←back to thread

Bring back menus, QR codes are terrible

(slate.com)
527 points lxm | 6 comments | 29 Jun 21 03:25 UTC | HN request time: 0.951s | source | bottom
Show context
teeray ◴[29 Jun 21 04:16 UTC] No.27671705[source]
The worst aspect of QR codes as menu replacements is that they are a huge security risk. Who’s to say that QR code is legit? You can’t tell from looking at it. The trouble is compounded by the common practice of restaurants using some third-party service hosted off-site. The domain is no longer a trust signal either. It’s only a matter of time before someone starts snarfing information or credit card numbers this way (scan here to pay your bill).
replies(6): >>27671761 #>>27671766 #>>27671817 #>>27672243 #>>27672766 #>>27675991 #
1. Karrot_Kream ◴[29 Jun 21 04:27 UTC] No.27671761[source]
Most of the places I've been to just put their menu on a website linked through QR code, but still take orders and payment through staff. I've been to one place that doesn't do this but only one.
replies(1): >>27671877 #
2. bootlooped ◴[29 Jun 21 04:47 UTC] No.27671877[source]
But if a malicious QR code led to a website that asked diners to pay for their meal at the point that they ordered it, how many of them would?
replies(1): >>27672006 #
3. Dylan16807 ◴[29 Jun 21 05:05 UTC] No.27672006[source]
Setting up a scam payment processing account for that doesn't seem worth the effort when it's going to be reported for fraud basically immediately.
replies(3): >>27672052 #>>27672779 #>>27681636 #
4. kebman ◴[29 Jun 21 05:13 UTC] No.27672052{3}[source]
You'd be surprised.
5. bigiain ◴[29 Jun 21 07:07 UTC] No.27672779{3}[source]
"To pay for your 1 x Cheeseburger add egg, please purchase a $10 iTunes gift card and enter the code here: [_______________]"
6. bootlooped ◴[29 Jun 21 20:58 UTC] No.27681636{3}[source]
I think you could set up something clever where the QR code redirected to the correct menu 95% of the time, and maybe it didn't charge the credit card initially, and that would last longer than if you had charged something immediately 100% of the time. However, I think your point still stands that it's not worth the trouble and it doesn't scale well.