URL-class threat scanners cover only one of 25 payload categories that a QR code can carry. Every other category has its own attack surface, its own format, and its own analyzer. Here's the full list — what each one catches, what each one cannot.
Each card is a separate analyzer in functions/lib/analyzers/. The verdict that hits your screen aggregates the parent payload plus any sub-payloads (a vCard's TEL, EMAIL, URL fields each get their own pass), with max-severity rolling up.
Trace every hop. Detect Bitly, Linktree, TinyURL, branded shortener chains. Identify the indirection-service operator at each hop. Surface the parties who can change the destination after print. Homograph + typosquat against a brand list. Suspicious-TLD flagging. Safe Browsing + URLhaus reputation.
Parse WIFI:T:WPA;S:…;P:…;;. SSID normalized against a high-mimicry-target list (Starbucks WiFi, airport free WiFi, hotel chains) with confusables decoding. Open / weak-WEP / hidden-network flags. Embedded-URL extraction from SSID and password fields.
Detect CRLF injection and BEGIN-block smuggling. Homograph FN / ORG against brand list. URL, TEL, EMAIL sub-fields each recursively analyzed by their own analyzer. NOTE-field URL extraction. PHOTO MIME-allowlist enforcement.
Match against US 900/976, UK premium-rate prefixes, IRSF country codes (Inmarsat, Globalstar, satellite ranges). SMS body URL and credential-phrase extraction. SMSTO recipient + body normalization.
Display name vs. brand list with confusables. Mail-domain reputation. Subject + body URL extraction and credential-phrase detection. MATMSG legacy format parsed and normalized.
Target package matched against allowlist + blocklist (MMRat, banking-trojan packages). Typosquat-package detection. Browser fallback URL recursively analyzed. Suspicious action flags (android.intent.action.VIEW on private deep links).
Per-chain address format + checksum validation (BTC P2PKH/P2SH/Bech32, ETH EIP-55, SOL, LTC, XMR, DOGE, TRX, XRP, ADA). EVM function-selector detection in the data= param: approve, setApprovalForAll, permit, drainer signatures from a maintained list. Chainabuse reputation. Lightning invoice parsing.
Resolve IPFS CIDs through a public gateway with a bounded byte + time budget. Flag IPNS as mutable (the namespace owner can change the target). Magnet infohash + display-name analysis. WebSeed URL extraction.
VEVENT sub-field URL extraction (LOCATION, DESCRIPTION, URL). ATTENDEE / ORGANIZER dispatched to the mail analyzer. Far-future-date flag for meeting-spam patterns. Recurring-event probe.
Latitude / longitude parsing with sanity bounds. Altitude + uncertainty parameter surfacing. SSRF guard on any embedded q= URL (which some clients use to open Maps with a custom destination).
MIME-allowlist enforcement (image/* + text/plain only). Base64 decode + magic-byte check for MZ, ELF, shebang, PDF, ZIP. Hard-block on match with a "do not open" affordance.
javascript:, file:, ftp:, gopher:, plus per-OS dangerous schemes — no network egress, immediate block with a "do not proceed" UI affordance and copy explaining why each scheme is dangerous as a QR target.
Detect Ignore previous instructions-class patterns aimed at downstream LLM agents. Match leaked Stripe / AWS / GitHub / JWT / PEM / SSH secrets without echoing them. Mixed-script density flag.
Parse the IANA-registered BLUETOOTH: URI scheme + Bluetooth-SIG Broadcast Audio URI v1.0 format. Identify Auracast™ LE Audio broadcasts by service UUID 184F, surface the broadcast name (base64-decoded) and encryption state. Unknown service UUIDs flagged as unverifiable. Reference: Bluetooth SIG BAU v1.0.
Decode MT: base-38 packed-binary payloads. Extract version, vendor ID, product ID, commissioning flow, discovery capabilities, discriminator. Match vendor ID against a known-manufacturer list (Apple, Google, Amazon, SmartThings, Hue, Aqara, Eve, Tuya). Surface "this enrolls a device into your home network" framing so a swapped sticker can't quietly join an attacker fabric.
Parse EMVCo MPM / CPM TLV payloads (SGQR, PromptPay, PayNow, DuitNow, UPI variants, QRIS, Pix). Validate the CRC-16/CCITT-FALSE checksum — corruption or alteration breaks it. Surface merchant name, city, country, currency, amount, and static-vs-dynamic mode so the user can sanity-check against the storefront. Catches the sticker-swap attack — the highest-volume QR-fraud class globally.
Detect raw [Interface] + PrivateKey INI payloads. Surface the Peer Endpoint hostname and AllowedIPs. Flag full-tunnel (0.0.0.0/0) configs that would route every byte through an unknown server — passive MITM signal. Warn loudly that the QR contains the user's PrivateKey and must not be photographed by anyone else.
Decode shc:/ numeric-encoded JWS. Surface issuer, signature algorithm, signature presence. Flag unsigned cards or non-ES256 signatures (the SHC spec mandates ES256). Never echo the PII (name, date of birth, medical history) back to the user — only metadata. Reference: Smart Health Cards Framework.
Recognize URLs pointing at known QR-login endpoints: WhatsApp Web, Telegram, Signal, Microsoft 365, Google, GitHub, AWS, Steam Guard, Discord, Slack, Apple ID. Surface the "this grants whoever generated the QR access to your account" framing so the social-engineering pattern can't slip past a technically-clean URL.
Parse GSMA SGP.22 activation codes LPA:1$<SM-DP+>$<AC>[$<CC>]. Verify SM-DP+ FQDN against a known-operator allowlist (Airalo, Saily, Google Fi, Truphone, GSMA test, etc.). Flag confirmation-code-less codes that auto-install without user prompt. Hard-warn that an installed eSIM profile can intercept SMS traffic — including SMS-based 2FA codes. Reference: GSMA Remote SIM Provisioning.
Parse ERC-1328 dApp ↔ wallet pairing URIs wc:<topic>@<v>?symKey=…&relay-protocol=…. Flag v1 (deprecated, weaker session security), expired URIs (expiryTimestamp < now), and missing symmetric-key parameters. Companion to crypto-address detection on the pairing-handshake surface. Reference: ERC-1328.
Detect FIDO: cross-device passkey sign-in QRs (FIDO CTAP 2.2 hybrid transport). Protocol-level version of QR-login phishing — works for ANY service that adopts passkeys, not just the named URL-based ones. Always surfaces a hard "scanning completes a sign-in someone else started" warning. Reference: FIDO CTAP 2.2 hybrid.
Detect IATA Resolution 792 boarding-pass barcodes. Privacy surface — the QR encodes the passenger's full name, PNR booking reference, flight + seat + check-in sequence, and frequent-flyer number. We deliberately do NOT extract or echo the PII; we surface "do not share this image publicly" alongside the structural metadata. Reference: IATA Resolution 792.
Parse the Wi-Fi Alliance DPP URI scheme (the WPS replacement, ramping in 2025–2026 routers). Extract version, MAC, channel list, bootstrap-key fingerprint. Flag missing bootstrap key. Verify with the network owner before scanning — DPP commits your device to whichever AP issued the QR. Reference: Wi-Fi Easy Connect.
Detect ISO/IEC 18013-7 mDL device-engagement QRs — used by US state DMVs (CA, AZ, CO, GA, MD, NY) and iOS / Android wallets to share digital identity attributes with verifiers. Detect-only: we surface "review who is asking before presenting your ID" without parsing the CBOR engagement structure (that's the wallet's job). Reference: ISO/IEC 18013-7.
Parse bech32-encoded Nostr identifiers: npub1 / nprofile1 / note1 / nevent1 / naddr1 (all safe to share). Hard-block nsec1 — a Nostr private key in a QR means the holder's identity has been captured. Surface ncryptsec1 (encrypted private key) as sensitive. Reference: NIP-19.
"https://aqr.net/demo-walmart → walmart.com — clean ✓"
True at this exact moment. But the QR sticker on a parking meter routes through a shortener first. Whoever owns the shortcode account can change the destination at any time. Print a clean QR today, swap the target to a phishing page in 30 seconds tomorrow — every subsequent scan from the same physical sticker now lands on phishing.
"Dynamic-single via a shortener service. The account holder controls the destination after print. Currently routes to walmart.com (clean)."
Two independent verdict fields. Threat is about now; mutability is about who can change it later. Both matter when the QR is on a printed surface that you can't un-print.
Tier 3 watch list — emerging standards we're tracking. Full cross-product roadmap in siteops/docs/QR-PAYLOAD-TYPES-ROADMAP.md.
EU digital identity wallet QRs, finalizing 2024–2026. Cross-border identity presentation. Track until the format stabilizes, then add as a sibling to the mDL analyzer.
Structured product-identification URLs (https://example.com/01/<gtin>/21/<serial>). EU Digital Product Passport mandate starts 2026 — every consumer good will carry one. Already URL from Check's perspective; deep GS1 structured-content reader is the value-add.
Pending Bluetooth SIG QR-text standardization. Currently vendor-specific (Amazon FFS uses DataMatrix, Silabs has its own QR format, Casambi has another). We'll add when the SIG publishes a Mesh equivalent of BAU v1.0.
Passport / visa stamp QRs with offline-verifiable cryptographic seals. Niche but used at land borders by some governments.