I'm working on a gym aggregator startup which allow people to access premium membership-only fitness clubs/gym (who partnered with us) and only pay for the time they use with QR Code scan check in/checkout system.
My concern is once a user came to know about gym/club that allowing customer per min. and became familiar after 2 or 3 use. How do I secure this system by statement between gym and end user personally?
Assuming you're utilizing some sort of native app to display that QR code you could consider finding a way to incentive the user to make sure they continue to use the application, regardless of what the gym offers or suggests "off-app" once they get in the door. Maybe adding a layer of gamification or global rewards that keeps them logging in and accessing locations regardless of where they are (people traveling, moving etc.) Other features like free credits for referring friends, sharing on social media etc might keep the end-user engaged enough to prevent or diminish their willingness to consider an alternative arrangement directly with the gym. You could also consider generating your QR codes based on sessions, not on users so that each session requires a unique QR code each time. If attempting to direct your efforts towards the gym, you could make conversion to full-time membership be the thing that your app leads users towards and track that so you can generate a referral fee payment for those members who either choose to switch or are courted to do so by the local staff.
This sort of cannibalization/risk is somewhat inherent with this type of platform arrangement: there are a myriad of other ways you could consider mitigating that risk, but it would be contingent on the specific set up you have built to support your rollout. Happy to connect and explore/discuss a more targeted approach if the above is too generic.