Meet TapIn: Fraud Prevention Through Physical Presence

Digital Futures researchers are tackling fraud and protecting privacy in an unexpected way: in-person check-ins.

The world of AI, while offering many benefits, comes with many downsides, notably the unprecedented opportunities for fraud. Bots and automated scripts can convincingly mimic human behavior by filling out forms and even solving CAPTCHAs. This behavior blurs the line between legitimate and illegitimate users, and is on its way to creating a crisis of “personhood.”

In light of this crisis, how do you, as a business, government entity, or citizen, determine who is real and who isn’t? Without reliable ways to prove that a digital interaction originates from a real, present human being, the economy in the age of AI risks becoming an environment where fraud outpaces genuine engagement; human activity now accounts for less than half of all online traffic[1].

Current attempts to verify personhood—Single Sign-On, or SSO, systems being particularly notable—have a particular downside: they do not natively verify physical presence. This can often be an advantage, such as remote employees being able to access important resources. However, a student can appear to have attended class without ever being on campus, sports fans can forward a link to friends who aren’t at the stadium to redeem ‘in-person’ promotions, and malicious users can mimic being an employee to access those resources illicitly. Often, verifying physical presence is a necessary part of a digital interaction.

Combining SSO with a physical link, such as a QR code, still leaves the issue of physical presence unresolved; QR codes are not one-time use and can be cloned and recreated. Also, scammers can, and often do, replace legitimate QR codes with malicious ones, redirecting traffic to their preferred location.

This kind of problem is exactly what Digital Futures was designed to solve: problems that cross disciplines, touch everyday life, and demand new kinds of solutions. The Cryptoeconomics (CE) Lab, directed by Katz-Uible professor Michael Jones, is housed inside Digital Futures, where proximity to industry partners shifts research from theoretical security models to deployable systems. Dr. Jones founded TapIn, a third-party platform dedicated to solving the problem of physical presence.

The TapIn team in the CE Lab, which includes Dr. Jones and graduate student Jack Luu, patented a secure, portable device called a TapPoint that verifies physical presence without using an app, and without being powered by electricity.

Unlike QR codes or static links, a TapPoint uses a secure NFC chip to generate a one-time, encrypted URL every time a smartphone taps it, ensuring that a real human did it. The result is a new standard for trustworthy interactions, allowing all parties to know that a real human is on the other side.

While TapPoints do not identify who it is that just tapped in, only verifying personhood, it can be linked to an SSO login. TapIn thus binds the physical presence to a verified identity. Now, we can know not only that the person is real, but who they are.

“TapIn made registration and CME tracking at our Nephrology Symposium seamless and fraud-proof,” said Sunshine Barhorst, Acute Care Nurse Practitioner in the UC Department of Internal Medicine: Nephrology. “It gave us instant, reliable proof of who was physically present—something paper sign-ins and QR codes can’t guarantee.”

Universities represent an ideal use case. Universities function as mini cities, including the essential infrastructure in broader society; thousands of daily interactions create an economy where students live, learn, work, shop, dine, and socialize, all on the same campus. Professors could know for certain who showed up to class and who didn’t, dining halls could be certain that each person is in there legitimately, and students could be certain they were in a secure dorm.

As Barhorst noted, what once felt tedious and error-prone can now be seamless and trustworthy. That same principle could reshape how we attend conferences, earn credentials, or even vote. With TapIn, Digital Futures researchers are rewriting the rules of engagement in the digital economy.

[1] Imperva (2025). 2025 Bad Bot Report. https://www.imperva.com/resources/resource-library/reports/2025-bad-bot-report/