Back to journal
Geofencing5 min read

Geofencing attendance is not a map feature. It is compliance evidence.

The real value of geofencing is not the circle on the map. It is the record that connects person, place, time, policy, device, and exception state.

By Onsight Editorial · Workforce intelligence team/

Most teams adopt geofencing because they want to know whether employees are where they should be. The map is the part everyone sees: a coloured circle around a worksite, with little avatars moving in and out of it. The map is the demo. It is not the product.

The product — the thing that justifies the cost, survives an audit, and changes outcomes — is the record. Every check-in produces a structured artefact that ties together six things: who the person is, where they were, when they were there, what policy applied, what device they used, and whether anything about the event was anomalous. That artefact is what you fall back on when payroll is disputed, when a regulator asks for evidence, when an HR complaint surfaces, when an incident requires reconstruction.

If you treat geofencing as a map, you will get a map. If you treat it as an evidence system, you will get something that holds up under scrutiny.

What a defensible attendance record looks like

A check-in event you can defend in front of an auditor contains, at minimum, the following:

  • Identity. Employee ID, name at the time of the event, role.
  • Location. Latitude/longitude with accuracy radius, the geofence ID matched (or "outside any geofence"), and the source (GPS, network, fused).
  • Time. Timestamp from the device, timestamp from the server, and the delta between them.
  • Policy. Which attendance policy was in force for this employee, at this site, on this date. Policies change. The record must say which version applied.
  • Device. A stable device identifier, the OS version, the app version, and integrity signals (rooted, mock location, emulator, time tampering).
  • Exception state. If the event was flagged, why. If it was reviewed, by whom and when. If it was overridden, what the original state was.

Notice what is missing from this list: the photograph by itself, the map pin by itself, the GPS trace by itself. Any one of those without the others is decoration. Together they are evidence.

The audit conversation

The fastest way to test whether your attendance system is actually compliance-grade is to imagine the audit conversation. An auditor — internal, external, or regulatory — asks you the following questions in sequence:

  1. "Show me every check-in for site X on date Y." You should be able to filter to the result set in under a minute.
  2. "For each one, who was the employee and what device did they use?" The answer should be one click away from the event.
  3. "How do I know the location wasn't faked?" You should be able to point at the integrity signals captured at the moment of the event.
  4. "How do I know the timestamp wasn't manipulated?" Server time, device time, and the delta should be on the record.
  5. "Where is the policy this employee was operating under?" Versioned, dated, and linked to the event.
  6. "What exceptions were raised, and how were they resolved?" Resolution should include actor, time, and justification.

If you have to leave the system to answer any of these — open a spreadsheet, dig through a Slack channel, call the supervisor — you do not have evidence. You have a story.

Where teams go wrong

Three patterns reliably weaken what would otherwise be a defensible system.

Over-permissive geofences

A 300-metre radius around a city-centre office accepts check-ins from the coffee shop downstairs, the bus stop across the road, and the apartment block on the corner. The geofence is not wrong, exactly. It just stops being evidence. Tighten the radius until being inside the fence is a meaningful statement.

Mutable history

Some systems let managers edit past check-ins without leaving an audit trail. This collapses the entire evidentiary value of the system. Every edit must be recorded as a new event, with the original state preserved, the editing actor identified, and a justification field that cannot be left blank.

Policy ambiguity

If a worker checked in at 08:12, the question of whether that counts as "on time" depends on the policy in force on that date. Policies that live in PDFs, slide decks, or supervisor memory are not part of the record. They have to be encoded in the system, versioned, and applied automatically. Otherwise the same check-in produces different conclusions depending on which manager you ask.

Exceptions are the product

Counterintuitively, the most valuable part of a geofencing system is not the events that succeed. It is the events that fail or look unusual. A clean check-in inside the fence at the start of a shift is operationally normal — it confirms what you already expected. An exception, on the other hand, is information.

The exception queue should be the supervisor's first stop every morning. It should answer:

  • Who tried to check in from outside the fence, and how far outside?
  • Whose device is generating integrity signals (mock location, root, emulator)?
  • Which check-ins were missing? Who did not show up, and what was the explanation?
  • Which manual overrides happened, and by whom?

A team that reviews this queue daily catches problems while they are still small. A team that exports it weekly catches problems after they have compounded. A team that never reviews it has a map, not a programme.

What changes when you treat it as evidence

When attendance moves from "we have geofencing" to "we have evidence", three things shift in how the organisation operates.

Payroll cycles get shorter. Disputes resolve in minutes instead of days because the record is already there. Finance trusts the data because it can audit any individual line.

HR conversations get cleaner. A performance discussion grounded in twelve weeks of structured attendance data, with exceptions and resolutions visible, is a different conversation from one grounded in supervisor anecdote.

Compliance reviews stop being a panic. When an auditor or labour inspector asks for the last quarter's records, the answer is an export, not a fire drill. The system is the answer.

The simple test

Here is the test we give operations leaders evaluating any attendance system, geofenced or otherwise:

Pick a random check-in from three weeks ago. In under sixty seconds, produce a single page that shows who checked in, where, when, on what device, under what policy, and with what integrity signals.

If the answer is yes, you have an evidence system. The geofence is doing real work. Everything else — the map, the dashboard, the live view — is interface around the artefact that matters.

Keep reading

Attendance trust

Beyond the biometric turnstile: why office-gate attendance no longer fits how work happens

Fingerprint readers and ID cards at the office entrance solved a 2005 problem. Hybrid schedules, client sites, and remote days have outgrown them. Here is what to use instead — and how to migrate without breaking trust.

Attendance trust

How to reduce buddy punching without making field work painful

A practical framework for combining selfie evidence, local biometric approval, approved devices, and manager review without slowing employees down.

Turn the article into an operating policy.

Onsight can help you define geofences, trust controls, exception flows, and reporting rules around your real workforce.

Walk through your rollout

Bring your site structure, employee groups, and compliance concerns.

Book demo