QR/bar code scanner as a Service
- React demo: https://kameroon-demo.web.app
- Pure JS demo: https://kameroon-demo-js.web.app
- Simplicity: No need for complex libraries. Just redirect users to Kameroon
- On-Device Scanning: Scanning happens securely on your users' devices
- Data Encryption: Results never leave users' devices unencrypted. RSA-OAEP encryption is used with the
public_keyyou provide - Secure Retrieval: Encrypted data is sent back to your web app via the specified
redirect_url - Client-Side Decoding: Ciphertext is decoded using your
private_key, which stays safely on your users' devices - Key Rotation: Customize key rotation periods for enhanced security
- Linear product: UPC-A, UPC-E, EAN-8, EAN-13, ISBN
- Linear industrial: CODE-39, CODE-93, CODE-128, CODABAR, DATABAR, ITF-14, I25
- Matrix: QR code, Micro QR Code, Aztec, DataMatrix, PDF417
- In addition to using HTTPS, the resulting QR codes are further encrypted using asymmetric RSA-OAEP encryption to mitigate the risks associated with URL-based data transmission, including:
- potential visibility in server logs and browser history
- caching (some proxies and browsers might cache URLs, making your sensitive data accessible to others)
- analytics tracking (if you're using analytics tools, they might capture query params, potentially exposing data you'd rather keep private)
- server log exposure (server logs can sometimes include full URLs)
- Kameroon does not store your users' QR codes or encryption keys
- Encryption keys are rotated with customizable rotation periods (defaults to 1h) to align with user security policies
- React.js and vanilla JS examples
- Javascript helper library
- https://github.com/maslick/koder
- https://github.com/maslick/kameroon-demo
- https://github.com/maslick/kameroon-demo-js
- https://github.com/maslick/kameroon-lib
We appreciate the open-source community for their contributions. Kameroon uses:
- Zbar under LGPLv2+
- ZXing-C++ (C++ port of ZXing) under Apache License 2.0