QR SAFETY

the main page for the web app where you can upload or scan directly
the result from the app
the result from the qr code extension
the qr code in the dev extension comet tool

Inspiration

QR codes are everywhere today—payments, login systems, tickets—but most people scan them without thinking about security. I was inspired by how easy it is to hide malicious links inside QR codes and how there is almost no protection for users while browsing. I wanted to build something practical that improves everyday digital safety.

What it does

QR SAFETY is an intelligent system that detects and analyzes QR codes directly from web pages. It automatically scans different elements like images, videos, and dynamic content, decodes the QR data, and evaluates it using a risk scoring engine. The system classifies the content, identifies potential threats such as phishing or malicious links, and provides clear explanations so users can make safe decisions.

How we built it

The project was built as a Chrome/Edge extension along with a mobile-friendly web app. We used JavaScript and the jsQR library for decoding, and designed a modular architecture with components like:

QR decoder for preprocessing and scanning
Analyzer for content classification
Risk engine for scoring and explanations
UI module for displaying results

We also implemented a rule-based system combined with an optional AI adapter to enhance classification and risk analysis.

Challenges we ran into

One of the biggest challenges was handling QR detection across different web elements like canvas, SVG, and dynamically loaded content. Ensuring accurate decoding in different conditions required multiple preprocessing strategies.

Another challenge was designing a reliable risk scoring system that balances accuracy and explainability. We also had to deal with browser limitations in extensions, especially around performance and module loading.

Accomplishments that we're proud of

We are proud of building a complete, production-style system rather than just a prototype. The project includes:

Real-time QR detection across multiple sources
A structured risk scoring engine with clear explanations
A clean and user-friendly interface
A shared architecture between extension and web app

Most importantly, it solves a real-world problem in a practical way.

What we learned

We learned a lot about browser extension architecture, DOM handling, and performance optimization. We also gained experience in designing security-focused systems, especially how to detect patterns like phishing and suspicious URLs.

Another key learning was how to structure a modular and scalable system that can be extended with AI in the future.

What's next for QR SAFETY

We plan to improve the system by integrating real threat intelligence APIs and more advanced AI models for better detection. Future updates will include: