In the ST app, when a user scans a ”regular QR Code”, we stop offering the possibility to be redirected to an external Web site.
We define ”regular QR Code” as one of the below cases:
- Codes with unrecognized prefix
- Code with correct ST prefix but malformed extended_id
- Code with correct ST prefix, correct extended_id format but extended_id does not exist (404)
When the ST app scans one of these non-scantrust codes
- A user receives below scan result response: NOT a trusted code! This item was NOT recognised and could be a fake or lead to a malicious website. If you suspect a counterfeit, please provide more details using the report link below.
This event will also be logged with the URL and other user details to the Amplitude System to determine the frequency and as storage for future reporting.
With the “REPORT” button, users can share this information to the Scantrust support team with a typeform questionnaire that includes
- 3 Essential question (QR image upload, Product Name, Purchase location)
- 3 voluntary additional questions (uploading pictures of the product front and back, any additional information the user wants to supply)
- Voluntary contact information (Name and email address)
The following information will be passed to the typeform via hidden fields
- Source (if the location was based on IP or on GPS)
- URL (that was scanned)
- User ID
This information will be redirected to Zendesk for the Support team to review.
Any completed typeform submission will be sent to slack: #fake-url-reporting
Typeform is currently supported in 10 Languages:
- Arabic (Typeform doesn’t support right to left, so it may be a bit messy with the questions - hopefully people will still get the gist)
- Russian NOTE: Additional Languages can be added if clients provide the translations