized token lifting and spending in mobile payment. In 26th {USENIX} Security Symposium ({USENIX} Security 17). 593--608.
[2]
Michael Barr. 2001. Pulse width modulation. Embedded Systems Programming 14, 10 (2001), 103--104.
[3]
Chia-Kai Liang, Li-Wen Chang, and Homer H Chen. 2008. Analysis and compensation of rolling shutter effect. IEEE Transactions on Image Processing 17, 8 (2008), 1323--1330.
[4]
NotebookCheck. 2019. PWM Ranking - The Best Displays for the Eyes. https://www.notebookcheck.net/PWM-Ranking-Notebooks-Smartphones-and-Tablets-with-PWM.163979.0.html

Cited By

View all
  • (2022)Phishing with Malicious QR CodesProceedings of the 2022 European Symposium on Usable Security10.1145/3549015.3554172(160-171)Online publication date: 29-Sep-2022

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
MobiCom '20: Proceedings of the 26th Annual International Conference on Mobile Computing and Networking
April 2020
621 pages
ISBN:9781450370851
DOI:10.1145/3372224
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 September 2020

Check for updates

Author Tags

  1. PWM frequency
  2. screen-camera communication
  3. secure QR code

Qualifiers

  • Poster

Funding Sources

  • National Key R&D Program of China
  • NSFC under Grants and Startup Fund for Youngman Research at SJTU
  • the Joint Key Project of the NSFC

Conference

MobiCom '20
Sponsor:

Acceptance Rates

Overall Acceptance Rate 440 of 2,972 submissions, 15%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)35
  • Downloads (Last 6 weeks)4
Reflects downloads up to 17 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2022)Phishing with Malicious QR CodesProceedings of the 2022 European Symposium on Usable Security10.1145/3549015.3554172(160-171)Online publication date: 29-Sep-2022

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media