Friday, 9 November 2012

5 QR code do's and don'ts

1. Do use free tools and experiment

As well as Q-Action there are loads of free tools and apps out there, both for creating and for reading QR codes. You can download a free reader app to your smartphone, and there are web sites (including Q-Action) where you can generate free QR code images for printing. Note that QR code and 'bar' code or UPC are not the same thing. You need to experiment and test and to think about how you will maintain the codes in future - such as if your web address changes after you have posted 50,000 leaflets.

2. Don't pimp your code

QR codes can contain some redundancy (Q-Action uses the maximum 30%) and some of the shapes are for orientation and calibration. Even the white border is part of the code. If you colour the pixels or the background, or cover them with reflective plastic they may not work, or worse they may work for you in a test environment and not your user in their environment. Remember that cameras do not naturally see the same spectrum that we do.

3. Do think about size and location

If the user can hold their phone close to your QR tag then 20 mm square should be a safe minimum size. If not, then as a rule of thumb a side of the printed code should measure about one tenth of the viewing distance. Remember also that bending a QR code around a mug or similar will distort it, so you have to stretch the original image just the right amount to make it appear square. If your QR code is a web address then the user will need a mobile phone signal or wi-fi to access the web page. The classic error is to print a small code on a poster the other side of subway tracks in an underground location. QR codes are a way of going from a physical artefact to an on-line experience, so it's no good having a QR code on a web page where it would be easier to have a clickable link. See wtfqrcodes for a laugh at the expense of....others.

4. Do use re-programmable QR codes

Free cloud services like YouTube, Flickr, Google Drive, and Dropbox enable you to share editable documents on the web, but take care to use a programmable QR code (like the Q-Action 'Goto' type) because if you change the document its URL will change. You don't want to have to re-print the code each time.

5. Do think about where you are sending the user

A mobile phone has a very small screen and limited add-on functionalities such as Flash. It's no good sending the user to a page that is not designed for mobiles. Also, the way people use QR codes is a very 'here and now' medium so your page should give the user something that is relevant to where they are and what they can do at that moment in time. Sending them to your normal home page will only annoy them - it's the QR code equivalent of spam.

It's amazing how many ideas you can come up with if you just think through the fact that QR codes take you to a web page and you can update that web page. Have a go with a couple of Q-Action free pages and see what you can come up with.

Thursday, 13 September 2012

5 QR code ideas

1. Garden plant information

Put QR code labels on your plants or other natural products so that people can easily get information on what they are and what to do with them. Q-Action is so cheap (£45 a year buys you 1,000 codes) that any garden centre or hobbyist can afford to have QR codes for each variety.

2. Window shopping (with buying)

When you are closed, or if you have displays away from your premises, you can still be selling if your 'window shoppers' can switch to the web and hit a 'buy now' button.

3. Remotely updatable 'Special Offer' posters and menus

If you have offers that change over time you simply make the printed poster a generic 'Offer of the week' or 'Today's specials' and change the contents of the Q-Action page that the QR code points to. Price lists that change are an ideal application.

4. Electronic instructions for use

A printed QR code on a product can provide a way for anyone with a smart phone to identify it and get up to date information, such as instructions for use, warranty and service information, product recall alerts, and
information on accessories and re-ordering. All this can be updated centrally, keeping you in touch with your customers and even subsequent owners.

5. Everlasting membership and loyalty cards

The user's details can be kept on a Q-Action page that only you can access, while the member's card can be scanned by themselves, or by your staff, to check their renewal date or privileges. Such cards can provide a degree of security as user's can't access the information themselves.

Wednesday, 27 June 2012

Iron Age QR codes?

At Burrough Hill Iron Age hill fort in Leicestershire we are for the next few weeks providing Q-Point based heritage interpretation during the third season of a major five-year archaeological excavation. We have installed five QR tags in places where previous trenches are now covered up, so that visitors can have the ground re-opened up again for the on their mobile phone. We are testing the principles and analysing the usage, as we believe that there is potential in such sites for the steady stream of day-to-day visitors to get much more out of their visits. There is a big open event this coming Sunday, 1st July where we will have a stand.

The UK is also currently building up to the Festival of Archaeology which runs from 14th - 29th July and features guided tours of the Burrough Hill excavations on the 14th, which is also the last day of these excavations. So budding archaeologists and armchair Time Team fans should install a QR code reader on their phone and hot foot it to Burrough Hill on one of these dates.

Monday, 21 May 2012

Q-Action cards as a secure access system

Here’s how Q-Action QR codes can be used to create a simple but robust photo-pass access security system for buildings and events, at almost no cost and without special equipment or infrastructure.

The security problem

I once interviewed a security chief at a major airport who, rather alarmingly, told me that his tests had shown that you could walk past one of their security guards with the photo security pass of someone radically different to you and yet still have an 80% chance of not being challenged as, even putting sloppiness and fatigue aside, it was difficult for humans to match photographs to people. Technologies such as biometrics have been hyped as solutions, but are costly and have so far failed to work reliably; as demonstrated by the recent abandonment of iris scanning at UK passport control. Technological solutions to security seem to come at a cost and to involve dedicated equipment, with little by way of fall-back if it fails.

As with any security system the effort and complexity of what you build using Q-Action depends on the nature of the risk and the degree of threat, but you can easily lock this system down to a greater or lesser degree according to your resources and your own balance of security and convenience. You can also change that balance quickly in response to perceived threats.

Really Simple Security

For a low-level security system without requiring equipment or infrastructure beyond a smartphone, you create a standard Q-Action membership or similar card type, ideally  with a photo of the owner. You could even put the photos on a shared space where they can be maintained by the card owner as they get older, grow beards, change their hair, or wear glasses. You can produce printed cards with the photo images and the QR code like standard security passes.

The QR code on the cards are scanned by security personnel with a any PC/laptop/tablet or a mobile phone. Even at this level it already represents an increased level of security as the photo that appears on the card and the photo on file that appears on scanning the QR code should be identical. This should already be much more positive and reliable than asking a person to compare a poor passport-booth photo with a real face walking by (which you will still have present as a check that this is the holder).

If you have a high peak traffic flow and want to avoid hold ups you could let the individuals scan their own cards and simply show their phones and matching cards to security. Both are possible to fake, but it is a lot of trouble.

Really Serious Security

Now comes the clever bit. The trick is to create one or more ‘security images’ that can be uploaded to a fixed URL that only you have access to. You put this single URL in all of your cards in the ‘background image’ field. This means that the current background will be rendered from all cards as they are scanned. As this is repetitive, any change in the regular background will be immediately apparent to security personnel.

You can change the background of the cards according to days of the week, time of day, or even individually per user according to their access level. As no user has access to the image, which could be complex, or could be unique and frequently changing, it would be difficult in the extreme to anticipate or replicate the correct security image.

If you are really prepared to go to town and have a Local Area Network and/or Wi-Fi, you could put the image on an internal server and restrict access by IP or MAC address, as well as restricting access of the scanning device to the known image source. This ensures that the security image is only delivered to a known device, and that the scanning device can only access the security image from a known source. This should be within the capabilities of most local set-ups using only the standard user access control features. Add WPA or similar encryption and you have a system that is about as locked down as it can be.

Lost stolen and abused

Q-Action cards reported as lost or stolen can have the message or the photo changed by the administrator to give a highly visible warning to security upon scanning. The background image URL can also be removed or changed to an alert one. Any subsequent scanning can also be noted from the web analytics audit trail. Cards can thus be rendered ineffective and a liability.

Regular system abusers, or personnel known to be high-risk, or in some other way special, such as visitors or contractors, can be flagged with a message or a different background image that causes security to give them appropriate attention.

No photo (or other data apart from the QR code) on the physical cards in an internally locked-down system (security image served from an internal server not available on the Internet) means that anyone gaining possession of a valid card and trying to use it, or to doctor it, has no idea what the complete scanned result should look like.

Multi-factor security

There are a number of factors that make it difficult to circumvent a Q-Action access system, but the fundamental strength is that you can centrally control, and easily change as frequently as you like, the data, the photo, and the background security image that attests to its validity.

Other factors are:
  • Physical photo and stored photo (or other image) are an exact match, which is easy and quick for a human to assess
  • Q-Action URLs are randomly generated so are not able to be guessed
  • The first part of the URL shown after scanning should be the Q-Action one, otherwise it is a fake and this can be captured in a closed local network
  • Q-Action QR codes are hard to spoof as all look very similar whereas another URL would produce a different pattern
  • Access to the security image can be highly restricted in a local area network
  • Using web page analytics means that an audit trail can be created

Monday, 30 April 2012

Geocaching with QR codes

There just has to be a new angle on geocaching using QR codes. One user has suggested that instead of leaving 'treasure' articles in containers there could be a QR tag from which you are able to access some form of on-line 'treasure'. Maybe we could make a Q-Action page where people can sign in, instead of a physical log book that is subject to vandalism and the elements. The hunt is on.

Tuesday, 24 April 2012

QR codes for estate agents

Estate Agents have long been pioneers of QR codes as they enable window cards and house sign boards to be 'captured' by passing 'punters' on their mobile phones. We now have the ability to add an image to Q-Action cards, which makes them suitable in their native form for quick and dirty particulars about a property, along with a kerbside picture.

If something more sophisticated is required then using the 'Goto' card you can store a word or pdf document behind a QR code. This trick involves using a cloud storage such as Google Docs, making a document shared as 'public' and pointing the Goto Card at its URL.

The real beauty of Q-Action is that you could mix both types of particulars and even switch between them as the Action Card URL, and therefore the QR code image, remains the same.

Internal inspection is strongly advised, so if you are an Estate Agent go to and get a free account to try.

Example Action Card

Example nbsp;document

Monday, 27 February 2012

QR codes for charity shop tags

What a brilliant idea in today's BBC news item, to create QR codes tags that reveal the story behind objects given to charity shops. Q-Action would be a very cheap way of doing this as each object could have its own web page, or even mini-web site, and the pages and tags could be created by the assistants in the shops using any mobile phone.

See the article:

See a Q-Action sample at:

Friday, 3 February 2012

Document updating

A friend who is in public sector property management saw Q-Action the other day and remarked that you could use the codes on documents that change their details over time.

He explained that many legal documents, such as leases, are in many copies in many hands. As there are rent reviews and other minor changes during the life of a lease it is a pain to keep everything up to date and to read the entire document just to get the latest summary information from among the legalese.

He thought that if you put a Q-Action QR code on each one it could point to a page that has the latest information - so everyone has access to it through their copy of the document. You could even change details via your mobile while you are on site so you save yourself the duplicated effort of noting them down and uploading them later.

I'm intrigued, but wonder what the practical and especially legal implications are. Anyone know?

Wednesday, 25 January 2012

Three Good Practice Rules of QR Codes

At the moment scanning a QR code is a bit like a lucky dip. Occasionally you get a prize, but usually you get an unreadable landing page. At least it is unreadable on a smartphone, and as most people scan QR codes from a smartphone taking the scanner to a page that cannot be read is, well, just plain silly. However, when the user gets home, in this cloud connected world, they might use a tablet PC or a desktop to revisit your landing page.

I cannot resist scanning QR codes and have collected a fair few examples of codes that amuse me for all the wrong reasons. However,  I have started to wonder how much money is now being wasted by companies persuaded that QR codes are the next big thing. Interactions with customers should be handled thoughtfully whether they are in person, in writing, and on-line.  The QR code is just another link in the process, and if you can't be bothered to make sure the customer can read it then consider what sort of message you are sending about you, and your business.

Designing web pages for a wide range of platforms, browsers and screen sizes is not easy but it can be done. For a working example look at the q-action pages . To date we have focussed on meeting W3C standards and using a fluid layout that works on everything we have tested it on. The content is completely independent of style so we know that we have many options to change the page style in the future.  So our first QR code good practice rule is:
Always design your QR code landing pages so they can be viewed on any device, with any screen size using any web browser.
The next issue is one of security. There are already reports in the press of QR codes being used to take users to "toxic" sites that are used for phishing or malware attacks. This type of problem is only going to get worse,  so in anticipation q-action already has some built in protection. Q-action cards always link to a secure https: location rather than a http: location. Some QR code scanners can already be set to only re-direct to such sites. https: does not guarantee security, but it is a very good step in the right direction. The q-action app also uses the Google Safe Browsing API to minimise the chance that any q-action page will link to a toxic site. So our second QR code good practice rule is:
Ensure that users have confidence in using QR codes by only linking to safe and secure locations that will not cause harm or offence.
Now consider timeliness.  Your printed QR code will last much, much longer than: your advertising campaign; your role in your company; your event; and probably anything else you link to with it. So what happens next? Our third QR code good practice rule is:
Make sure the QR code has longevity beyond its short term use by updating its message or ultimate landing page.
Finally you are ready to follow all the rest of the good advice that is out there including: location, message, and content. If you are having trouble meeting these good practice guidelines then consider using q-action as your QR code hosting service.

Monday, 23 January 2012

Up-to-the-minute rota and event lists

A clever wheeze with Q-Action cards is to use the 'Goto' card to point to a document on the web that you can easily update. This means that you can have sophisticated lists, tables, images, etc. and use Q-Action as the interface to them so that the QR code never changes, even if you change the document or replace it - for example with a new rota.

There are cloud services where you can put documents and make them public - such as Google Docs. You can also delegate and share the task of updating by assigning editing rights to specific individuals.

Here are some examples I baked earlier:

A simple rota (QR code posted on a wall or sent by email)

An event programme that is up-datable (QR code printed on the paper programme or ticket)

Monday, 16 January 2012

Getting Q-Action into Print

Getting a q-action qr-code into print is easy - <right-click> over the image and <copy image> then paste into your favorite word processor or image editing program then print.

But what if you want the image to be bigger? If you simply stretch the qr-code it will probably look horrible when printed. This is because the codes as they appear on the screen are only 150 x 150 pixels and the software has stretched the image using rules that wirk for photographs, but are not so good for graphics.

We did think of adding some buttons to allow you to download the image in some larger sizes before we realised that there is an easy way to scale the image to any size you need.

  • Paste the qr-code into gimp. (Our favorite free, open source image editor).
  • Select image > scale image.
  • Set interpolation to none. Interpolation sets the rules used to scale the image.
  • Set the dpi. 
    • For viewing on screen use 72 dpi. 
    • For ordinary colour printing use 150dpi.
    • For high resolution printing use 600 dpi.
    • If you are a professional printer you will probably smugly say you use 1200 dpi or higher.
  • Set the image to the size you want. Happily you can mix imperial and metric units here, but you will want to keep the width and height equal.
  • Click scale.
  • Save the image as a TIFF, PNG or other "non lossy" format otherwise it will look fuzzy.
  • Print and enjoy.

Wednesday, 11 January 2012

Decorating Q-Action Codes

Purists are quick to point out that the standard for QR codes specifies that they should be black and white with a border. The artistically inclined are equally quick to point out that this makes QR codes visually very boring and wouldn't it be nice if they were decorated in some way.

Fortunately many QR code readers are very tolerant of colour variations and the codes themselves incorporate a certain amount of tolerance to error in print quality. This means that it is possible to tweak a codes visually as long as you are sure that it is not going to be used on something that is mission critical.  So if your code is going to be used on a manned mission to Mars stick to the black and white version.

Using any image as a base the following method should give you a reasonable result:

  1. Load your image into the GIMP image editing program.
  2. Grab a copy of the QR-Code image by using right-click over the image on the view page of your q-action account.
  3. Back to Gimp and paste as a new layer.
  4. Scale the layer making sure interpolation is set to none. The code will get unhelpfully distorted if you use any other setting.
  5. Add a layer mask using image greyscale option.
  6. Adjust brightness and contrast until the result looks OK.
  7. Crop and save the image.
I reset this q-action code to point to the you-tube video of how it was made using these instructions.

And this is the video:

Tuesday, 3 January 2012

QR Luggage labels for round the world trip

Luggage labels are useful if (when) your bags go astray. I've several times had them lost by airlines and once wrongly collected from the carousel by someone else. They will usually forward them on to you, but it may involve some complex logistics. There is a joke that the world's most travelled person was beaten into second place by their luggage.

If you are on a long trip you are supposed to affix a label with your next destination address. Here's a modern day wrinkle using Q-Action.

Start a 'Business Card' or 'Blank page' Q-Action type and then make a really tough laminated QR code tag that you can fasten to your bag. It could also have your mobile phone number in plain text and some instructions to scan the code for lost luggage forwarding address.

If you are the super-organised type and know in advance where you are going to stay then you can simply put the list of dates and addresses on a 'blank' page type. If not, or if something unexpected happens to you then as you travel the world you simply update your page with the next forwarding address details: either on-line from your mobile, or from a cyber-cafe.

Have a good trip.