What happens when someone taps
When someone taps a placard with their phone (NFC) or scans the QR, their browser opens `/checkin/:orgId/:token`. This page is public — no login.
The page does three things:
1. **Resolves the token** against the org's points. Invalid / expired / disabled token → friendly error, no action taken.
2. **Looks up the subscriber binding** — what kind of point this is (table, door, gate, etc.) and which module owns it.
3. **Renders the correct micro-flow** — short, mobile-first, no chrome. Examples:
- Restaurant table: "Welcome to Table 4 — start a check, view the menu, or call your server"
- Hotel door: "Welcome — show your reservation to unlock"
- Event gate: "Show your ticket QR — staff will scan"
- Property equipment: "Report a fault on Treadmill #2"
Every tap writes an activity record on the org side (Activity tab) with timestamp, point label, and (when known) the resolved user. Anonymous taps are logged with the device IP only.