Discussing with our Registrar Office different issues, they came up with some incidents they’ve had along years. They had received emails or phone calls from organizations asking about people who had presented transcripts or diplomas from our University wanting to validate these documents. Surprisingly quite a few of these documents were fake. These people had never studied in our University and in some cases, the program of study stated on the document had never been offered by us. Different ideas came up about how to minimize these events: watermarking the documents, using special ink, stamps, etc., but nothing seemed enough to avoid the receiving organization having to establish some sort of communication with us (and probably not knowing whom to contact to start with). Thanks to good old brainstorming, the idea of inserting a QR code on the document came up. First reaction: eyebrows raising. Previous ideas using QR codes had failed so we’ve lost a little faith in them. But evolving the idea, the QR code would be a link type code with a personalized id number that will uncover the identity of a student and a program of study. As simple as that. If the document is real, the student’s name and program will match. No other information will be shown. If it’s fake, there will be no match and the receiving organization should have enough information to reject the document in a matters of seconds (or the time it takes the user to open a QR code reader on her/his phone).

Investigating a little we found Smartforms handle QR code generation, great news! We’re already looking into testing how it works.

Next step, we designed some mockups of what will be finally developed/generated. Following are some pictures of these mockups.

The transcript:

/wp-content/uploads/2015/08/escolaridad_con_qr_779872.png

The webpage shown after scanning the QR code:

/wp-content/uploads/2015/08/url_qr_code_779942.png

We expect to have a pilot ready in a couple of weeks. Hope to be back soon with good news about the pilot.

And I guess this may trigger some other uses 🙂 .

To report this post you need to login first.

3 Comments

You must be Logged on to comment or reply to a post.

  1. Jean-Christophe Pazzaglia

    Cool idea!    Are you thinking about integrating with the associated slcm process? For privacy reason you may have to add a challenge with a form for the verification: The URL should open a form asking for the name and maybe degree and then your site Will answer true or false. It is a bit more complicated but you are sure that you don’t disclose the name of another student that may be held responsible by the employer to encourage forgery. This should be enough to avoid legal concerns for the uni. Last remaining problem to advert to employers that originals do have  qr code     Let us know

    (0) 
    1. Michael Hobbins Post author

      Hello J-C, tks for your feedback. Privacy is indeed one of our concerns. We hadn’t thought about this challenge you mention, but it seems like a very good idea. We were working on a encrypted ID as part of the URL which, once decryted, will show the student’s name and the program of study related to the transcript. We will study your idea considerihg legal concerns as you said.

      Refering to “Are you thinking about integrating with the associated slcm process”, maybe I’m not understanding the question. The idea is that everytime a staff member (and eventually any student from the self service portal) will print a student’s transcript, the QR code will be included. Either of the actions work on SLcM.

      We’ll be speaking to our Education Ministry office asking for permission to add a QR code on the backside of our printed diplomas. We expect a postive answer from them as this only seeks avoiding fraude situations.

      Thanks again for your feedback.

      (0) 
      1. Jean-Christophe Pazzaglia

        Hi Michael, yes I was thinking about the integration wrt. generation/printing of the diploma triggered and stored in SlcM. For the specific problem of the QR-code + security, it is heavily dependent on the attacker model you have in mind. If you wish we can have a chat about it (cf. mail). Best Regards, jc

        (0) 

Leave a Reply