Secure Single Use QR Codes

Top  Previous  Next

Secure single use QR codes provide an extension of the QR codes used for contactless operation. The QR code is signed using a password to make it secure and difficult to forge and can only be used once on an iPad. This means that it can be used for theme parks and attractions or for photo booths where users can be issued with a QR code "coupon" to use the photo booth. It can also be used to run a paid photo booth where the user makes a payment using an online payment service such as PayPal and is sent an email or a text linking to a single use QR code that can be scanned by the photo booth.


The QR Code Text


The QR code is in the form of a URL which has two parameters: a JSON string containing the commands and a SHA1 signature.


The JSON string can contain up to 10 strings (s1 to s10) and up to 10 commands which correspond to touchscreen actions (c1 to c10). It can also contain an email command (autoemail or email) and an expiry date and time. Please see QR codes used for contactless operation for information about the strings, commands and email options.

The expiry date/time is in the form of the number of seconds since the Unix epoch (00:00:00 UTC on 1 January 1970) stored in the JSON "expiry" value.

For additional security an optional id field can be added to the JSON string to specify the Vendor Id of the iPad. The app will only process the QR code if the id in the JSON string matches the Vendor Id of the iPad.


The signature is the SHA1 hash of the JSON string plus the password.



To create a QR code that starts a photo session with the touchscreen command "switchToStillsAndStart"and automatically emails the output to and is valid until 12:57 on Tuesday, May 19th, 2020 the JSON string would be:



The default password for the app is: <auth_password>

The string to sign is the JSON string + the password: {"c1":"switchToStillsAndStart","expiry":1589885824,"autoemail":""}<auth_password>

The SHA1 hash of the string to sign is:4717b76e279cd2dd8435e0c46d95ccd4c9392da8


The text for the QR code needs to be in the form of a URL with a base URL which can be anything you like e.g.

The signature is then added as the 'auth' parameter e.g.

Then URL encode the JSON string and add it to the URL as the "j" parameter e.g.


Additional parameters can also be added to the base URL if required. One use for this would be to provide a link to the photos on an online gallery e.g.


Enabling Secure Single Use QR Codes


Secure single use QR codes need to be enabled by setting two values in the settings.xml file on the iPad:




The <qrCodeAuthRequired> tag needs to be set to true. This will disable normal QR codes in the app and only allow secure QR codes that have the correct signature. The encrypted signature is stored in the <qrCodeAuthPassword>

tag and defaults to <auth_password>. An encrypted password can be created by setting one of the other passwords in the iPad's App Settings, e.g. the upload URL password, and copying its value.


In addition QR commands and strings should be enabled in the iPad's App Settings screen and in the settings for each event.


Providing Feedback When Scanning QR Codes


If a QR code is scanned and accepted the app will execute the commands (e.g. starting the countdown) without displaying any additional information. If there is an error a simple error message screen will be displayed for a few seconds. This can be customized by providing an optional JPEG background image, overlay image and GIF or movie animation. The GIF and movie animations can be sized and positioned on screen in the same way as animations on the other photo booth screens.

The error message will be displayed in English unless a PNG overlay image is provided


The following error screens filenames can be used:


qr_missing_parameters - the QR code is missing the auth or j parameters

qr_not_authorized - the auth parameter does not match the SHA1 hash of the JSON string plus password or the optional id in the JSON string does not match the iPad's Vendor Id

qr_invalid - the JSON string cannot be decoded

qr_used - the QR code has already been used on this iPad

qr_expired - the QR code has expired


For example to display a screen with a background, text showing the error "QR code has expired" and a GIF animation centered on the screen when a QR code has expired the files would be:




Or to display a screen with a background but without the "QR code has expired" text add a JPEG background screen and a PNG overlay screen:




Reusing Single Use QR codes


The used QR codes are stored in a file called qr_auth.xml in the Breeze Booth folder on the iPad. You can delete this file using the iPad's Files app by going to "On My iPad" and then selecting "Breeze Booth".


Example PHP Script


The PHP code below will generate the QR code text to start a photo booth session using the touchscreen command "switchToStillsAndStart" and automatically email the photos to The QR code will be valid for 5 minutes (300 seconds) from when it was generated:


// add touchscreen command to switch to stills mode and start the countdown

$json['c1'] = "switchToStillsAndStart";


// add a command to automatically email the photos to

$json['autoemail'] = "";


// set the expiry time to 300 seconds from now

$expires = time() + 300;

$json['expiry'] = $expires;


// generate the JSON string and SHA1 signature

$jsonStr = json_encode($json);

$authStr = $jsonStr . "<auth_password>";

$auth = sha1($authStr);


// construct the URL for the QR code text

$url = "$auth&j=" . urlencode($jsonStr);


Generating Single Use QR Codes using a Script


A single use QR code can created by calling the Event Editor from a script and passing the following command line arguments:


-qr_path <pathname>

Where to save the PNG image of the QR code

-qr_base_url <URL>

Optional base URL (defaults to

-qr_password <password>

Optional password used to authenticate the QR code (defaults to <auth_password>)

-qr_auto_email <email_address>

Optional email address used to email the photos

-qr_auto_text <phone_number>

Optional phone number used to text the photos

-qr_cmd <touchscreen_command>

Touchscreen command to execute

-qr_expiry <t>

Optional expiry time for the QR code in seconds since the Unix epoch (defaults to 24 hours if omitted).
Tip: To generate a sequence of similar single use QR codes increment the expiry time by one second for each

-qr_vendor_id <id>

Optional vendor id used to secure the QR code

-qr_logo_path <pathname>

Pathname of optional logo PNG image to add to the QR code


Example: Generate a single user QR code that switches to stills photo mode and starts the countdown. Protect the QR code using the password test_user_password. The QR code will expire 24 hours after it was generated.


BreezeBoothEventEditor.exe -qr_cmd "switchToStillsAndStart" -qr_password "test_user_password" -qr_path "D:\qr_code.png"


Please note that the command line can also be used to generate admin QR codes. It will generate a single use QR code if the -qr_cmd argument is provided otherwise it will generate an admin QR code.