Proof of purchase 30 April 2026 · 8 min read

Receipts, batch codes, unique codes: which proof-of-purchase mechanic actually works?

Till receipts are easily faked. Batch codes provide no real security and corrupt your consumer database with bot- and farm-driven entries. A unique code is the only mechanic that can be enforced as single-use, audited end-to-end, never sits in a database that could leak, and produces clean consumer data. Here’s the comparison in full.

Every promotion involving a reward, a prize, a refund or a loyalty point needs a way to verify a real purchase happened. The mechanic the brand picks decides three things: how secure the campaign is, how easily it can be audited, and how much fraud the brand will absorb. Get the choice wrong and a campaign can lose its commercial value before it even runs.

Yet the choice is most often made by default rather than design. Around 90% of European on-pack promotions still use batch codes — the weakest mechanic on the list — because unique codes have historically been seen as complex and expensive to print. That has changed. Here’s the four-mechanic landscape, side by side.

No verification

Free-entry sweepstakes and shelf-scanning mechanics with no proof-of-purchase requirement at all. Cheap and frictionless for the consumer. Hopeless against bots, account farms and incentive abuse. Fine for low-value, data-light campaigns where the brand cares about reach more than rigour. Inappropriate for anything with monetary value attached — and the consumer database it produces is mostly noise.

Till receipts

The original proof-of-purchase mechanic, designed for human inspection in a different era. Receipts are trivially faked: edited in image software, generated by free online tools, photographed from another consumer’s shopping. Auditing receipts at scale requires either expensive manual review or imperfect machine OCR; audit trails are partial at best. The consumer friction is real — people have to keep, photograph and upload them — and it depresses participation rates among the audiences brands want most. The friction filters some bots, but motivated fraudsters still produce fakes that pass automated checks.

Batch codes

The same code printed on every pack of an SKU. There is no way to enforce single use, because every pack carries the same code; once one consumer enters it, anyone can reuse it indefinitely. Limiting entries per account doesn’t fix the problem — bots and fraudsters simply create more accounts. As a security mechanism, batch codes provide essentially no protection. They are still the most common mechanic in European on-pack promotions, almost entirely for historical cost reasons.

The downstream cost lands on the data. Because anyone can spin up endless fake accounts and reuse the same code, the consumer records you accumulate are heavily contaminated — bots, duplicates, throwaway emails — which inflates campaign statistics, distorts ROI measurement, makes follow-up activity less effective, and creates GDPR overhead for records that shouldn’t exist in the first place.

Unique codes

Every pack carries its own unguessable, non-sequential code. Each code can only be used once, by one consumer, ever — enforcement happens at the system level rather than as a policy you have to police. Every entry is logged with a full audit trail. Each code can be cross-referenced against the consumer record, the SKU, the production date and the production line, and that cross-reference is itself a layer of fraud detection. Behavioural risk-scoring of consumers, combined with the audit trail, gives campaign-level statistics that are actually meaningful.

The data quality follows directly. A fake account can’t enter a code it doesn’t physically have, so the consumer database a unique-code campaign produces is essentially self-cleaning — every record corresponds to a real person who made a real purchase. That makes the data genuinely useful for follow-up activity, personalised mechanics, lifetime-value modelling and ROI measurement, and dramatically lowers the GDPR overhead of holding records you wouldn’t have wanted in the first place.

The architectural advantage few people talk about. If a unique-code platform stores its issued codes in a database, that database is itself a target. Hive IP’s platform is closed-loop and algorithmic — codes are never stored on the in-factory ACG and are never held in a list that could leak. Validation reverse-engineers each submitted code rather than looking it up. The systemic security risk that has compromised entire campaigns at competing providers doesn’t exist in this architecture.

The takeaway

For any promotion with monetary value attached — cash back, prizes, vouchers worth pursuing, refunds, anti-counterfeit verification — a unique code is the right primitive. Till receipts and batch codes have edge-case roles, but the default has shifted, and the brands that still use the older mechanics are usually doing so for historical reasons rather than current technical or commercial constraints. Read the full proof-of-purchase argument →

Next article →

Why in-factory unique-code printing can save 78% or more

Talk to us

Let’s see what unique codes could do for your next campaign.

Whether you’re running global promotions on hundreds of millions of packs, launching a single digital push, or scoping a brand-protection programme — we’ll build the right route in.

Send an enquiry See our model

Or get straight in touch: info@hiveip.co.uk