What Data Do QR Codes Contain?
QR codes can encode a wide variety of content types, and some of them carry sensitive personal or business information: β’ URLs β website addresses, including private internal links or authentication tokens β’ WiFi credentials β network name (SSID) and password in plain text within the QR pattern β’ Contact cards (vCard format) β full name, multiple phone numbers, email addresses, physical address, organization β’ Email addresses with pre-composed subjects and message bodies β’ Phone numbers and pre-written SMS messages All of this data is embedded directly in the QR code pattern and can be read by anyone who scans it or decodes the image.
Risks of Online QR Generators
Many online QR code generators pose hidden privacy risks that most users never consider: β’ Your WiFi password is transmitted in plain text to their server during generation β potentially logged and accessible to their staff β’ Contact information including phone numbers, email addresses, and home addresses is sent to and logged by their servers β’ Some services inject tracking redirect URLs that route through their servers, allowing them to monitor every scan β who scanned it, when, from what location β’ QR codes generated by third-party dynamic URL services may expire or be modified later without your knowledge β’ Your usage patterns β what types of QR codes you generate β reveal potentially sensitive business and personal information β’ There is no guarantee that the data you submitted is deleted after the QR code is generated
How PrivaQR Protects Your Data
PrivaQR uses the qrcode.js JavaScript library to generate QR codes entirely in your browser using client-side computation: β’ Zero network requests during generation β all QR code creation happens locally via JavaScript, with no data sent to any server β’ WiFi passwords are encoded into the QR pattern locally and never leave your device β’ Contact details stay completely private on your device throughout the generation process β’ No tracking URLs are injected β your QR codes link directly to your intended destination without routing through any intermediary β’ Custom colors, error correction level, and output size are all processed client-side β’ Download as PNG or SVG without any server interaction
Tips for QR Code Safety
1. Never use any online QR generator for WiFi credentials β they see and potentially log your network password 2. Before scanning an unknown QR code, use a QR scanner app that shows the full decoded URL before opening it 3. Use higher error correction levels (Q or H) for QR codes that will be printed or used outdoors where physical damage is likely 4. Test your generated QR code with at least two different scanning apps before distributing it widely 5. For sensitive data encoding, always prefer a browser-based generator like PrivaQR that processes locally 6. Be very skeptical of QR codes in public places β physical QR code replacement is a documented attack technique used to redirect to phishing sites