Trust & Safety March 2026 8 min read

Would You Put a QR Code
on Your Car?
The Privacy Risks. And How We Designed Around Every One.

Seven real threat scenarios for public QR contact systems. How each one works, why most platforms ignore them, and the architectural decisions Wavr made to address every one before writing a line of product code.

W
Wavr Trust & Safety Team
San Francisco, CA

Before we built Wavr, we made a list of every way it could be used to hurt someone. That list had seven items on it. We did not start writing product code until we had an architectural answer to each one. This post is that list, and those answers.

We are publishing this because we believe the strongest trust signal available to a privacy-first product is radical transparency about its threat model. A privacy policy is a legal document. This is a design document. The difference matters.

7
Threat scenarios identified before Wavr's first line of product code was written. Every architectural decision in the platform traces back to at least one of these seven.
Threat 01

Stalking via Repeated Scans

A stalker could scan a target's tag repeatedly to monitor their movements. Each scan reveals that the vehicle is present at a specific location. Over time, a pattern of scans builds a picture of the owner's routine.

The attack
Scan the tag every morning outside the target's workplace. Build a location and schedule map without ever interacting with the owner directly.
The architecture
Every scan is visible to the owner in real time. Rate limiting blocks scan flooding from the same device. Repeated scans from a single device fingerprint trigger a suspicious flag and one-tap permanent block is available to the owner.
Guarantee: The owner sees every scan. The stalker cannot operate invisibly.
Threat 02

Tag Tampering and Fake Stickers

Someone could place a fake sticker over the legitimate tag, redirecting scanners to a phishing page or a different contact channel designed to harvest information from good-faith finders.

The attack
Print a convincing Wavr-style sticker with a QR code linking to a fake contact page. Place over the owner's real tag. Harvest phone numbers from people trying to report a parking issue.
The architecture
Every Wavr QR code contains a cryptographically signed tag ID. Spoofed codes do not match any live tag in the system and surface a clear warning. If a physical tag is defaced, the owner can deactivate it instantly from the app and regenerate a new code. The old code becomes permanently invalid within seconds.
Guarantee: Spoofed codes cannot impersonate a live Wavr tag. Deactivation is instant and permanent.
Threat 03

Malware and Phishing via QR

QR codes are a known phishing vector. A malicious code can redirect a scanner to a page that downloads malware, harvests credentials, or prompts an app install from an untrusted source.

The attack
A tag is replaced with one linking to a convincing login page. The scanner, expecting a Wavr contact form, enters their email and password. Credentials are harvested.
The architecture
Wavr's contact flow requires no login from the scanner and no app download. There are no credentials to harvest. The flow opens directly in the browser via a verified Wavr domain. No scanner account, no scanner identity, no attack surface for credential phishing.
Guarantee: No account required to scan. No credentials to steal. The absence of login is the security feature.
Threat 04

Extortion Using a Pet or Vehicle

A person finds a lost pet or notices a vehicle in a situation requiring contact, then uses the communication channel opened by the tag to extort the owner rather than to help.

The attack
Finder scans a pet collar tag and sends a threatening message demanding payment before revealing the animal's location.
The architecture
All contact routes through a one-way structured relay. Scanners select a predefined issue type before any message is delivered. Messages are AI-screened before delivery. The scanner's GPS, device fingerprint, and timestamp are forensically logged. One tap freezes the session. One tap generates a court-admissible evidence packet and reports directly to law enforcement.
Guarantee: The attacker's identity is forensically logged from the first scan. Law enforcement reporting takes under 60 seconds.
Threat 05

Location Exposure of the Owner

A scanner could attempt to use the contact session to determine where the owner lives, works, or regularly parks, building a location profile without the owner's awareness.

The attack
Initiate contact repeatedly from different locations. Cross-reference the tag's response patterns to infer where the owner is during different times of day.
The architecture
The owner's location is never shared with the scanner under any circumstances. The asymmetry is total: the scanner's GPS is shared with the owner, not the other way around. Repeated scan attempts trigger rate limiting and suspicious activity flags. The owner's response or non-response reveals nothing about their whereabouts.
Guarantee: Owner location is never transmitted to the scanner. The system is asymmetric by architecture, not by policy.
Threat 06

Scanner Identity Spoofing

A bad actor could attempt to manipulate their device fingerprint or GPS signal to avoid being identified, or to impersonate a legitimate scanner such as a parking enforcement officer or emergency responder.

The attack
Use a VPN, spoofed GPS, or modified device fingerprint to submit a contact report while obscuring true identity and location. Or claim to be a parking officer to trigger faster owner response.
The architecture
Wavr logs multiple device signals simultaneously: IP address, browser fingerprint, GPS coordinate, and timestamp. Spoofing one signal does not neutralise the others. Verified scan types for emergency responders and law enforcement require credential validation that cannot be bypassed by self-declaration. Impersonation claims do not elevate scan priority without verification.
Guarantee: Multi-signal logging makes full identity spoofing extremely difficult. Verified scan types cannot be self-claimed.
Threat 07

Harassment Through the Contact Channel

The contact channel itself could be weaponised to send abusive, threatening, or harassing messages to the owner under the cover of a legitimate parking report.

The attack
Use the contact form to send threatening or abusive messages. Repeat from different devices if initially blocked. The legitimate-seeming context of a parking report provides cover for the initial contact.
The architecture
All messages pass through an AI screening layer that identifies threatening, abusive, or coercive content before delivery. Flagged messages are held and logged as evidence rather than forwarded. Device fingerprint blocking is permanent and covers all future sessions from the same device. A second scan from a blocked device fingerprint is automatically flagged and the owner is notified.
Guarantee: Abusive messages are intercepted before delivery and retained as forensic evidence. Blocks are permanent and device-level.
The Principle

A Technical Guarantee Is Not a Privacy Policy

Every privacy claim a product makes falls into one of two categories: things that are enforced architecturally, and things that are enforced by policy. Architectural enforcement means the system cannot do the thing, regardless of what any employee or bad actor attempts. Policy enforcement means the company has promised not to do the thing.

Wavr's core privacy properties are architectural. Your phone number is not stored on the tag because there is no phone number field in the tag schema. Your location is not shared with the scanner because the contact flow has no mechanism to transmit it. These are not commitments we are making. They are descriptions of how the system works.

"A privacy policy is a legal document. What we built is a technical constraint. The difference is that one can be violated and the other cannot."

This does not mean Wavr is perfect. No system that allows strangers to contact each other can guarantee zero misuse. What we can guarantee is that every misuse attempt leaves a forensic record, that the owner retains control at every step, and that the asymmetry between scanner and owner is enforced at the infrastructure level rather than relying on good behaviour.

Open challenge
Find a threat scenario
we have not addressed.
We have been through this list many times. We believe we have addressed every realistic threat vector. If you can identify a scenario we have not covered, or a flaw in how we have addressed one of the seven above, we want to know about it. Not after launch. Now.
[email protected]
Wavr  ·  Privacy by design
Built for people who
asked the hard questions first.
A scannable tag that connects anyone to you about your vehicle, your pet, or your property. Anonymously, instantly, and without a trace.
Join the waitlist, free Read our privacy architecture
Continue reading
Founder Story
My Car Got Towed at 3am in San Francisco. There Was No Way to Reach Me.
Research
I Tried Every Way to Reach a Stranger About Their Parked Car in San Jose. Nothing Worked.
Founder Story
Lost Dog in San Jose. What the Apps Tell You to Do. What Actually Works.