Barcode Reader & Real-Time Web Services


It’s difficult to manage re-entry at events that accept print-at-home or mobile tickets because they are so easily copied. Perhaps we can help?

We just released ‘photo-postback’ technology for our codeREADr app. It can be integrated with ticketing and access control systems or independently deployed. It doesn’t require access to or integration with an event’s ticket database.

How does it work?

When a patron temporarily leaves the venue, an attendant uses the codeREADr app to scan their ticket with an iOS or Android device and then takes their photo. The ticket ID and photo are linked and stored in your own Dropbox folder. When the ticket is scanned with codeREADr upon re-entry, it’s validated and the stored photo presented for visual verification.

For a short video and step-by-step instructions please look here. It’s available with our standard and SD PRO scan engines – see video here.

Would this added security be worth $10-$20?

We welcome your comments, including feature suggestions. Would you like to try it on your own phone or tablet? If so, please let us know at



How do you change student behavior and enforce disciplinary measures? You need to record offenses, keep track of student permissions and verify them in real time using smartphones and tablets.

Can you enforce consequences and influence future behavior? Can you effectively enforce the removal of standard or special privileges? Or record offences and fulfillment electronically?  Yes, you can. Let’s look at one of these in greater detail.

A common problem – students repeatedly late for class 

A school’s tardy problem can be difficult to overcome unless there’s a way to enforce the consequences for repeated offenses.

Let’s say you have a special-privilege program for students in good standing – like the option to go off campus during lunch period.  If the student is repeatedly late for class, you can remove that privilege.

But how do you know if the student has that privilege as they leave the campus? You could use the codeREADr app installed on smartphones or tablets to scan each student’s ID as they leave campus.

The app would automatically check a simple on-device or online database to confirm if the student has that specific privilege – and, importantly, that it wasn’t recently suspended for any reason. The app would instantly present the app user with a green ‘valid’ screen if the student has permission. If they didn’t – or if the ID was faked – the app would instantly present a red ‘invalid’ screen. Read the rest of this entry »


SimpleTix is a professional e-ticketing service provider and valued client. They recently published an excellent video showing how to use their platform with codeREADr to validate tickets when Internet connectivity is unstable.

What’s special is that SimpleTix makes ticket databases readily available to their customers. In the video they give simple and clear instructions on how to modify that database for uploading to codeREADr’s servers. When uploaded, the database is then available for downloading to codeREADr’s iOS and Android apps for on-site validation without Internet connectivity – we call it ‘on-device’ (offline) validation.

In this way SimpleTix customers can choose online validation – a standard SimpleTix offering – and now offline validation (or both).

After 5 years of supporting access control for over 100,000+events, we learned that clients should not assume there will be stable Internet access at the event’s actual point of entry. We advise to verify connectivity before the event and, if it only has 3G/4G network connectivity, consider what could happen when a large crowd of smartphone-toting attendees arrive.

If an app user is using an online service and connectivity becomes unstable, the app will save the scans on the device, but without validating them. But the app user is at least recording scanned tickets and checking for duplicates scanned by that device. When connectivity is restored, the scans are uploaded to our server (and to the SimpleTix server) for review.

What many of our clients do is offer both an online and on-device service to their customers if their customer has no way of verifying connectivity before the event. In that way the client has a choice of starting with online or offline scanning. While scanning to an online database is the ideal choice, on-device validation is a close second because it not only catches invalid tickets but also checks for duplicates scanned by that device and can be periodically synced with the server.

Kudos to SimpleTix for a job well done.



Tourism and QR Codes

Limburg Pass


Barcode News published an article titled ‘Tourist Organization Uses QR Codes To Track Coupon Redemption in Real-Time‘ last week.  They deployed both Dual Function QR Codes and One ID, Any Merchant technology in their ground-breaking program.

Kudos to the innovate Philippe Marcisz of Toerisme Limburg, a regional tourist organization in the eastern part of Belgium, and his printer partner, BooQi Media Solutions for a job well done!





Formal, Accurate Records?

Did you ever wonder if a worker was actually present at a specific location when issuing a report? For example, did they really check the status of a certain door, fire extinguisher or thermostat? Was your high-value asset really checked?

You can track an employee’s and subcontractor’s location using the GPS feature native to many smartphones and tablets. In fact, GPS is particularity useful for both on-location and continuous location tracking.

However GPS can draw significant power and might be thought of as intrusive, unless only turned on periodically.

Tap to Verify

One GPS alternative is to use tamper-proof NFC tags at each location or on each asset, each embedded with a unique tag identifier (TID). While TID-embedded barcodes are sufficient for most applications, they are visual and therefore able to be copied. NFC tags, on the other hand, offer a much higher degree of presence certainty because the TID is factory-embedded into the tag  and is not modifiable.

The codeREADr app reads the tag’s TID and validates it against a database residing on our server or yours. The formal scan record includes the TID, date, time, capture method (i.e. NFC read, barcode scan, text entry or TID lookup) and any other data collected at that point of service. Read the rest of this entry »

The security team at codeREADr immediately assesed April 7th’s disclosure of CVE-2014-0160, also known as Heartbleed. As you may know, this is a critical vulnerability in OpenSSL which can compromise the secret keys used for SSL encryption.

Although we use OpenSSL and were potentially vulnerable, we have not discovered or been informed of any intrusions or unauthorized use of our systems.

After an immediate patch to our OpenSSL libraries on April 8th at 5:00 am EST (GMT -4:00), we then implemented the remaining precautions to ensure security. As of April 11th at 9:00 am EST (GMT -4:00) all of the necessary steps have been completed to remove this vulnerability. Read the rest of this entry »

Dual-Function QR Code Demo (see below for instructions).

Dual-Function QR Code Demo (click to enlarge, see below for instructions).

QR codes printed on coupons, vouchers, tickets, IDs, product labels and equipment tags normally have a single function – typically engagement or validation. If for engagement, a consumer would scan the code. If for validating a transaction or tracking assets, a merchant, venue or field service person would scan it.

What’s a ‘dual-function’ QR code?

It’s a single QR code enabling standard, consumer barcode scanning apps to open Web pages triggered by a scan, while also allowing merchants, venues and businesses to scan the same code with an enterprise app to validate and track its use.

Embedded in the code is a unique, variable transaction ID appended to a URL. When scanned by a consumer, the URL points to a Web page, ideally one optimized for viewing on a mobile device. However, when the same code is scanned by the enterprise app, the code’s ID is captured, validated and stored as a formal scan record.

URL Engagement

For consumer engagement these URLs would point to Websites or Web pages, optionally with links to download an app or Passbook Pass, initiate a purchase or subscribe to messaging campaigns. For field service applications, depending on the URL’s structure, a scan would present contact info and generic information about the asset or its owner, or optionally it could present an item-level service manual, warranty status and other asset-specific information.

ID Validation

For tracking and validation, the codeREADr app captures just the ID from the URL and checks it against a database of valid IDs stored locally on the handset or on a server.

To do this, the codeREADr team built a special feature called ‘Alter Scan’. The feature uses custom, predefined scripts to parse the captured ID from the URL based on its format. With each scan, the ID is validated and additional data is collected, optionally including time, date, location, voice and textual entry and photo capture.

Need a script? Please don’t hesitate to contact codeREADr support.

Field Deployments and Demo Read the rest of this entry »


Get every new post delivered to your Inbox.

Join 37 other followers