Certified security patrols: from the sign-in sheet to defensible proof
When a client insists that no guard walked the site at three in the morning, the security company is left defending its service with a scanned sign-in sheet or a list of checkpoints logged by an NFC reader. Neither document proves what actually happened at that location, at that hour. The sheet is filled in by the guard and kept by the same company that produced it. The NFC log is a single line of data from a device whose clock nobody independently controls. In a real dispute, that is not enough: anyone can argue the signature was written elsewhere, or that the reader entry was edited after the fact.
Certified security patrols close exactly this gap. They turn every checkpoint of a guard tour into a standalone, tamper-evident record where the moment, the place and the condition of the site are anchored to a qualified electronic timestamp and an integrity seal. The point is not to log the round more precisely, since NFC punch cards and patrol clocks already do that. The point is to produce proof that holds up when someone challenges it. This deep dive builds on the certified night security use case and shows how to move from "we recorded the round" to "we can prove it."
The problem: a challenged patrol and a sign-in sheet that proves nothing
A scanned sign-in sheet does not prove a patrol took place. It only shows that, at some unspecified moment, someone made a mark on a form. That is the weak point of every manned guarding contract when a client pushes back. The end-of-shift report a guard writes carries limited weight in a dispute, because it is self-produced: the company that performed the service is also the sole author and custodian of the document that is supposed to vouch for it. A signature on paper, a photo without a certain date, a register filled in at the end of the shift are all records with no independent third party attesting to their integrity.
The practical consequence is concrete. A client reports a break-in during the night window and claims the round was never done. The guard's attendance record exists, but it cannot be verified: there is no way to prove that the signature was made at that specific checkpoint, at that specific time. The financial and reputational exposure falls on the security provider, who often answers contractually for the conduct of its own personnel and carries the burden of proof under SLA and penalty clauses. Turning a patrol log into records that survive a challenge shifts that burden onto firmer ground.
From the traditional system to certified digital documentation
What separates a traditional patrol-control system from a certified patrol is the integrity of the data, not its quantity. An NFC reader records the passage. A certified patrol records the same passage and locks it down with a timestamp, geolocation and an integrity seal, so that no one can dispute its authenticity later. It is the jump from internal service tracking to evidence with defensible value in a dispute.
| Sign-in sheet / NFC punch log | Certified security patrol | |
|---|---|---|
| What it records | A signature or a tag read at the checkpoint | Geolocated check-in, photo of the site, signed end-of-shift report |
| Data integrity | None: signature and log editable after the fact | Integrity seal (hash) and qualified timestamp on every record |
| Certain date and place | No: the date is the one declared by the operator | Yes: geolocation and timestamp bound to each record |
| Independent third party | Absent: document self-produced by the provider | Qualified electronic seal from a third-party QTSP |
| Value under challenge | Self-produced, easily rebutted | Reinforced, defensible evidence |
NFC punch cards and patrol sheets: why they do not hold up under challenge
NFC and RFID systems record the passage, but the output is a plain line of log data that the provider generates and stores on its own. Patrol clocks, RFID tags, QR-code readers and guard-tour apps confirm that a device read a checkpoint. They do not confirm that the site was in order, nor that the record stayed intact. The recurring limits are consistent:
- The log is internal data, not attested by an independent party.
- The condition of the site is missing: the passage is recorded, not what was inspected.
- Date and time come from the device clock, which can be altered.
- No integrity seal prevents later edits to the register.
International standards such as ISO 18788 for security operations management push providers to document the service delivered to the client, but a standard alone does not turn a patrol sheet into solid proof. Checkpoint traceability is the starting point, not the finish line.
Geolocated check-in, timestamped photo, signed report
A round becomes demonstrable when every passage produces three linked, tamper-evident elements: a geolocated check-in that anchors the round to certain coordinates and time, a photo of the site with EXIF metadata and a timestamp that makes its date hard to contest, and an end-of-shift report signed by the guard with an electronic signature under eIDAS (EU Regulation 910/2014). It is the same principle behind traceable certified inspections and site surveys, applied to the night patrol.
Compliance and contractual duties: proving service delivery and reducing liability
Proving service delivery is a contractual duty long before it is a legal one, and reinforced records are what let a provider meet it. Manned guarding contracts specify the service to be delivered, the checkpoints, the frequency and the penalties for rounds not performed. When a dispute arises, the provider has to show the exact performance of that obligation, not merely assert it. A patrol log with no independent attestation puts the company in the weaker position every time the facts are contested.
Records carrying a qualified timestamp and an integrity seal let a provider demonstrate performance checkpoint by checkpoint. The same logic governs certified facility management, where the patrol is one line in a contract with penalties attached to proof of service, and field service proof of intervention, where an operator has to show what was done, where and when. Documentation with reinforced evidentiary value reduces disputes, supports the chain of custody from the field to any eventual proceeding, and often improves the provider's position with its insurer.
How TrueScreen certifies the evidence of a security patrol
TrueScreen is the Data Authenticity Platform that acquires every passage of the patrol with forensic methodology, through a geolocated check-in, a timestamped photo and an end-of-shift report with reinforced evidentiary value. Each round becomes a chain of standalone records: the moment of the passage is anchored to certified geolocation and a qualified electronic timestamp, the condition of the site is photographed and sealed with a hash that locks its integrity, and the report is signed by the guard with an electronic signature under eIDAS. The certification does not come from a seal issued by TrueScreen. TrueScreen integrates, via API, the qualified electronic seal and the qualified timestamp of third-party QTSPs, so that every record carries the attestation of an independent guarantor. The result is a digital chain of custody that follows the data from the field to any dispute.
Certified geolocation and the timestamp are what separate proof from a simple operational note, a principle that holds across the whole security and defense sector. Consider a concrete case. The client claims that at 03:00 the guard skipped checkpoint Y. The provider produces the geolocated check-in at 03:02 at checkpoint Y, the timestamped photo of the site and the signed report, and the challenge falls because each element is verifiable and intact. That is how a photo and an activity are certified with defensible value, rather than resting on self-produced paperwork.
Conclusion
For a security company the decisive question is not how to record the patrol, but how to prove it when the client pushes back and a self-produced report is not enough. Sign-in sheets and NFC punch logs leave that exact moment exposed. Anchoring every passage to a qualified electronic timestamp, a geolocated check-in and a report signed under eIDAS closes the gap: within the framework of contractual duties, SLA penalties and insurance exposure, it is the difference between claiming the service was performed and being able to prove it.
FAQ: certified security patrols
Does a sign-in sheet have legal value?
It has limited weight in a dispute. A patrol sign-in sheet is self-produced by the security company and easily rebutted, because there is no independent party attesting to when and where it was signed. Without a qualified timestamp, geolocation and an integrity seal applied by a third party, it does not prove in a defensible way that the round was walked at that place and time.
How do you certify a security patrol?
You certify it by turning every passage into a tamper-evident record anchored in time and space: a geolocated check-in, a photo of the site with a timestamp and a hash, and an end-of-shift report signed with an electronic signature under eIDAS. The records are sealed through a third-party QTSP, giving them reinforced evidentiary value compared to an internal register.
Does an NFC punch log prove the round was done?
It only proves that a device read a tag at a checkpoint. The NFC or RFID entry is a line of log data generated and stored by the provider, with no third-party attestation and no protection against edits. It does not document the condition of the site and depends on the reader clock. It is useful for internal tracking, but on its own it does not hold up under challenge.
What value does a guard report have when the client disputes it?
On its own, limited value, because it is self-produced. To reinforce it, the report needs to be anchored to elements a third party can verify: a qualified timestamp, certified geolocation and an integrity seal on the attached records. With those attestations the report becomes defensible evidence rather than a plain statement from the provider.
How does certification help under SLA and penalty clauses?
It gives the provider verifiable proof of exact performance for each checkpoint. When a penalty depends on rounds actually walked, geolocated and timestamped records show the service was delivered as contracted. This supports the burden of proof, reduces the room for disputes and strengthens the provider's position both contractually and with its insurer.

