It’s strange how technology use changes over time. Take the QR code: It has been around for more than a quarter of a century but is only now starting to become more visible in our lives. What began as a simple tool to help Japanese car makers track their inventory around their factories is now everywhere from ticketing to advertising. Soon it will be in our wallets too.
QR codes have been used as a way to initiate a payment in a store, restaurant or transit for some years now, mostly in Asia. But recently, we are seeing technology extend further around the world.
How Do QR Codes Work?
There are a few different models, but the principle is simple. In most models, the merchant presents a QR code to the consumer. The consumer snaps an image of the code on their smartphone camera and this takes them to a payment page, similar to the payment page they would see with a mobile commerce transaction.
The consumer then authenticates the transaction and a message is sent back to the merchant to confirm payment. A message is also shown on the consumer’s phone so that they can show the cashier that the payment is complete. That’s it.
Frankly, QR codes are not so difficult to use, but they are not as fast or easy to use as contactless cards or mobile wallets. But since they engage the consumer with a web-based service, they open up scope for further engagement around loyalty points, offers, etc.
What are the Different QR Code Options?
There are two main implementations and a third which is less common. Here are the pros and cons of these methods:
1. Static QR Codes
With a static QR code, every merchant has their own, fixed code. It can be displayed on a tent card on the counter or a sticker on the wall. The Static QR code is incredibly cheap and easy to deploy – in principle, if you have a flat surface, you have everything you need to accept payment. However, because the static QR code is always the same for every customer, it can’t contain information about the individual transaction. That means that it’s up to the customer to fill in the amount of the transaction themselves and show the merchant that it’s all done. That can work well if you have a coffee stall with an orderly queue, but not so well if you are selling a range of different merchandise and the counter is busy with people all trying to buy things at the same time. Imagine the chaos in a busy lunchtime deli. If the consumer makes a mistake and enters $500 instead of $5.00, working out how to manage a refund can be very complicated, especially if they don’t realize it for a couple of days. Equally, spotting the fact that a consumer entered 5 cents instead of $5 is not so easy and, as the QR code is static, once the consumer is gone there is no way for the merchant to trace the transaction back to that individual.
Worryingly, experience from overseas shows that static QR codes are also very vulnerable to fraud. It is very easy for a criminal to simply distract the cashier and swap the tent card for one of his own, with a different QR code. Often, they may set up their own company with a very similar name. The consumer thinks they are paying for their coffee, but they are paying someone entirely different and, unless they are observant, they will probably never know the difference. The merchant will only find out that they have been giving away their coffees for free all day when they come to reconcile their accounts.
2. Dynamic QR Codes, Merchant Displayed
Dynamic QR codes are uniquely created by an algorithm for every transaction, which enables them to contain extra relevant information, at minimum, the transaction value. Because each code is unique, they require a screen for display. Some merchants may use a mobile phone for this, but most will use their existing payment terminal as it is always in the right place (where the customer is completing the transaction) and has the power and convenience needed. The Dynamic QR code needs a little more infrastructure, but it is much more reliable as the consumer doesn’t have to enter any information; only to confirm payment. That means fewer mistakes and disputes and an easier, faster customer checkout. Because every code is uniquely created on a trusted device, there is much less risk of fraud.
3. Dynamic Codes, Consumer Displayed
In this model, the consumer fires up a payment application and shows a QR code to the merchant. Using a terminal with a camera built-in, the merchant can capture the code and execute a transaction with no more consumer activity required. This is a very secure option and ensures that the merchant always knows that the transaction has been completed at the point of service. It is easy for the consumer – it’s even possible to create a QR code within a standard eWallet (such as Apple Pay) and it is very flexible, allowing for all kinds of other value-added services, such as redemption of printed coupons. The downside is that it requires a terminal with a built-in scanner or camera, and in many markets, these are not widespread. That makes new schemes costly to roll out.
Like any other payment method in the market, QR codes have their pros and cons. While the static codes are cheaper to roll out, they pose a security risk. The dynamic codes – while secure, if presented by the consumer would require the merchant to purchase a reader to accept payment. Implementation of these as a payment method will all come down to the type of business you run. In my next blog post, I will discuss what are the best options for merchants when it comes to accepting QR code payments.