User login to the C9Clockin app and select clock-in or clock-out. Then scan the QR code on the QR code device to retrieve the timestamp, device code, and verfication signature embedded. The app sends this information together with user's ID, timestamp, and location back to the C9Clock-in server for verification.
The verification process first compares the timestamps from QR code device and user's phone. It fails if the difference of those timestamps are more than 45 seconds. This is to prevent user from using an expired QR code, e.g. a captured QR code image.
Next, the verification process compares the location where user clocked in/out. It uses the location and boundary denoted by the device code, and it calculates whether a user is within or too far from that location.
Once the verification process is completed, the information such as date, time, location, etc. will be stored in the database. The app will also receive a confirmation message and display the result to the user.