Lost your password? 
USERNAME
PASSWORD
 
NOT A MEMBER? JOIN TODAY...

Key
Multi-Events

Get Connected
Receive the latest news from the brand
protection world, direct to your in box!
SUBSCRIBE

Home > Innovations > Tech Outlook
print
Does Mass Serialization Give You “Security in Numbers?”


 

 

The FDA has said that “The use of mass serialization to uniquely identify all drug products intended for use in the United States is the single most powerful tool available to secure the U. S. drug supply.” * A Q&A with CounterFight’s James Butcher reveals the ins and outs of this anti-counterfeiting and -product diversion solution and how you can maximize it.

Brand Protection Council: Why use mass serialization and not holograms?

 

James Butcher: Mass-serialization is the technique by which each individual item is given a unique number or ‘license plate’; this can be human-readable, a barcode and/or RFID.  This unique code can be used to track and trace an item, and if the code itself is a cryptographically generated non-sequential code such as a CounterFight Security Code, the code provides a layer of security against counterfeiting and product diversion.

 

In terms of ‘why use mass serialization versus other solutions,’ the answer lies in the fact that there is no one ‘silver bullet’ to combat counterfeit activities: the techniques employed must be appropriate to the products and packaging, and solutions may often combine multiple techniques. Mass-serialization provides an extremely cost-effective option which allows verification (authentication) without special equipment – and is ideal when the existing date/lot coding equipment can be used to add the security code to existing lot coding information.

 

Furthermore, mass serialization can be combined with other brand protection techniques.  For example, if a security code is printed across a tamper-evident label, the removal of the label will also destroy the code, making it impractical to copy or duplicate.

 

BPC: Who else is recommending mass serialization?

 

JB: There are a number of solution providers recommending mass serialization with various degrees of success in their operations.  For example, some maintain a database record of every single code applied to a product, which provides mass serialization. However, it also means that the database size may become very large over time, resulting in significant data management issues.  Also, the secure transmission of security codes to and from the manufacturing plant can often provide the weak point in an otherwise secure operation.

 

However, there are alternatives.  For example, CounterFight maintains that its unique (patent pending) solution is the only system that can automatically generate the codes in real-time (so the codes do not have to be transmitted to the factory). It also does not store the codes and the only place where the codes exist is on the product to which it is applied. This means that there is no central database of codes to steal or compromise, making the authentication database 100,000 times smaller than competitive solutions.

 

There is little doubt that mass serialization is here to stay.  In 2004, the FDA released a report stating that the use of mass serialization to uniquely identify products intended for use in the United States is the single most powerful tool available to secure the supply chain. Mass serialization is the core of plans for ePedigree within the pharmaceutical industry.  And many solutions such as RFID are dependent upon mass serialization, but at significantly greater cost and greater complexity than a simple human-readable security code.  The benefit of a simple human-readable code is that verification can be achieved via Internet, by sms-text message (i.e., it requires no special equipment), or by a manned phone service provided by brand owners.

 

BPC: Why wouldn’t I use a 2D code?

 

JB: Mass serialization security codes can be implemented in many formats, including human- readable form, linear barcode, stacked barcode, reduced density barcode or 2D barcode. However, special equipment is required to print and to verify machine-readable codes such as 2D barcodes (e.g., GS1 DataMatrix), increasing the cost of implementation and the complexity of verification.

 

A manufacturer or brand owner should consider the following: who needs to read the code, and where is it read in the supply chain.  Human-readable formats provide maximum ease of verification without the need for special equipment and allow brand owners to empower anyone in the supply chain to authenticate a product.  However, the code may also need to be in machine- readable form on one or more layers of the packaging.  Linear barcodes are the most cost- effective in terms of printing equipment and reading equipment.  2D barcodes and RFID provide the option of more information in a smaller area on the pack, but results in increased capital expenditure throughout the supply chain.

 

CounterFight recommends human-readable codes as the most cost-effective and scaleable solution, combined with machine-readable codes where appropriate.

 

BPC: Can a mass serialization security code be copied?

 

JB: The answer is that, in practice, any technique can be copied to a level which could fool the untrained eye.  This is true for mass serialization as it is for, say, a hologram; if, as a consumer you find a product with a security hologram on, how do you know it is the right hologram?

 

There are several ways to resolve this issue.

 

First, the mass serialization technique should be cryptographic non-sequential codes that are generated in real-time at the point of manufacture with a device such as the CounterFight CPC.  This means that the only place the codes exist are on the finished packs, so there is no database of numbers to steal or copy from and it will be impractical for a rogue manufacturer to make an additional quantity of unauthorized products.

 

If a cryptographic code is used, a counterfeiter simply ‘makes up’ a code it will fail to authorize because of the cryptography.  Non-sequential codes make it non-economical to copy genuine codes.  The alternative for the would-be counterfeiter would be to try and copy a code over and over again. But this will be immediately obvious to a distributor or customs official, even without verification; and multiple verifications of the same code will be identified automatically if an appropriate solutions provider is used. 

 

CounterFight recommends using human-readable security codes (combined with machine- readable codes where appropriate) so that everyone – from those in the supply chain to the consumer – can be empowered to verify products. Mass consumer verification is the most secure way to identify and stamp out counterfeiting operations.

 

Second, a number of solution providers offer a ‘parent-child’ association between the security codes on different layers of packaging.  The CounterFight solution automatically generates these codes and automatically builds a secure relationship between disparate codes on different layers of packaging (e.g., blister and carton or carton and case).  The would-be counterfeiter would therefore have to disassemble each product (impractical in itself where tamper-evident packaging is used) and then copy the codes on each layer of packaging.  This makes counterfeiting impractical and commercially unviable.

 

BPC: How can you ensure a counterfeiter cannot ‘hack’ the database and steal codes?

 

JB: CounterFight is unique within the global track-and-trace market place in that the only place a code ever exists is in dried ink on the product. CounterFight codes are under no circumstances transmitted or stored in a database. If the codes are never stored, then they are impossible to steal. This unique approach also means that data storage requirements are 100,000 times less than alternative approaches, making the solution quick, practical and scaleable.

 

BPC: Should security codes be overt or covert?

 

JB: This depends on the brand owner and the product, but most security codes can be either.  Unless publicized to the contrary, the code need not appear any different from other lot and traceability information, unless the brand owner decides otherwise. The brand owner may prefer a covert solution where, for example, the code is printed inside the packaging so that it is only visible once the pack is opened, or the code is printed with UV or IR ink. Or, he or she may opt for an overt code on the consumer packaging to enable consumer authentication, but also a related (parent-child) covert code in UV ink on the reverse of the label.

 

Mass serialization provides a very flexible and cost-effective solution that enables the brand owner to implement overt and/or covert techniques as appropriate to the product.

 

* Combating Counterfeit Drugs – FDA – Feb. 2004
print
CounterFight
FDA
bottom_busted


600_information
250_busted
BPCouncil is dynamic virtual community where leading brand protection and IP professionals can access information, resources and best practices.
  About Us Online Policies Contact Us Membership Media Kit Press Releases Editorial Info Reprints Site Map  
Copyright © BPCouncil 2007. All rights reserved.
Created by