[ill13]

So an enterprising individual puts a QR sticker right near or over yours and does the same thing, except theirs is a scam.

- That should take all of 4-16 hours to setup the software / web side and payment processing [processors who do cannabis / adult products].

- 1 hour to run to Staples and get some laser Av3ry pre-cut stickers.

- 1 hour to replace | supplement your 'real' stickers.

[bluepnume]

Sure -- phishing is a huge problem, but it's also an argument to never build anything ever, because QR codes, sites, apps, emails, etc. can all easily be cloned and used as a phishing attack vector.

[ill13]

I'm not sure if the term "phishing" even applies here. The scam would be straight up fraudulent credit card billing -that most users wont even notice.

During the processing part, The scammers could very well just overbill the user by saying "Do you agree to $2 for parking?" and then charge the user $50. Then say a "We will hold $50 while the transaction is approved" just like a gas station.

Your service will get all the complaints and the scammer just gets the cash.

I'm not saying it's a bad idea or anything, however there are many bored smart teenagers and many hungry people with sliding ethics.

Hell, an even better scam is to copy your QR code from each unit and then bill the user for $X more as a "convenience fee" ... then auto-submit correctly to your service.

I mean, that might not even be illegal [in the sense that the customer agreed to the fee].

[klyrs]

Nope, QR codes are the easiest phishing vector. Just slap a sticker over the old one.