How does AffixIO stop ticket scalpers?

AffixIO's technology bakes a one-time cryptographic proof directly into each QR code at the moment it is issued. When the code is scanned at the gate, the scanner records its unique fingerprint as consumed. Any attempt to scan the same code a second time, even at a different gate or on a different device, is rejected. A screenshot is as useless as a photocopy.

Can AffixIO tickets be faked or copied?

No. Each AffixIO ticket contains a cryptographic signature that is mathematically bound to the specific event, date, and permitted entry points. Creating a fake ticket that passes verification is computationally equivalent to breaking the underlying cryptography, not just guessing a number.

Do AffixIO QR tickets work without internet at the venue?

Yes. AffixIO uses stateless verification at the edge, meaning the scanner checks the cryptographic proof on the device itself without needing to contact a server. This means scanning continues normally even if the venue has no signal, the network is congested, or the ticketing platform goes down.

What information is stored inside an AffixIO QR ticket?

An AffixIO QR ticket contains the event it is valid for, the time window it is active, which entry points it permits access to, how many times it can be scanned, and a cryptographic signature. It does not contain your name, email address, or payment details. Your personal information is never in the code.

What kinds of events and venues could use AffixIO ticketing technology?

AffixIO's ticket technology could be applied to any event or venue that currently uses QR codes, including stadium concerts, sports fixtures, theatre and arts venues, festivals, conferences, and public transport passes. The technology works on any device with a camera and requires no specialist hardware.

How is this different from existing anti-scalping solutions?

Most existing anti-scalping solutions rely on a central server to check whether a ticket has been used. If that server is slow, down, or unreachable, scanning fails. AffixIO's approach embeds the proof in the QR code itself, removing the central point of failure entirely. There is no server to overload, no database to hack, and no connectivity required at the gate.

Anti-Scalping Ticket Technology | AffixIO Secure QR Tickets

The problem right now

Ticket scalping costs fans billions every year

Everyone has felt it. The show goes on sale. Within minutes, touts have thousands of tickets. By the time genuine fans get to the checkout, it is already a resale market. AffixIO's broader verification story, including AI governance and audit infrastructure, is set out in the war room.

It happens because traditional ticketing is built on a fragile foundation. When you get a QR code, that code is just a number, a key that points to a record somewhere in a database. The ticket is not actually in the code. The code just says "look me up."

That means a screenshot works just as well as the original. It means the same code can theoretically be sent to multiple people. It means the scanner at the gate has to call a server every single time, and if that server is slow, or down, 50,000 people queue in the rain.

And it means scalpers can buy tickets in bulk, resell them at any markup, and pass on a perfectly valid QR code to someone who paid three times the face value, or a convincing fake to someone who paid even more and gets turned away at the door.

Current anti-scalping efforts like name-matched tickets, photo ID checks, and transfer locks all add friction for genuine fans and are routinely worked around. The problem is the architecture, not the policy.

£1bn+

estimated value of the UK secondary ticketing market annually, much of it driven by automated scalper bots buying on sale day

4 mins

average time for top-tier concert tickets to sell out in primary market. With scalper bots, genuine fans rarely get a chance

5–10x

typical secondary market markup on face value for major events, with fake tickets also in circulation at comparable prices

1 in 5

event-goers who have experienced issues with ticket validity, according to industry surveys, including those turned away, duplicated, or invalidated on the day

The AffixIO approach

What if the QR code was the proof, not just a key?

AffixIO has developed technology that changes the fundamental architecture of ticketing. The proof does not live in a database. It lives in the code.

Traditional QR ticketing

The QR code is a reference to a database record
Scanner must contact a server to verify
Server down means no one gets in
A screenshot is a working copy of the ticket
Same code can be sent to multiple buyers
Scalpers can buy, screenshot, and sell on
Fake tickets can look identical to real ones
Network congestion at peak entry time causes failures
Your personal data may be embedded in the code

AffixIO stateless ticketing

The QR code contains the cryptographic proof itself
Scanner verifies on-device with no server call needed
Works with zero internet connectivity at the venue
Once scanned, the proof is marked consumed. No second scan is possible
A copy of the code is worthless after first use
Scalped codes fail verification on arrival
Fakes cannot pass cryptographic signature checks
No network means no bottleneck: scanning is instant
No personal data stored in the QR code at all

See it in action

A real AffixIO-signed QR code

This is an actual QR code generated by the AffixIO ticketing engine. Scan it yourself: it resolves to the AffixIO partnerships page. It illustrates exactly how a secure event ticket would look and behave.

Example AffixIO cryptographically-signed QR ticket code

This code looks like any other QR code. That is the point.

To the naked eye, an AffixIO ticket is indistinguishable from a standard QR code. But inside it, baked into the data at the moment it was generated, is a cryptographic proof. The code carries an event binding, an expiry window, entry point restrictions, and a digital signature that no scanner can fake and no forger can replicate.

When a gate scanner reads it, it does not ask a server "is this valid?" It reads the proof directly, checks the mathematics, and gives an answer instantly. There is nothing to intercept between the code and the answer. The verification happens right there, on the device, at the door.

Encoded inside this example: event binding expiry window valid-from time entry point HMAC signature

This QR code is provided as an illustration only and is not a real event ticket. It demonstrates the format and technology.

What is baked into each ticket

Every AffixIO ticket carries its own truth

Each QR code contains a small, precise set of facts, and a signature that proves those facts have not been tampered with.

Included

Event binding

The ticket is cryptographically tied to a specific event. It cannot be used for a different show, venue, or date. Not by accident, not by anyone.

Included

Expiry window

Every ticket has a time limit built in. A ticket that expires at midnight cannot be used the following day, even if it was never scanned.

Included

Valid-from time

A ticket can be set to become active only from a specific time, preventing early-gate fraud and ensuring tickets cannot be used before doors open.

Included

Entry point restriction

A general admission ticket for Gate A cannot be used at Gate C. VIP access can be scoped to specific entrances and no others.

Included

Maximum scan count

A ticket can be set to allow exactly one scan. Or two. Or ten. Once the limit is reached, the ticket is finished, regardless of who tries to use it.

Included

Cryptographic signature

Everything above is bound together with a digital signature. Altering any single byte makes the signature fail. No genuine-looking fake is mathematically possible.

Not included

Your name

AffixIO tickets do not contain the buyer's name. The gate does not need to know who you are to confirm your ticket is genuine.

Not included

Your email address

Your contact details are never embedded in the code. There is nothing to leak, nothing to harvest, and nothing to expose in a data breach.

Not included

Your payment details

No financial data, card numbers, or transaction references are in the QR code. The code proves attendance rights. Nothing more.

Gate day

What happens when you scan the gate

For the fan, it feels exactly the same as any other QR ticket. Behind the scenes, it is completely different.

Fan shows QR code

The attendee opens their ticket on their phone, or on a printed page. No app required. Any standard QR code works.

Scanner reads the proof

The gate scanner reads the code. In the same instant, it checks the cryptographic signature and all conditions including event, date, gate, and expiry, entirely on the device.

One-time mark applied

The moment the proof is accepted, the scanner records a unique fingerprint of that ticket as consumed. The same code will never pass again at any gate or on any scanner.

Green tick. You are in.

The whole process takes under a second. No internet needed, no server call, no queue caused by a slow backend. The fan walks in. The scalper's copy fails.

Where this could apply

Any event. Any venue. Any ticket.

AffixIO's ticketing technology is not specific to a single type of event. Anywhere a QR code is currently used to control access, this approach could replace it.

Stadium concerts and tours

The biggest target for scalpers. AffixIO could make bulk-buy bots worthless overnight. Every ticket issued is a one-use cryptographic proof that can only be scanned once, by one person, at one gate.

Sports fixtures and cup finals

Season tickets, cup allocations, and loyalty-gated tickets could all carry built-in entry controls. A ticket assigned to one stand cannot be used in another. A resold ticket fails on arrival.

Festivals and multi-day events

Day tickets, weekend passes, and wristband activations could all be issued as cryptographic proofs. Daily expiry is enforced automatically. Re-entry passes can be scoped to specific time windows.

Theatre, opera and arts venues

Seat-specific access, advance booking windows, and last-minute releases could all be handled without a central system at the door. The code knows which seat it is for.

Transport and travel passes

Train tickets, bus passes, and travel vouchers are exactly the kind of time-bounded, route-specific credentials this system is designed for. Works underground, in tunnels, and in any no-signal environment.

Conferences and trade shows

Session-specific access, VIP areas, speaker passes, and exhibitor credentials could all be issued and verified without queuing at a registration desk or risking a badge swap.

What this would mean for genuine fans

Scalpers cannot profit from your ticket

A ticket bought to resell is a ticket that fails at the gate. The person who bought it on a secondary site arrives with a code that has already been marked consumed. They cannot get in.

Fake tickets are mathematically impossible to produce

A forged QR code cannot pass the cryptographic signature check. There is no design trick, no template copy, no visual approximation that works. The maths either checks out or it does not.

Your personal data is not in the ticket

The QR code does not contain your name, email, or anything else about you. The gate learns one thing: this proof is valid. Nothing more.

The gate works even when the internet does not

No server means no dependency on connectivity. 80,000 people arriving at once cannot overload a verification system that runs entirely on the scanning device.

No specialist app needed

AffixIO tickets are standard QR codes. They display in any wallet, any email client, any PDF. Nothing to download. Nothing to log in to.

Face value stays in reach

When scalping stops working, the secondary market collapses. Tickets that cannot be resold for profit stop being bought to resell. Face value becomes the market price again.

Interested in piloting this technology?

AffixIO is open to partnerships with ticketing platforms, event promoters, venue operators, and transport providers who want to pilot this approach. If you run events and you are tired of watching scalpers profit from your customers, let's talk about what a structured pilot would look like for you.

We respond to every genuine enquiry within two business days. No hard sell, just a straight conversation about the technology and whether it fits your problem.

Try sandbox

WP-037 field report

Contact form · partnership@affix-io.com