Ivanti, Inc., announced the results of a consumer sentiment study, which revealed that QR code usage continues to rise in popularity, with 57% of respondents claiming to have noticed an increase in QR code usage since mid-March 2020. As the need for touchless transactions increased due to COVID-19, 83% of respondents stated that they used a QR code to make a payment (or complete a financial transaction) for the first time ever. Of those respondents, over half (54%) used a QR code for a financial reason for the first time in the past three months alone.
This study is a follow up to a September 2020 report to understand how consumer attitudes and usage of QR codes has evolved over the last year. The research demonstrates that consumer QR code usage has changed from convenience in a touchless world to practicality and necessity in new realms of our lives. Early in the pandemic, restaurants were using QR codes as menus or payment options, but as the pandemic continued throughout 2020, consumers used QR codes more frequently for practical things like visiting a doctor’s office or picking up a prescription – with an increase from 9% in 2020 to 14% in 2021. Meanwhile, social activities like dining out or enjoying a drink at a bar saw QR code usage decrease in that six-month period from 44% to 36%. Even offices and places of work saw an increase in usage going from 11% to 14% emphasizing the shift in how QR codes have been used during the pandemic. Consumers also grew more comfortable with QR codes that had a financial purpose. Sixty-five percent reported noticing an increase in places where QR codes can be used for payments, and 87% feel secure using a QR code to complete a financial transaction.
Many organizations have continued to allow their employees to work remotely due to the ongoing pandemic, increasing the importance of mobile devices for employees around the world. In the new “Everywhere Workplace,” distributed employees require access to corporate apps and data from any device, whenever and wherever they work. Despite the fact that 39% of consumers are relying on their phones more due to social distancing, only 51% of respondents claimed they have security software installed their mobile devices. Couple this with the lack of awareness of what a QR code can do once scanned, and the security threat increases significantly to both the user and their organization. In fact, 31% of respondents claimed that they had scanned a QR code that did something they were not expecting or were taken to a suspicious website.
See below for stats on how users could be putting themselves and their employers at risk by scanning QR codes:
- 47% or respondents claimed to know that a QR code can open a URL.
- However, only 37% were aware that a QR code can download an application and only 22% were aware that a QR code can give away physical location.
- Two thirds of respondents felt confident that they could identify a malicious URL, but only 39% stated they could identify a malicious QR code.
- 49% stated they either do not have or don’t know if they have security installed on their mobile device.
“As a result of the pandemic, employees are using their mobile devices more than ever before to access corporate data and services from any location,” Chris Goettl, senior director of product management at Ivanti. “As QR codes continue to increase in popularity and use, they will undoubtedly be leveraged more and more by cyberattackers to infiltrate devices and steal corporate data. This report underscores how critical it is that companies of all sizes prioritize mobile security for their employees, regardless if the device is company or employee owned. Organizations should implement Mobile Threat Defense (MTD) to defend mobile users against QRLjacking, phishing attacks, and to identify mobile OS or application vulnerabilities.”
Ivanti offers a Mobile Threat Defense (MTD) solution that protects and remediates against known and unknown threats that target Android and iOS devices, including malicious QR codes. MTD provides the ideal deployment, detection, and remediation solution to defend against attacks that occur at the device, network, and application level. And there is no end user action required to deploy MTD on mobile devices that are enrolled in the Ivanti UEM client. As a result, organizations can achieve 100% user adoption without impacting productivity. Mobile Threat Defense is a critical part of a larger zero trust security strategy to assess and ensure good device hygiene.
Image licensed by: Pixabay.com