QR-Style Codes Could Replace Barcodes 'Within Two Years' (theguardian.com)
- Reference: 0175801659
- News link: https://tech.slashdot.org/story/24/12/30/2219222/qr-style-codes-could-replace-barcodes-within-two-years
- Source link: https://www.theguardian.com/technology/2024/dec/30/barcodes-could-be-superseded-by-a-more-powerful-alternative-by-the-end-of-2027
> Tesco has started using them on some products, and other trials have suggested that waste of perishable food such as poultry can be cut by embedding sell-by dates in the new QR-style codes, allowing for more dynamic discounting. QR (quick response) codes will allow customers to instantly access more information about the product, including how to recycle batteries, clothes and building materials when tougher environmental regulations bite. But they will also put a greater demand on the world's cloud computing resources, where the extra data they contain will be stored -- meaning a potentially greater carbon footprint.
>
> The first barcode was read in an Ohio supermarket in June 1974 when a packet of Juicy Fruit chewing gum was rung up. It was devised by Joe Woodland, an inventor who had been implored by a retailer frustrated at losing profits, to speed up checkout queues and stocktaking. Coca-Cola has used the new generation of codes in parts of Latin America for refillable bottles, with the QR code allowing the counting of refills so that a requirement of 25 before recycling can be enforced. The Australian supermarket chain Woolworths is said to have reduced food waste by up to 40% in some areas, as the codes allow stores to better spot products approaching expiry and discount more efficiently.
"We've defined an ambition that by the end of 2027 all retailers in the world will be able to read those next-generation barcodes," said Renaud de Barbuat, the president and chief executive of GS1. "We think it's doable ... It represents some investment on the part of retailers to adapt their point-of-sale systems, but it's already well under way."
Anne Godfrey, the chief executive of GS1 UK, said: "This has been in the works for some time, but Covid really accelerated it. During the pandemic, everyone got used to pointing their phones at QR codes in pubs and restaurants to access the menu."
[1] https://www.theguardian.com/technology/2024/dec/30/barcodes-could-be-superseded-by-a-more-powerful-alternative-by-the-end-of-2027
I could be Emperor of Earth in Two Years (Score:2)
Low odds, but not impossible.
'Could' lets you write a lot of nonsense without getting called out for it.
This is not about UPC or generic "bar" codes (Score:2)
This is about GS codes, which are specialty barcodes used mostly by manufacturers for product identification. They are basically Code 39 barcodes with special tags that can be embedded to identify product information fields which are used for shipping, receiving, and other commercial purposes. They are meant to be printed on the bulk packages which are shipped between manufacturers and retailers. On consumer products you sometimes see them printed as a thin little strip, often without human readable capt
Re: (Score:2)
This still doesn't make any sense. 1D barcodes are almost always more robust and easier to scan. 2D barcodes, be it DataMatrix or QR, are only better if the information density matters.
Re: (Score:2)
It is about information density. I've seen real life GS codes that were over 10 cm long, at the maximum dot pitch of a thermal label printer. At that point they are easily damaged and hard to read. But the whole revision is about adding new fields with even more data and you have to put that data somewhere.
At least this is GS1 and not some idiot (Score:2)
They've been advocating for the use of advanced barcodes for years, as well as getting every business on the planet to get their own company prefix that allows for issuing all sorts of globally distinct identifiers. Unless it has changed in recent years, the big problem is that you just had to trust that the barcode wasn't modified. It's bad enough where there's a simple numeric key being passed from scanner to host, but GS1 sort of thinks you should toss in a whole bunch of things like the expiration date
Re: (Score:3)
Well, I can think of a number of options:
1. With the date code and regular scan-ins, the computer could know the expiration date of all the stock currently in the store. IE time to have an employee go through and pull older stock, mark it for discount, that sort of thing. Automatically trigger an action if a customer tries to buy expired goods. Etc...
2. For some items, you could embed the item's serial number into the barcode, so when sold it is automatically associated with the sale. So if they try t
Re: (Score:2)
GS1, as well intentioned as they are, really just want to have an excuse to sell you a larger company prefix. That's how they make their money.
Most of this has been possible for decades now. Point of sale systems were pretty great back in the 90s.
NO technology gets adopted THAT quickly (Score:2)
We already see lots of QR codes, such as on airline boarding passes. So they are being adopted already. But it's a lot bigger deal to replace them on every product sold by stores. Somebody has to devise the processes and the software to produce these "information-rich" codes. The cost of implementation will be a lot higher than the cost of new equipment, which itself will be significant.
Re: (Score:2)
Yeah.. figures. The real cost behind implementing them would likely be the change in business process. For that extra information to get added to products: the business has to change so that someone types that extra information in, and some kind of system stores that extra data and incorporates it into codes that get stamped onto products.
The Use-by date stamper is likely just a part of a packaging machine at a factory that someone configures in the morning To ink every box with the same date before
Re: (Score:2)
The airline boarding passes I know are not using QR codes but Aztec codes.
Re: (Score:2)
Aztec is more popular the US and Europe, QR is still more popular in Asia. They're really both about as good as the other all things considered, though Aztec is slightly more robust. They're also more aesthetically pleasing than Data Matrix. Well, there's enough legacy crap in the US you're probably going to see PDF417 everywhere.
Say what? (Score:2)
have suggested that waste of perishable food such as poultry can be cut by embedding sell-by dates in the new QR-style codes
You mean all those sell-by dates printed on packages of chicken are wrong?
Re: (Score:2)
It means it does not pass the cashier if it's beyond the date (say they forgot to remove fresh products from yesterday). It gets detected by the registering machine and it refuses the sale. My local shop implemented this with normal barcodes (once I picked up a soup and it refused sale at the cashier due to expiry coded into the barcode).
I guess it can be implemented with any sort of barcoding method that can be printed by an industrial dot matrix printer. One usually implements with today's standards, so i
Exploits (Score:2)
The sheer magnitude of possible exploits this could generate is staggering.
Barcodes don't have the ability to hijack a consumer's browser. I bet a buffer overflow exploit on simple scanners is already prepped and ready to roll.
Re: (Score:2)
Can phone browsers/OS be set to display the decoded QR URL and present an "Accept/Deny" prompt box?
Purely theoretical question, as my phone doesn't read QRs or open web pages.
Re: (Score:2)
Ever QR code reader I've seen does exactly that by default. But why would the consumer being reading QR codes on product packaging to begin with?
Re: (Score:1)
Because in the future the QR code will provide info on allergens, more details on ingredients, and more details on nutritional values. All things aimed at the consumer
Re: (Score:3)
So rather than have them plainly visible on a package like they are now, they should be in a machine-readable-only QR code? To shop for safe food you have to constantly scan things with your phone? How does that benefit the customer?
Re: (Score:2)
Why do you assume the QR code will replace the printed ingredients? Adding a machine-readable list of ingredients/allergens, storage instructions, batch/lot number etc. could be quite useful.
Re: (Score:2)
All of which is currently printed on the packing, which doesn't require a phone to read.
Re: Exploits (Score:2)
It's printed too small for me to read due to an uncorrectable vision problem. I already need to use my phone to read it, as a magnifier. This is extra work, and most of the time, I don't bother.
Re: (Score:2)
My phone certain requires interaction before it will blindly open a scanned URL. And in fact the QR could just be plain text.
Honestly though I don't see the advantage to consumer. There are already sell-by dates on price tags. Instructions are already on packaging. People still don't know what to do about food post it's sell-by. Do they really think people are going to whip out their phones to get information from a QR code when they currently can't even be bothered to read the packaging?
Different people (Score:2)
There are some people who will certainly scan the QR code for more information, even as there are people who will ignore stuff written right on the packaging in big letters.
Most things these days don't have price tags, especially in grocery stores. But QR code price labels could encode the expiration date into it so that the low level employee could scan the items to identify which items to pull, which to mark down, and the store could even advertise that "expires tomorrow" items are discounted, without ne
Re: (Score:2)
Lets not forget the large numbers game here.
Phone sees QR code.
Phone dedicates a section of the screen to going to the URL.
There are now a thousand QR codes in the store.
X% of these clicks are the legitimate intentions of the phones owner.
Y% are the result of fat fingers and accidental swipes.
Smartphones aggressively look for shit like QR codes, faces, and even ears.
They probably shouldnt.
Re: (Score:2)
Android apps pop up with all the details, and ask you if you want to proceed
[1]https://f-droid.org/en/package... [f-droid.org]
[1] https://f-droid.org/en/packages/com.secuso.privacyFriendlyCodeScanner/
Re:Exploits (Score:4, Informative)
There isn't any kind of hijack you can do with a QR code that can't be done with a UPC. It's just another machine readable code.
You can't hijack someone's phone with it unless they scan it with their phone. Why would the consumer do that? If the consumer is looking for info on a product, they're going to use the one on the sign in front of it, not the one on the package, because they won't be the same . (And every QR code app I've ever seen on a phone will read UPCs, too, and automatically do a search for them on your favorite search engine.)
The cash register won't care if it's a malicious code, it will just just read as "item not found" because it's looking it up on its own database, not on the internet.
Yeah, you could print stickers for QR codes for cheap items and put them on expensive items, but you can - and people do - do that now with UPCs.
Advertising weasels may have big dreams of all the ways they can make money off this, but retailers won't give a damn. Any POS barcode scanner bought in the last ten years (at least) will read either UPCs or QR codes (and a lot of other stuff, too), so there's no hardware updates needed. And no point in updating the software, which will just take the scanned value and translate it into a SKU. That's how QR codes as UPCs will actually be used, no matter what pipe dreams the weasels imagine.
At most, it'll be used as a serial number, which stores have have need of already have built in, and stuff like expiration dates will be attached to the serial number in the POS database, where you can have as much data as you want, and manipulate it in a million more useful ways than running around the store scanning every item (because you can't read QR codes by eye, unlike expiration dates printed on the label).
Just not seeing the value in it, since it doesn't do anything that isn't already being done by existing technology, and often done better.
Re: (Score:2)
Aren't these still barcodes? A standard UPC barcode is apparently 34 bits. A standard QR code can apparently hold 4k.
It'd take some really bad programming to get a buffer overflow out of a QR code, as you still need to have interpretation to figure out what the string is supposed to be.
Re: (Score:2)
The 2D version of a barcode.
Re: (Score:3)
I bet a buffer overflow exploit on simple scanners is already prepped
I am skeptical. QR codes have a predefined number of bits that can be encoded, and the simple scanners probably just fixed their buffers at the max number of bytes or digits that can be embedded in a QR.
The real exploit is going to be embedding a malicious link in the QR, so when a customer scans it they're prompted to browse to a "legit-looking" URL which turns out to redirect to a malicious page. Upon visiting the malicious URL on t
Re: (Score:2)
Enter info now and get an instantly redeemable coupon code for the amazing product that you just scanned.
Re: (Score:2)
Indeed. But why go to all the trouble of a buffer overflow in the scanner? Simply send people to websites that attack them, lie to them or scam them. Combine this with, say, a zero0interaction browser vulnerability and you are golden. It is already being done and the attack mechanism is dead-simple: Put a sticker with the attack code over the real code. Has been employed on parking meters, info-posters, etc. in the wild for a few years now. Protection for the average consumer: Do not ever scan a QR code tha