Why Standard Scanners Fail on Hybrids
Standard scanning applications are designed to detect and decode individual code types independently. When presented with a hybrid image containing both a QR code and linear barcode, these applications typically process only one component, resulting in incomplete or meaningless data. This behavior is not a limitation but a deliberate security feature of hybrid authentication.
The hybrid image structure places the QR code above the linear barcode with a deliberate gap, creating a single visual entity that appears unified to the human eye but contains two distinct data regions. Most scanning apps prioritize QR codes due to their higher data capacity and will ignore the linear barcode entirely, or vice versa depending on their detection algorithm.
Even when both codes are detected, standard applications lack the logic to combine their contents or recognize that they form a single encrypted payload. The data in each part is ciphertext from AES-128 encryption, appearing as random characters without proper decryption.
This multi-layer protection means that casual scanning with phone cameras or generic apps yields no useful information. The partial data obtained appears as gibberish, providing no clue about the original text or the need for specialized processing.
The encryption process uses dynamic keys unique to each generation, making pattern recognition attacks ineffective. Even if an attacker captures multiple hybrid images, the changing encryption parameters prevent meaningful analysis of the ciphertext patterns.
Complexity levels affect scanning resilience but not the fundamental failure mode of standard applications. Higher complexity increases error correction, allowing the official scanner to succeed under poor conditions while standard apps still fail to understand the combined nature of the data.
This design philosophy ensures that possession of the physical or digital image alone is insufficient for authentication. Only devices with the official AxelBase scanner can properly interpret both components, reconstruct the dynamic key, and decrypt the original text.
The failure of standard scanners is the primary security benefit of hybrid images, creating a clear distinction between authorized and unauthorized reading attempts.
Security through deliberate incompatibility with common tools.