Kosmos Software logo Kosmos Software
Quill's Thoughts

POPSCAN measurement framework for UK teams

A practical UK guide to the POPSCAN measurement framework, showing how proof of purchase verification helps brand teams reduce abuse, protect budget and keep campaign data reliable.

POPSCAN Playbooks 8 Mar 2026 9 min read

Article content and related guidance

Full article

POPSCAN measurement framework for UK teams

Overview

Proof-of-purchase promotions still work brilliantly when the mechanics are sound. They can drive trial, reward loyal customers and give teams cleaner first-party signals. The snag is that weak controls turn a tidy incentive into a leaky system, with invalid claims distorting both payout costs and reporting.

These are founder field notes, not brochure copy. POPSCAN is the measurement framework we use to assess campaign integrity across multiple signals at once, because single-check systems are now a bit of a faff and rarely hold up under pressure. The trade-off is straightforward: tighter controls can add friction, but loose controls can make your numbers look better than reality while the budget quietly walks out the door.

What you are solving with proof of purchase verification

Last Tuesday, in a café in Brighton, I watched someone photograph what looked like the same supermarket receipt from three angles. The paper had that flat thermal sheen and the whole thing felt rehearsed. That’s when I was reminded, again, that many brands are still trying to run modern promotions on outdated assumptions.

The real job of proof of purchase verification is not merely stopping the odd cheeky claim. It is protecting three things at once: campaign budget, reporting quality and customer fairness. Invalid redemptions waste money directly. They also pollute your customer data, which then affects audience decisions in later campaigns. And when abusers are rewarded more often than genuine buyers, the promotion stops behaving like a loyalty tool and starts behaving like an exploit.

You can see the wider point in adjacent markets. On 7 March 2026, BitcoinWorld reported that Binance’s proof-of-reserves data showed an 8,004 BTC drop in user holdings. Full text was not available in the API-lite feed, so I am not stretching the claim beyond that headline. Still, the lesson is clear enough: when a system depends on trust, measurement has to be explainable. If a platform cannot explain its decisions, it does not deserve your budget.

In practice, we usually see two broad groups. Opportunists reuse a receipt from a mate, a shared flat or the floor by the till. Systematic abusers are more organised: edited receipts, device farms, submission scripts, location spoofing, the lot. The trade-off here is simple. Controls aimed only at opportunists keep the journey smooth, but they will not stop coordinated abuse once a campaign gains traction.

The POPSCAN method: a practical framework

POPSCAN gives teams a structured way to score each submission across seven dimensions: Participant, Outlet, Product, Submission, Context, Anomaly and Network. One signal on its own is rarely enough. Several independent signals lining up usually tell you whether you are looking at a clean claim, a likely abuse attempt or a grey area worth a human look.

Let’s make this concrete. Imagine a campaign for a new brand of sparkling water. A submission arrives. A basic system might accept the receipt because the product line can be read and the date falls within the campaign window. The POPSCAN framework, however, sees more. The Participant's email address was created two hours ago. The Outlet is a Morrisons in Manchester, but the Context shows the IP address is from a known data centre in London. The Submission receipt image has been stripped of all metadata, a common sign of digital tampering. Finally, the Network analysis links the IP address to 150 other entries in the last hour. Any single one of these flags might be explainable. Together, they paint a clear picture of systematic abuse, allowing you to block the entire cluster with confidence.

The trade-off is computational and operational complexity. Multi-signal scoring takes more design work than a simple receipt upload flow. In return, you get a measurement system that can explain why a claim was approved, rejected or held for review, which is rather more useful when finance, legal or the promo agency asks awkward questions.

Critical decision points when building your controls

Building usable controls means choosing where to sit on a few tensions rather than pretending they do not exist.

Friction versus completion rate. A longer form, mandatory registration and extra verification steps will deter some abuse. They will also deter some genuine customers. For a low-value cashback offer, a clean receipt upload with lightweight validation is often enough. For a high-value prize mechanic, extra identity checks are easier to justify. Between 14:00 and 16:30 on Thursday afternoon, I was testing a claims flow and managed to break completion tracking with an over-eager validation step; fixed it with a simpler branch and one less required field. Fancy that: fewer hoops improved both completion and auditability. The trade-off is obvious. Less friction increases volume; stronger controls increase confidence in that volume.

Automation versus human review. Most teams are sold the dream of full automation. I remain sceptical. Automation without measurable uplift is theatre, not strategy. The more durable model is hybrid triage: approve the clearly valid, reject the clearly invalid, and route the ambiguous middle for review. In one practical operating model, that might mean automatic decisions for the majority and manual inspection for a small minority where the score is borderline. The trade-off is cost versus precision. Human review slows throughput, but it often catches nuanced abuse patterns that rules alone miss.

Data scope versus privacy. Collecting more data feels safer until legal, UX and completion rates get involved. Our default is privacy-preserving architecture and data minimisation: gather only what is needed to validate the claim and fulfil the reward. For one beverage campaign in late 2025, removing a mandatory phone number field lifted the valid completion rate by 5% without a measurable drop in abuse detection because the rest of the signal stack was doing its job. The trade-off is worth stating plainly. More data can improve confidence, but unnecessary data also increases user hesitation, compliance burden and storage risk.

Common failure modes we see in the wild

Most broken promotion controls fail in familiar ways. The details differ by brand, but the patterns are boringly consistent.

There is a useful parallel in consumer content too. On 6 March 2026, USA Today published a review of Home Depot’s Lifeproof flooring. Different category, same operational truth: names that imply certainty can still require scrutiny. If your verification stack sounds reassuring but cannot show its working, that reassurance is cosmetic.

  • The single-signal trap. Teams rely on one control, often barcode or line-item matching, and assume the job is done. It is not. A valid code suggests the product exists on the receipt; it does not prove the claim is unique, rightful or untampered. The trade-off is speed versus resilience. Single-signal systems are quick to ship, but easy to game.
  • Ignoring metadata and image behaviour. Receipt images carry useful technical context, even when you handle them carefully and within privacy limits. Missing or inconsistent metadata, repeated crop patterns and suspiciously uniform image dimensions can all be useful indicators. Not every edited image is fraudulent, of course; some people simply screenshot badly. That is why metadata should inform the score, not become a lone verdict.
  • Treating each campaign as a fresh start. Fraud patterns persist. If a weakness appears in a summer promotion, expect it back at Christmas wearing a different hat. Shared blocklists, retailer risk notes and reusable rules matter. The trade-off is maintenance effort versus cumulative protection. Reusing intelligence takes discipline, but rebuilding from scratch each time is expensive and rather silly.
  • Vague terms and conditions. Ambiguity invites argument. Last year, one campaign used “one entry per household”, and a shared student address promptly tested the definition. Legally awkward, operationally annoying, and completely avoidable. Better wording would specify one entry per named individual at a unique postal address where that rule is appropriate. The trade-off is between brevity and precision. Shorter copy feels friendlier; clearer copy gives operations something solid to enforce.

An action checklist for your next promotion

If you want a framework that can be built, shipped and tested without turning the campaign into a bureaucratic mess, start here.

A sound measurement framework does not make abuse disappear, and anyone promising that is selling theatre. What it does do is give your team a cleaner operating model: better evidence, fairer rewards, fewer nasty surprises and reporting you can defend with a straight face. If your brand team wants to pressure-test an upcoming promotion, let's have a cup of tea and a chat. We can run a POPSCAN abuse-risk review, show where the weak signals are, and help you tighten the mechanics without turning the customer journey into hard work. Cheers.

  • Before launch Define what counts as a valid claim across all seven POPSCAN dimensions. Write terms and conditions that are legally sound and plain enough for normal humans to follow. Set a risk threshold before the campaign starts: what level of abuse is commercially tolerable in exchange for a smoother journey? Document which data fields are essential and which are simply nice to have. Remove the latter unless you can justify them.
  • While the campaign is live Check dashboards daily for spikes by retailer, postcode, IP range or submission time. Audit a small random sample of approved claims, not only the rejected ones. A 1% manual check is often enough to expose blind spots. Track Cost Per Valid Acquisition (CPVA), not just Cost Per Entry (CPE). The latter is a vanity metric if a third of your entries are invalid. Log rule changes with dates and reasons so the team can see what actually improved outcomes.
  • After the campaign Quantify prevented loss using rejected or reversed claims, review outcomes and verified payout reductions. Update shared risk rules, device indicators and retailer notes for the next campaign. Write a one-page debrief with measurable lessons, owners and next changes to test.
  • Define what counts as a valid claim across all seven POPSCAN dimensions.
  • Write terms and conditions that are legally sound and plain enough for normal humans to follow.
  • Set a risk threshold before the campaign starts: what level of abuse is commercially tolerable in exchange for a smoother journey?
  • Document which data fields are essential and which are simply nice to have. Remove the latter unless you can justify them.
  • Check dashboards daily for spikes by retailer, postcode, IP range or submission time.
  • Audit a small random sample of approved claims, not only the rejected ones. A 1% manual check is often enough to expose blind spots.
  • Track Cost Per Valid Acquisition (CPVA), not just Cost Per Entry (CPE). The latter is a vanity metric if a third of your entries are invalid.
  • Log rule changes with dates and reasons so the team can see what actually improved outcomes.
  • Quantify prevented loss using rejected or reversed claims, review outcomes and verified payout reductions.
  • Update shared risk rules, device indicators and retailer notes for the next campaign.
  • Write a one-page debrief with measurable lessons, owners and next changes to test.

Take this into a real brief

If this article mirrors the pressure in your own workflow, bring it straight into a brief. We keep the context attached so the reply starts from what you have just read.

Start a brief from this article View POPSCAN

Related thoughts