Loyalty & Members · Receipts & Orders

Verified points from receipts and orders — not the honor system.

Reward the purchases you'd otherwise never see — a paper receipt, an Amazon order, a TikTok Shop order — with AI vision reading the receipt and official APIs verifying the order. Real spend earns real points; fraud and duplicates don't.

Book a Demo See how the points ledger stays correct →

Receipt → OCR → verified points

merchantMarket Co.

total$25.50

currencyUSD

line items3 parsed

confidence0.96

Verified · points awarded

The problem

Most of your customers' spend happens where you can't see it.

In-store spend is invisible

A paper receipt is proof of a purchase your loyalty program never recorded — and it walks out the door.

Self-reported points invite fraud

AI-generated fake receipts spiked in 2025. Honor-system points reward whoever games the form fastest.

Marketplaces keep the buyer

Amazon and TikTok Shop hold the order and the relationship. Without verification, those buyers are strangers to you.

How it works

A photo becomes verified points in four guarded stages.

Receipt OCR runs on GPT-4o Vision behind a provider-agnostic adapter — with a JSON repair pass and a 180-second budget tuned for large phone photos. Every stage is fraud-checked before any point is written.

01CaptureMember snaps a paper receipt. SHA-256 image hash blocks per-member duplicates.

02Vision OCRGPT-4o Vision extracts merchant, totals, tax, line items and a confidence score.

03ValidateZod + business rules check totals, currency and a non-future, in-window date.

04AwardTier multiplier → fail-closed daily cap → idempotent points, or a human review queue.

SHA-256 image dedup

Every receipt carries an image hash; a re-submitted photo can't double-claim.

Confidence-gated auto-approve

Only zero validation errors AND a program-set confidence threshold auto-award. Everything else goes to review.

Fail-closed daily cap

If the Redis cap tracker is unreachable, the award is withheld and routed to review — never silently granted.

CAS-guarded state machine

An atomic pending→processing claim means a worker and the reaper can never double-process one receipt.

Failures are typed, not string-sniffed: a ocr_failure_class column drives retryability, and a reaper recovers orphaned or exhausted rows.

Marketplace orders

Self-reported order numbers, verified against the real API.

A member submits an Amazon or TikTok Shop order number. Flash verifies it through the official channel API — Amazon SP-API and the TikTok Shop API — pulling a privacy-minimal order snapshot only (amount, status, date). The connectors deliberately never request buyer name, email or address.

Real verification calls

Amazon SP-API (LWA OAuth) and TikTok Shop API (HMAC-signed, rotating token) — implemented, not stubbed.

Zero-PII snapshots

Only amount, status and order date are fetched, so data-protection exposure on the connector is nil.

One order model

Receipts, Shopify and marketplace orders all converge on the same flash_orders record and points helper.

On the roadmapM1 scope today

Every verified marketplace order is human-reviewed.

In the current release, a verified-OK channel order routes to a reviewer queue before any points are awarded — there is no auto-approval. We'd rather be conservative on day one than auto-credit a spoofed order.

Planned (M2)

Auto-approval inside a recency window
Reconciliation cron for post-award changes
Claw-back on refunds and cancellations

Receipt OCR auto-approval, by contrast, is live today — gated on confidence and zero validation errors.

Why it's different

Verified spend you own — not data harvested for someone else.

Receipt-aggregator apps capture purchase data for themselves; the member belongs to the aggregator, not your brand. Flash's receipt OCR is merchant-owned by design — the verified purchase and the member feed your loyalty program, with verification built to resist the 2025 fake-receipt wave.

Typical approach

Receipt-aggregator apps

Capture purchase data into their graph; the member is theirs, not yours.

Flash, by design

Merchant-owned OCR — the verified purchase and member belong to your brand.

Typical approach

Honor-system points

Trust whatever the form says; easy to game with fabricated receipts.

Flash, by design

Image-hash dedup, confidence gates and official-API order checks verify the spend.

Typical approach

On-site-only loyalty

Only counts actions on one storefront.

Flash, by design

Earns from in-store receipts, Shopify and marketplace — real spend across channels.

Receipt OCR extraction

Image-hash dedup

Amazon SP-API order check

TikTok Shop API order check

AI & innovation

Verification as a feature, AI vision under the hood.

Where the category rewards self-reported activity, Flash rewards verified purchases — and uses AI where it earns its place: reading a crumpled receipt no rules engine could parse.

GPT-4o Vision extraction

Structured merchant, totals, tax and line items from a phone photo — with a confidence score that gates auto-approval.

Provider-agnostic by design

A ReceiptOcrAdapter interface means a different vision model could be swapped in without touching the pipeline.

Self-healing JSON

A repair pass re-asks the model to fix malformed output before giving up — so messy receipts still resolve.

What changes for the business

Spend you couldn't see becomes verified, owned membership — and your most-rewarded customers are genuinely your best.

GPT-4o Vision

reads receipts in production, JSON-repaired

SHA-256

image dedup blocks duplicate claims

Official APIs

Amazon & TikTok orders verified, not guessed

See a receipt become verified points.

Book a demo

400M+

50+

12+