Aug 2023, 5-min read

SnapSnap

Ionic Framework NestJS PostgreSQL React
Image 1Image 2Image 3

Background

My friends decided to join What The Hack (WTH) Hackathon organized by the Singapore University of Technology and Design (SUTD). They invited me and of course I said yes! (Well, actually, the free food was the main reason I joined. 😅)

WTH

This year’s theme is “A Better World” and there are four categories to choose from: 1. Circular Economy & Sustainable Living, 2. Inclusivity & Accessibility Tech, 3. AI-enabled Internet of Things, and 4. Financial Technologies. The hackathon was held over two days and we only have about 24 hours to complete the project.

We started brainstorming around a week before hackathon. We initially wanted to do something related to Accessibility Tech and had an idea of using LLMs to help people with autism to communicate. However, we eventually realised that this is a very hard problem to solve and we do not have enough knowledge to solve it.

One night before the hackathon, we were having supper at SuperSnacks (they serve some pretty good soy bean ice cream!) as we were brain storming. It was when we were paying for our food that we realised that we are using QR codes to pay for stuff every day. We then thought about the potential risks of using QR codes. It is an “a-ha” moment for us and we decided to do something related to QR codes for the Financial Technologies category.

The Problem

After some Googling, we found out that QR code scams is actually a real problem in Singapore. One case that we found was a woman who lost $20,000 for scanning a fake QR code.

QR code-related scams are actually very similar to phishing scams. There are a few possible scenarios: 1. Someone can potentially replace payment QR codes in public places with their own QR codes, causing the victim to pay to the scammer’s account instead of the merchant’s account. 2. Someone can potentially paste QR codes that links to malicious websites, causing harm to the victim.

The tricky thing about QR code scams is that it is very hard to detect. Bad actors can easily generate and print their own QR codes and paste it in public places. On first sight, it is very hard to tell if the QR code is legitimate or not.

Also, as QR codes are becoming more and more popular, it is becoming more common for people to scan QR codes. Users are also becoming more desensitized to scanning QR codes. This makes it easier for bad actors to trick users into scanning malicious QR codes.

The Solution

Our proposed solution is to create a crowd-sourcing platform for QR codes. The idea is to create a QR scanner application that allows users to scan QR codes and record all the QR codes in our database. Should the user encounter a malicious QR code, they can report it from the scan history. Our server will then generate a risk score for each QR code based on the number of reports and the number of scans. This score will be displayed when other users scan the QR code and they can decide whether to proceed with their actions.

The Implementation

The solution consists of 2 parts: the mobile app and the backend server.

For the mobile app, we decided to build a progressive web app (PWA) using Ionic Framework. This is because we want to make the app accessible to as many users as possible. From the technical considerations, PWA are easy to make as most of us are familiar with web development.

For the backend, I decided to fork from my previous project, SentinelGuard as it already contains user authentication and authorization. But I still had to make all the APIs for the QR code-related features.

The Result

We worked through the night and managed to complete the project in time. The judges asked a lot of questions and we were able to answer them quite clearly (despite the lack of sleep 😅) and they seem generally satisfied with our answers.

In the end, we were very happy when we were announced as the winner for the Financial Technologies category!

The Future

Unlike my previous project, I think this project has the potential to be a real product. I think it is a good idea to continue working on this project and see where it goes.

Some Reflections

This is my second hackathon and I think I have learned a lot from this experience. Here are some of my reflections:

  1. I cannot stress enough how important it is to have a good team. I am very lucky to have a good team that is able to work together and complement each other’s strengths and weaknesses. If I had not joined this team, I would not have been able to complete this project. Shoutout to my teammates: Chin Herng, Joe and Li Yuan.

  2. The first idea that comes to mind is not always the best idea. We spent a lot of time thinking about the idea and we were not able to come up with a good idea until the night before the hackathon. I think it is important to keep an open mind and not be afraid to change ideas. We also should be critical of our own ideas and not be afraid to reject ideas that are not good enough.

The code for this project is available on GitHub. The project is also on Devpost.

  1. PWA
  2. Backend Server
  3. Devpost