News
How a Digital Scavenger Hunt Works: QR, GPS & Anti-Cheating Explained
What you’ll learn in this article
- How a digital scavenger hunt actually works under the hood
- The technical differences between QR code, GPS, and other check-in styles
- The flow from both the participant’s and the organizer’s point of view
- How anti-cheating safeguards keep results fair
How a digital scavenger hunt works: the big picture
A digital scavenger hunt may feel like magic when you play it, but the mechanics are simple. At its core, it comes down to three building blocks.
- Identifying the checkpoint — deciding where each stamp can be Collected
- Recording the Collect — saving who Collected which stamp to the server
- Checking the goal and granting the reward — treating the hunt as complete once the conditions are met
These three steps are linked together in real time through the participant’s smartphone and a cloud server. Because the logic lives in the cloud, your hunt runs automatically — there’s no need for staff to stand at every location and check participants in by hand. And because everything happens in the browser, there’s no app to install.
How checkpoints are identified: the main methods
There are several ways for the system to confirm that “you Collected a stamp right here.” Petanco supports a full range of check-in styles — QR code, GPS, NFC, multiple-choice quiz, keyword entry (mystery), sliding puzzle, photo submission, and AR — but the three location-based methods below are the foundation of most hunts.
Method 1: QR code check-in
This is the most popular method. You place a unique QR code at each checkpoint, and participants scan it with their smartphone camera.
How it works technically
Each QR code contains a different URL — one per checkpoint.
Example:
Spot A: https://example.com/stamp?spot=A&token=xxxxxxxx
Spot B: https://example.com/stamp?spot=B&token=yyyyyyyy
When a participant scans the QR code, their browser opens that URL. On the server side, the system records who (participant ID), which spot (spot ID), and when (timestamp) the access happened.
Pros
- No app install — participants join in the browser
- Setup is as easy as printing the QR code and sticking it up
- Works on any smartphone, regardless of model
Cons
- If someone shares a photo of the QR code, people who never visited could Collect the stamp (we cover the fix for this below)
Method 2: GPS check-in
This method uses the GPS in the participant’s smartphone to Collect a stamp automatically when they get close to a specific location.
How it works technically
Each checkpoint is assigned latitude and longitude coordinates. When the participant’s smartphone moves within a set distance of those coordinates (for example, a 50-meter radius), the stamp is granted automatically.
Example:
Spot A: 31.596° N, 130.557° E, within a 50 m radius
Spot B: 31.600° N, 130.560° E, within a 100 m radius
Pros
- No QR codes to print, place, or maintain
- Confirms the participant was physically at the location
- Ideal for walking tours and sightseeing hunts across a wide area
Cons
- GPS accuracy drops indoors or underground
- Participants have to grant location permission
- Not well suited to indoor events
Method 3: QR code + GPS combined
This hybrid method pairs the convenience of QR codes with the location verification of GPS. When a participant scans a QR code, the system also checks their current location via GPS at the same moment.
Pros
- Blocks cheating by sharing a photo of the QR code
- Flexible placement (works indoors or outdoors)
Cons
- Participants must grant GPS permission
- Low GPS accuracy can occasionally cause false rejections
The flow from the participant’s point of view
Here’s how a participant actually moves through a hunt and Collects stamps, step by step.
Step 1: Joining the hunt
It varies by service, but in most cases participants join simply by opening a URL. A growing number of tools require no email address and no account sign-up at all.
The participant’s device (their smartphone) is issued a session ID or participant ID that identifies them individually. This is saved in a cookie or in local storage, so on later visits they’re recognized as the same participant.
Step 2: Scanning the QR code
The participant scans a checkpoint’s QR code with their smartphone camera. Just opening the camera app and pointing it at the code automatically detects the URL and opens the browser — again, no app required.
Step 3: Recording the Collect
Once the browser reaches the URL, the server records the following information.
| Recorded data | What it is |
|---|---|
| Participant ID | A unique ID that identifies this participant |
| Spot ID | An ID showing which checkpoint was reached |
| Timestamp | The exact time of the scan |
| IP address | Used for fraud detection (in some setups) |
This record is the data for a single Collected stamp.
Step 4: The stamp appears on screen
The server responds with “stamp recorded,” and the stamp appears on the participant’s screen. The artwork and animation of the stamp depend on the service.
Step 5: Reaching the goal
When the participant meets the set conditions (for example, Collecting stamps at all five spots), the goal screen appears. Showing a coupon code, automatically entering a prize draw, or granting a digital reward can all happen automatically.
The flow from the organizer’s point of view
Here’s how you, as the organizer, set up and manage a hunt.
Building the event
You enter your event details in the admin dashboard.
- Event name and description
- Event period (start date and end date)
- Checkpoint (spot) names, descriptions, and photos
- Goal conditions (Collect all spots / any N of them, and so on)
- Reward settings (coupon codes, prize draws, and more)
Generating QR codes
When you register a spot, a unique QR code is generated automatically for it. You download each QR code as a PDF or image and print it.
Managing in real time
While the event is live, you can monitor participation in real time from the admin dashboard.
- Total participants
- Scans per spot
- Number of participants who reached the goal
- Participation by time of day
How anti-cheating safeguards work
“Couldn’t someone just take a photo of the QR code, send it to a friend, and let them Collect the stamp without ever showing up?” It’s a fair question — and a common one. A well-built digital scavenger hunt has several safeguards in place.
One-time / time-limited QR codes
You can set an expiry on the QR code’s URL so that the code rotates at regular intervals. A photo of an old QR code simply stops working.
Scan limits on the same QR code
Even if the same participant scans the same QR code several times in a row, only one Collect is recorded. This prevents duplicate stamps.
On-site verification with GPS
By checking GPS location at the same moment as the QR scan, you can configure the hunt to withhold the stamp if the participant isn’t actually near the checkpoint.
Logging IP address and device info
So that suspicious activity can be investigated, some services log the IP address and device information at the time of access.
Where is the data stored?
The participation data from a digital scavenger hunt is stored on a cloud server. Every time a participant Collects a stamp, the data is sent to and saved on the server in real time.
Stored on the participant’s side
- A cookie or local-storage entry holding the participant ID
- The minimum data needed to display the stamp card
Stored on the server side
- The scan history of all participants
- The list of participants who reached the goal
- Aggregate statistics for the whole event
What about offline behavior?
A digital scavenger hunt needs an internet connection. Be cautious about running one in mountainous areas or places with weak mobile signal.
That said, some services use an offline cache: in a spot with poor signal, the participant can still scan a QR code, and the data is queued and sent in a batch once the connection recovers.
Frequently asked questions
Q. How long is the stamp data kept?
It depends on the service, but data is typically retained for a period after the event ends. With Petanco, you can review and export your data even after the event has finished, for as long as your plan’s usage period lasts.
Q. Is participants’ personal information collected?
With a no-sign-up service, no personally identifying information is collected. The participant ID is a randomly generated identifier — names, email addresses, and the like are not required.
Q. Can the same stamp be Collected from multiple smartphones?
Because the participant ID is unique to each device, accessing from a different device is treated as a different participant. If one person joins from several devices, their stamp data does not carry over between them.
If a login feature is available, the same person can be recognized across multiple devices.
Q. What if a QR code won’t scan?
If a QR code is dirty or hard to read because of glare, it’s a good idea to print the direct URL on your information page as a backup way to join.
Summary
Here’s the mechanics of a digital scavenger hunt in a nutshell.
- Checkpoints are identified in three main ways: QR code, GPS, or a combination of both
- When a participant scans a QR code, the server records the participant ID, spot ID, and time
- Organizers can monitor participation in real time from the admin dashboard
- Cheating is handled with one-time QR codes, GPS verification, scan limits, and more
Once you understand the mechanics, it’s far easier to choose the right settings and the right anti-cheating measures for your own event. And because the whole thing runs in the browser, there’s nothing for your participants to download.
The best way to understand how it works is to build one yourself. Start free with Petanco and see it in action.
→ Create your first digital scavenger hunt with Petanco
Last updated: April 2026
Author: The Petanco team