QR order - how to prevent customers from placing an order when they're not on premise

Question

From my understanding, a QR code is just a static link which get opened up when I scan the code with my phone's camera.

Once opened, a customer can keep the browser tab even after he leaves the restaurant. If that's the case, my question is: How can I prevent a naughty customer from refreshing the page and placing an order when he's not physically at the restaurant?

One possible solution is to force the customer to pay online immediately everytime he submits an order. However, this solution doesn't work in countries where cash payment is still popular.

Another solution is to make the QR code work inside the restaurant WiFi network only. This solution makes it harder for customers to place an order which is not a good thing, especially if we have to serve older audience.

I tried to google this topic but all I found are links to QR ordering software. I wonder how people are solving this problem in those products. If you happen to know, I'd be very grateful if you could share it with me.

Update:
Someone mentioned a similar question in the comment. I find the answers/discussions there are not as engaging and fruitful as the ones I had here while the topic is the same. The author didn't even discuss any solutions he thought about in details. Yet, the question is not closed and mine is? What's the criteria for this?

Answer 1

A QR code is just a machine-readable representation of some string (in your case, an URL). Strings can be copied and kept using whatever mechanisms, you can't seriously protect against that.

The correct solution would be to give each customer a customer-specific or time-limited QR code, for example by showing it not on a printed medium but on a changeable display (big screen in the restaurant, small e-paper displays on the table whose content is updated after a customer leaves.)

However, such a solution is potentially costly, and the risk of being defrauded should be weighed against the cost of implementing such a scheme, as @Philip-Kendall noted.

This is actually not a software engineering problem but a business process decision. Implementing the software solution once you have a good understanding of the business process that you want to perform is pretty straightforward.

Answer 2

If your QR code is printed out, I can walk from restaurant to restaurant, take photos of QR codes, print them out, and use them at any time.

You can prevent this by having a changing QR code on a screen. The QR code contains the time, and if you receive a QR code and it’s time is off, you reject it.

Simpler, but less effective, you could have a QR code on each table containing the table number so at least you can check if there’s anyone sitting at that table.

Answer 3

Thank you all for providing very insightful inputs. What I learned from the comments and other answers is that I need an ever-changing QR code. I cannot print a static QR code, stick it on the table forever and expect it to be safe.

Taking this into account. I think the best solution is to change the workflow of my QR code ordering system a little bit. Instead of having waiters bring a menu to the customers when they enter the coffee shop, the waiter should open the table the customer chooses and print a new QR code on a piece of paper for the customer to scan to start ordering. When the customer gets the bill and pays, the waiter can then close the table and invalidate the printed QR code.

This way, noone can reuse the QR code nor reuse the session they created when they first scanned the QR code. In addition, once generated, the same QR code can be used by all customers at the same table. Their sessions can also live for the whole duration when the customers are still inside the coffee shop. They will not have to rescan the short-lived QR code on a TV screen every 5 minutes to order new stuff or see the menu. We can save the TV screen for advertisement, etc. which makes more sense economically.

Please let me know if you find any problems with this approach.

Answer 4

You could be tempted to use geolocalisation but the accuracy would not prevent someone outside the restaurant to make a fake order. Moreover some regions of the globe are tough on personal data protection, which makes this solution a suboptimal fit.

The local wifi is another option. But this seems a bad idea: it might discourage some customers, since it is an additional cumbersome step to do and might moreover be perceived as diverting a part of user trafic to a network bearing the risk of being potentially insecure.

The simplest solution seems to be to have a new one-time QR code brought at the table when the customer arrive, and the waiter would disable this code when the customer leaves the restaurant.

Another way could be to display a temporary qr code on a screen in the restaurant for the checkin, use it to feed a session token? and subsequently use the table qr code (or just a table id) until the session expires.

There are a lot of other solutions as well.