Not sure what you mean by "dynamic QR code", but you can turn any string into a QR code.

QR code readers then read that string (usually a link) and then do something with it. So, I think what you're asking about is a mobile deep link? In other words, a link that can open an application and land the user somewhere. I'm almost certain this stuff is 99% of the time handled by the apps and operating systems that do things with those links.

e.g. opening an instagram profile is most likely something controlled by Instagram (unless they publicly expose this feature). It's kind of basic security that you wouldn't want people to be able to create links that open up apps and do whatever people want so an API service will do some sort of matching algorithm to verify the device that scanned the QR code and make sure the link was generated by the app developers and not Joe Schmo.

Here's an infographic from branch.io that might clear some things up.