Security Printing and Imaging : authentication

Variable Data Printing and Improved Pharma Product Protection and Brand/Customer Interaction

StevenSimske — Wed, 14 Oct 2009 04:18:00 GMT

My previous post was a link to the excellent In-Pharma Technologist blog edited by Nick Taylor. Nick solicited a posting from me back in April, but I could not find it on In-Pharma, so given a 1/2 year grace period, I think its time to post here:

Variable Data Printing and Improved Pharma Product Protection and Brand/Customer Interaction

Pharma brands are concerned with the integrity of their product. All successful pharmaceuticals have one thing in common: they improve the quality of life of the customer. Counterfeit pharmaceuticals, on the other hand, are harmful to both the customer and to the manufacturer; that is, they can simultaneously destroy lives and jobs. Brands pay many times over for counterfeits: loss of original sale, loss of future sales due to erosion of consumer confidence, loss of market capitalization due to perceived non-efficacy of the product, and potential legal recourse as a consequence of the consumer receiving phony goods.

All pharmaceuticals share another important thing in common. Information about the product must accompany the product. From packaging to labels to inserts, this information is conveyed by printing. Therein lies the solution to the problem.

Printing is pre-adapted for its use in security. Useful already in product identification, the variability printing provides is a natural fit for security. Variable Data Printing, or VDP, is the technology enabling the varying of every aspect of a print job. This is advantageous for individually tagging an item—a process called mass serialization. Mass serialization is a means of ensuring that each label, package or document contains a different identifier that can be read (which means interrogated and the data encoded successfully interpreted).

However, VDP can be used for far more than mass serialization in protecting a product. With security VDP, or SVDP, the different printed regions—be they text, image or graphics—contain not just variable data, but usually uniquely variable data. Also, this variable data can be (but isn’t always) read by some type of inspection, authentication or forensic device. That is, every variably printed region contains not just data, but security information. Thus, every region is novel, or unique identified, and so capable of being interrogated for its information.

To prevent counterfeiting, brand owners need to provide a moving target for the would-be counterfeiters, staying one step ahead of them in the deployment of security features. However, this is a tedious game, and often expensive, as brand owners continually research and purchase new deterrents. SVDP offers, however, an innate moving target—the ability to change the very nature of the variability on the fly. With SVDP, a moving target of deterrents is obtained without having to change the technology.

Linking or hybridization is how the set of variable features relate to one other. Examples of deterrent relationships include replication, hashing, sequence fragmentation [sharing the mass serialization data between two or more variable regions], and other techniques for making the multiple variable regions “cooperate” with each other. One particularly powerful method is to use one deterrent—usually one already used for track and trace or point-of-sale—as the registry “look up” sequence from which the signed-in user may then obtain information on one or more other variable regions. The method of hybridization can be changed from one print job to the next, meaning that the would-be counterfeiter must replicate all of the variable features which are monitored to be able to pass the phony product as authentic. Which “extra” features are actually monitored can be varied from day to day, making compliance both simple and thorough.

Monitoring information-containing printed images is getting easier every day. The near-ubiquity of camera-enabled mobile devices, therefore, strengthens the value of SVDP. Already, bar code interpreting software is native or readily downloaded to most internet-enabled mobile devices. Piggybacking image authentication services for other printed patterns is straightforward to implement.

Different variably printed regions can be used for track and trace, authentication, forensics, recall and other contingencies, or just to decoy the would-be counterfeiters. The way in which deterrents relate can be tied to pragmatic product details. For example, if the shelf life of a product is six months, it makes sense to change the relationship between deterrents every six months, so that expired products also exhibit “expired” security strategies. In the meantime, if certain deterrents are being successfully attacked, then adding new variability to the printed material is another way of gathering information on who the counterfeiters might be—insidious insiders, for example, may quickly incorporate these new variable regions, even if they are not tracked by your authenticators, and so tip their hand to you.

Incorporation of SVDP into the printing is straightforward, as there are only three rules: (1) meet compliance standards first, (2) vary several additional regions, and (3) change the relationship between the variable regions (hybridization plan) frequently.

Counterfeiters know all about SVDP, and they’re reading this and other related articles. Recall that there is no security through obscurity—counterfeiters reading this will know what they’re up against, but will not easily be able to spoof SVDP, except one item at a time (which makes the cost of counterfeiting higher). Thus, SVDP offers a means of staying one step ahead of the counterfeiters without running yourself ragged.

Cheers,

Steve

World Economic Forum Selects Four Track and Trace/Anti-Counterfeiting Companies

StevenSimske — Tue, 23 Dec 2008 15:35:00 GMT

Recently, the World Economic Forum has selected 34 companies for special notice as "Technology Pioneers". Please see

http://www.weforum.org/en/Communities/Technology%20Pioneers/index.htm

The selections are based on the following criteria:

"The World Economic Forum has announced 34 visionary companies selected as Technology Pioneers 2009 for their accomplishments as innovators of the highest calibre, and whose technologies will have a deep impact on business and society. The selection of these companies is the result of a vigorous selection process, for which the Forum received more than 320 applications from around the world that were evaluated by 44 global technology experts."

Of these 34 visionary companies, 4 of the 15 in the "IT" category are companies providing products in Track and Trace/Anti-Counterfeiting (TT/ACF). These four pioneers are:

1. Advanced Track & Trace
www.advancedtrackandtrace.com
Jean-Pierre Massicot, Chief Executive Officer
Advanced Track & Trace is a pioneer in digital security solutions applied to Brand Protection.

2. Mojix, Inc.
www.mojix.com
Dr.Ramin Sadr, Founder & Chief Executive Officer - read the interview
Mojix, Inc. was founded in 2004 by a team of former JPL/NASA scientists and engineers with the vision of applying breakthroughs in deep space communications to exponentially refine the precision, reach and scope of RFID technology.

3. MPedigree
www.mPedigree.org
Bright B. Simons, Chief Strategist
mPedigree manages the 1393 service, which has been deployed in Ghana since January of this year, and is the first system anywhere in the world by means of which consumers and patients can instantly verify the source of a purchased pharmaceutical at no cost, at the point of purchase, using standard mobile phones.

4. TraceTracker Innovation ASA
www.tracetracker.com
Ole-Henning Fredriksen, Co-Founder & Chief Executive Officer - read the interview
TraceTracker is the global information exchange for the food industry.

Each of these companies has a different story--bringing advanced digital security printing to the play (ATT), bringing remote sensing advances to RFID (Mojix), making a difference where the introduction to the Internet is largely via phone (MPedigree), or providing food information exchange (TraceTracker). The creativity and utility of these four companies in obvious, and the fact that fully 12% of the World Economic Forum selections are in TT/ACF this year is a clear sign that this is not a fringe, an add-on, a secondary consideration any more. For all the right reasons--product safety, product recall, consumer empowerment, brand protection, supply chain visibility, product freshness, and many more--TT/ACF is the disruptive set of technologies that will be what consumers expect in just a few years.

[Thanks to Justin Picard for the link]

Best wishes for the Holidays!

Steve

ePedigree Delay a Sign of An Eventual Supply Chain U.N.?

StevenSimske — Thu, 20 Nov 2008 05:49:00 GMT

I have been remiss in discussing the delay in the California ePedigree until 2015. This has been interpreted as a long-term delay for track and trace and overall product safety. For a nice overview and analysis of the problem, see http://www.industryweek.com/ReadArticle.aspx?ArticleID=17793.

However, ePedigree initiatives are underway by the WHO, FDA, EU, AQSIQ (China), GS1 and other standards/regulatory organizations. A full serialization+pedigree requirement may be delayed until 2015, but it is unlikely that ePedigree will not already be in place before then. Recent passing of PRO-IP and Country-of-origin labeling (COOL) legislation in the US indicates that the US,too, will continue with initiatives before 2015.

The delay of California ePedigree legislation, moreover, may be indicative of another passing of the torch. Much as the recent Presidential (and Congressional) election results likely signal a more collaborative, less "independent" US foreign policy, the delay in ePedigree may signal a more collaborative, less independent nation-to-nation legislation in the future.

Will the big players--WHO, FDA, EU, AQSIQ, GS1, ISO, and others--work together to create a reasonable roadmap for product track and trace, pedigree and provenance? In effect, create a "United Nations" for track and trace? I, for one, hope so. With the increasingly convoluted supply chains for virtually all products resulting in chaos during recall, fraud and even normal node-node shipping situations (how many retailers can confidently tell you everywhere a product has been on its way to their shelves?), how long can it be before the legitimate market says, "enough is enough"? Plus, a universal process will reduce confusion, lower cost, and improve response time around the planet.

Is the current combination of counterfeiting, diversion, factory overrun, smuggling, return fraud and other supply chain crime the commerce equivalent of the two World Wars? A series of events so drastic that the set of collective players decides to band together into a United Nations to try to prevent such a meltdown in the future? (I realize the United Nations is by no means perfect--but we have been without nuclear combat for 63 years...). Maybe so. And maybe the delay in the California ePedigree shows that the US, rather than defining the path forward, is willing to work with the rest of the Supply Chain United Nations in formulating the optimum set of requirements moving forward.

-Steve

The Unflat Earth Strikes Again--Inspection Unflatness

StevenSimske — Sat, 25 Oct 2008 05:17:00 GMT

For this interesting article on U.S. inspection of pharma manufacturing plants, I thank my friend Pipo Caban, a systems, supply chain, manufacturing and pretty much all-around expert at HP:

http://www.newsobserver.com/1573/story/1263668.html

The article states:

"13 years is...the time it would take U.S. inspectors to visit each of 3,249 foreign manufacturing plants that make medications for the American market, according to congressional investigators...The Food and Drug Administration is nowhere near to closing an oversight gap so foreign facilities get the same scrutiny as domestic plants. Pharmaceutical factories in the U.S. get a federal inspection every 2.7 years, on average. Although the FDA will soon be placing inspectors in China and India, 'given the growth in foreign drug manufacturing for the U.S. market, and the large gaps in FDA's foreign drug inspection program, significant challenges remain,' the Government Accountability Office said in its report."

In other words, the Unflat Earth, and not the Flat Earth, strikes again. Motivation to move your manufacturing overseas? How about you get inspected 1/5 as often?

I have posted about the Unflat earth in previous blogs; specifically, the July 5th and 6th blogs this year. I'll revisit these now in light of this information.

On July 5th, I noted:

"Evasion of the local laws. Sure, every large company claims they're simply 'staying competitive' with their competition as they try to squeeze the last penny out of their costs. The truth is, most of this cost is due to finding out how the Unflat Earth (the real one, which still has countries, with different laws and rules and requirements in them) works and using it to advantage. Can you find a country with no health care costs? Great, put your assembly line there. Can you find a country with relaxed environmental laws? Excellent place for any pollutant-producing manufacturing operations. Companies aren't necessarily choosing where to place their employees based on a Flat Earth--that's just spray-on gloss to hide the Unflatness they're actually exploiting."

Add inspection to this list.

On July 6th, I added:

"The earth is not flat...yet. If you want to have engaged partners around the world, you have to work to even the playing field. Eventually, healthcare, environmental, auditing, compliance and other factors involved in selecting a spot to design, manufacture and assemble products will be more uniform. The world will be, truly, more flat. However, until that date, respectful citizens of the planet will work to improve the working conditions and environmental impact of doing business everywhere. Even if only out of self-interest, this strategy makes sense."

I also noted that increased costs of fuel might make offshoring certain types of production, manufacturing and assembly less profitable. Of course, that also makes inspection more costly, so those two will continue to trade off (if I still save more money by being inspected far less, paying less employee benefits, and not having to perform as many environmental-safety tasks, I can absorb those increased fuel costs).

But, the article goes on, into even more disturbing areas:

"The report found that the FDA isn't even sure how many foreign facilities are producing for the American market. One government database suggests it's 6,760. Another, which government officials believe to be more accurate, says about 3,000."

and...

"When FDA inspectors find problems at an overseas plant, the manufacturers usually take steps to fix them. But the report found that it can take as long as four or five years for the FDA to conduct a follow-up inspection."

I'm feeling some serious unflatness here. No wonder so many industries have been coasting down the hill of offshoring. It brings an entirely new track and trace problem to the fore. Forget about track and trace of the individual items in your supply chain (mass serialization). Forget about track and trace of all the locations your supply chain goes through (ePedigree). When you aren't even sure within a factor of two how many foreign facilities are producing for your market, you need to start at the most elemental level--find out who your partners are and get engaged with them. A very good way to ensure quality is for there to be a vested interest by all parties in the supply chain.

As Pipo notes, "[There are] so many regulations and restrictions for the locals but we are letting others control our health." In other words, the unflat regulations drive production overseas, where concern over our health is almost certainly--if not inevitably--less than it would be for locals, whose families might be customers.

Again, I am not against offshoring. Differences in distribution of raw materials, talented humans, and needs argue for responsible offshoring in most industries. But this works best if those distant workers are engaged, empowered, and "bought in" to the company performing the offshoring. It's not just about long-term economic viability of the partnership--it's about security and health.

-Steve

Can't be counterfeited? Watch me...

StevenSimske — Wed, 22 Oct 2008 04:49:00 GMT

Michael McDonald, a branding expert at HP, pointed out this WSJ article on the "watch that can't be counterfeited":

http://online.wsj.com/article/SB122411896958338969.html?mod=dist_smartbrief

Let's spot a couple of questionable aspects about their approach:

1. The watch "uses layers of invisible UV marking, laser perforations of some watch parts, special high-security inks, and other measures used to secure passports and currencies like the euro and Swiss franc." This is a focus on covert and forensic marks, none of which mean anything to the would-be snob who wants her friends to think it's genuine.

2. "The company, which produces about 18,000 watches annually, expects to make 800 Quai de l'Iles a year." Will the demand be higher than the supply? Absolutely. And, how many of those "demanding" the watch would rather pay $400 for a good fake than $29,000-$60,000 for the real thing? As Bono might muse, a $400 watch without the laser perforations is "even better than the real thing".

Don't get me wrong, I like that they're using microtext ("Tiny texts on the dials of some models -- illegible without the aid of a magnifying glass") and invisible inks (although it's not clear that they are using variable text and perforations, I'm assuming they've done that considering the expertise of their consultants). It may be, however, that they've failed to fully consider the ecosystem for authentication. Have you ever had a friend (insufferable or otherwise) show you an elegant watch and then wait for you to pull out your UV light and loupe?

There is, of course, part of the ecosystem for authentication they've addressed successfully. That of bad retailers trying to pawn fake Quai de I'lles as real. Those coverts and forensics may help there. Just so long as they don't issue a "come-and-get-me challenge" to would-be counterfeiters, that is.

Whoops, too late.

-->This appears to have given would-be counterfeiters an opportunity to get cracking on Vacheron's come-and-get-me challenge. Mr. Pfund, who is currently designing the 2010 series of the Quai de l'Ile, says, "They already have fakes of this watch. I saw one yesterday on the Internet. Of course, the movement is wrong -- a lot of things are wrong."

-Steve

Imaging Challenges, Part Deux

StevenSimske — Sat, 20 Sep 2008 11:30:00 GMT

In a blog post earlier on this busy blogging week (hard to tell I'm spending a lot of time rotting in airports/hotels, no?), I introduced some of the difficulties in image clustering, or aggregation. This post introduces some of the broad approaches used to solve such imaging challenges.

Broadly, there are at least three classes of image analysis technologies used to compare photos (more broadly termed "images" to include scanners, cameras, inspection systems, video, and all other forms of "image capture"):

1. Machine vision/pattern recognition

2. Segmentation-based approach

3. Image modeling

There is some overlap among these three approaches, but they are distinct enough to proceed.

1. Machine vision/pattern recognition: This approach typically uses correlation (a statistical measure of image similarity) to compare two images. Correlation can be used to compare texture, frequency, color, shape and/or other content in the two images compared. The use of frequency-based (looking for how an image varies spatially in one or more directions) comparisons allows images of different scale (size of features) to be readily compared by simply scaling the frequency outputs relative to one another. Best matches provide the scale differences and subsequent alignment of the relatively scaled images. Machine vision systems usually are initialized through "training" the system by capturing one or more images of a calibrating (or "ground truth") feature to which the other image(s) is(are) compared. Clearly, such pattern recognition or "machine vision" based systems are especially amenable to inspection, wherein many images are to be compared to the calibration image. This type of comparison is especially effective for comparing Pictures #1 and #2 in the "Imaging Challenges" post of two days past.

2. Segmentation-based approach. Image "segmentation" is the process by which an image is divided into regions, called segments, which can thereafter be used as individual images for comparison. Therefore, this approach is recursive inasmuch as it affords refined segmentation, or sub-segmentation, as further information needs to be extracted. Images which contain steganographic (hidden) information such as digital watermarks, fiducial marks, and the like, are effectively analyzed by these approaches. Note that this approach is also taken on the "storage" side for many compression approches, such as tiled JPEGs. This segmentation-based approach can be used to cluster Picture #3 in the "Imaging Challenges" post with Pictures #1 and #2.

3. Image modeling. An image model is a description of salient features for the image analysis algorithm to find in the image. This may be conveyed through a template (description of layout), a feature set, or other means. An "image model" assumes that the image processing system is capable of "image understanding", meaning it is capable of accurately deciding whether or not an image contains a match to the model defined. Such a system relies on powerful statistical classifiers to decide on a "yes" or "no" for the match. Clearly, the goal is to have 0% false positives (no regions identified as matching that actually are not matches) and 0% false negatives (no regions that actually are matches but are missed, or unidentified). In reality, though, the system is tuned to provide the best overall accuracy based on the task at hand. If the cost of a false positive is much higher than the cost of a false negative, then the system should be tuned to favor false negatives (miss some matches) but have very high confidence in the matches. This is usually the case for the reading of security-related information [in future blogs, I will discuss classification in greater detail]. Note that, if each GPS location has a "model" for the images that can be captured (such as a 3-D panoramic), there is the possibility that Picture #4 in the "Imaging Challenges" post could be aggregated with Pictures #1-#3 (even though the content in the Picture has no overlap with the other 3). Currently, however, except in expensive systems for high-security locations, these models do not yet exist. But, they will in the future (think about 3-D video games, for example, in which a 3-D panoramic model is created for various "rooms" in the game).

-Steve

Imaging Challenges

StevenSimske — Thu, 18 Sep 2008 11:57:00 GMT

"Imaging" is a broad term meaning the ability to transform, interpret and/or associate an image. Sounds pretty easy, right? But when you consider what is actually involved, it's pretty hard. Most modern digital cameras (and other photo-capture devices) are packed with a host of "automatic" imaging, such as noise removal, contrast/exposure enhancement, etc., up to red-eye removal and photo album aggregation. All of which implies there are (hopefully reliable!) algorithms available to improve the quality of an image (and thus improve its value).

However, the way you will use an image (called its "workflow") impacts what algorithms you will use to clean it up, improve its quality, and otherwise transform it. Normal metrics for "image quality", for example, are not as important in security printing and imaging as are the more arcane concepts of inspectability, authenticability and forensics-capability. Consider, as an exemplar, if I have added information--such as a 2D bar code or a digital watermark [hidden, or "steganographic" information]--to an image, then whatever I do with my imaging should be focused on helping me reliably extract that information rather than improving the aesthetics of the image.

How hard can that be, you ask? Let's look at four photos that each contain one set of identical information; namely, the GPS location that the image was taken from.

Picture 1 is the new Sao Paulo bridge by day, from the 31st floor:

Picture 2 is the same bridge, from the same floor, with a different aspect ratio:

The third is taken from the same GPS location, 30 floors lower, and at dark:

And the last image is taken from the same GPS location, 6 stories up, in the opposite direction:

What information do these pictures have in common aside from the GPS location? Picture 1 and 2 are pretty similar to the human viewer, but to the imaging algorithm have a number of distinctions. Perspective, aspect ratio, contrast and exposure all differ considerably. Most image-clustering technologies, however, can aggregate (find similar) these two. But if the bridge were watermarked, would the photos equally represent those watermarks? Would the same bridge in Picture 3 also aggregate with Pictures 1 and 2? Humans would say yes, but machine algorithms are not so sure. Picture 4, not a chance for the machine (or for any human who did not have the memory of both images), without the GPS information.

This represents (somewhat figuratively) some of the challenge involved in security imaging. In practice, we are not usually required to associate Picture #4 with Pictures 1-3 except through metadata (image header) search. In future blogs, I will discuss how the imaging is actually able to work (and work well!) on Pictures 1-3.

-Steve

Are You Making It Too Easy for Counterfeiters? Then, Let Me SLAP You!

StevenSimske — Wed, 27 Aug 2008 15:22:00 GMT

Acronyms and anagrams are excellent means to simplify a message and to provide easy recall of this message (thus, the word “mnemonic” [Greek origin]—assisting or intended to assist the memory). For example, in 3^rd Grade, I figured out that my last name was an anagram for “KISS ME”. And I conveyed this knowledge to all of my female classmates. Which, not coincidentally, leads us to discussing the mnemonic SLAP.

SLAP, in the case of producing an effective ecosystem for brand protection and anti-counterfeiting, is an acronym for Scalable, Logical, Analytical, and Progressive.

Scalable means that the solution you propose can be used on multiple production runs, multiple products (SKUs), and for a reasonable amount of time. Don’t try to “divide and conquer”—that is, don’t use a completely different approach on different products. It will confuse your customers, your retailers, and your inspectors. Not only will it make it more difficult for you to get good authentication feedback, but you actually may increase the perception that your products are being counterfeited. Product “A” has deterrents 1, 2 and 3 on it, but Product “B” has deterrents 4, 5 and 6 on it—hmmm, one of these is probably fake. Or, worse yet, the would-be authenticator simply tunes out—too complicated, not worth it, too hard to figure out how to authenticate the product. Keep the message simple, and use an innate moving target for deterrence rather than actually changing the target. Security Variable Data Printing (SVDP) is such an innate moving target. One can change the information embedded in the security print, but never change the way a user interacts with it. And, because SVDP affords so many different means of embedding trackable and authenticable data, it is innately scalable, as well.

Logical means, well, think! Don’t make it easy on the counterfeiters. Here are some illogical approaches: (1) Spend a lot on your deterrent (counterfeiters love these “high margin” deterrents, because they’ll always knock them off more cheaply, and it decreases your margins while increasing theirs); (2) Use a deterrent/approach for only a short while and then stop using it (now your would-be authenticators don’t know what to expect—was it the old deterrent or the new deterrent, and which is legitimate). Much more logical: any time you roll out a new deterrent, which is unavoidable for some products—educate your authenticators; (3) Confuse different utilities in a familiar approach. Using variable data inside a hologram is one such example—most users think holograms are “variable” already, and aren’t likely to even notice the fact that one hologram is different from another; (4) Confuse machine vs. human readability. If you use a deterrent intended for machine reading, then embed data in a way that machines can read better than humans. And vice versa. Humans, for example, are very good at noticing alignment differences and relative color differences. Mach bands and other optical illusions are entirely invisible to machines. Machines are much better at noticing absolute color differences and of course steganographics such as watermarks. Meaning metamerisms are mainly meant for machines (alliterative, no?).

Analytical means your approach to the ecosystem should be geared at generating quantitative data. What is the compliance rate (i.e. what percentage of would-be authenticators actually try to authenticate)? What is the counterfeit rate? Read failure rate? If you can’t disambiguate these latter two—counterfeit vs. read rate, that is—you do not have an analytical solution. SVDP again underpins such an analysis: a counterfeit sample will generally have a different combination of print quality, print forensics and payload (data to be read) than a legitimate but unreadable—e.g. damaged, read with poor lighting, etc.—sample. Because of the multiple modalities—color, saturation, intensity, steganographics, halftoning, etc.—involved in printing, SVDP provides many on-ramps for analytics.

Progressive, finally, means that your approach allows progressively more complicated analysis to proceed smoothly. From an imaging standpoint, this means we move from image quality assessment (image “grading”) to image inspection to image authentication to, finally, image forensics. At each stage, a more in-depth analysis—and thus more difficult to reproduce—of the printed material is obtained. Making the first stage, image grading, relatively fast and painless, is an excellent way to generate “leads” from your customers. HP and many other brands address this by using “high-end” overt deterrents on their packaging. Customers are familiar with the motif—color-shift, thermochromic, etc.—and so notice when these have been unsuccessfully knocked off. Inspection ties layout and partial authentication to quality. Authentication ties the print job to the database of legitimate products. Forensics ties the data to the very material printed on, as discussed in my previous blog.

We can now add “SLAP” to the list of SVDP-related mnemonics, which also includes ACID (May 19)—All Content Is Dynamic—and PRACTICE (May 12)—Plan, Research, Activate, Collect, Train, Investigate, Convict, Evolve. Hopefully, this helps you recall a logical approach to brand protection. If not, well then, TTFN!

-Steve

Ecosystem Score: Proving It’s Real vs. Proving It’s Fake?

StevenSimske — Sun, 17 Aug 2008 06:43:00 GMT

In the previous blog, I talked about your Deterrent Score, and mentioned you must multiply it by your Ecosystem Score to get your overall effectiveness. As I mentioned in the May 12 blog, it takes PRACTICE to put such an ecosystem together. In today’s blog, let’s talk about how a deterrent might fit into the ecosystem.

Also, for today’s blog, I had a discussion with two of HP’s top experts on anti-counterfeiting. Jim Colby is HP’s Manager for Packaging and Anti-Counterfeiting Technology, and Dave Kellar is a Technical Expert for Package and Product Anti-Counterfeiting. Dave initiated the conversation, sending a link to XStream Systems, Inc.’s XT250 System that provides Authentication Technology with “See –Through” Vision (see http://www.bpcouncil.com/index.php?sid=10&lang=en&act=page&id=716).

The description states that “drugs can be verified while still in their manufacturer's sealed containers – as the system can scan through opaque plastic, cardboard, and even metal packaging to ensure consumer safety”. This is classified as a “forensic” deterrent—meaning a deterrent that can authentic down to the individual item. However, there has to be an ecosystem around this deterrent—starting off with measuring the material property, comparing the property to the correct data for the product, and receiving the real/fake result.

In addition, there are some issues specific to the type of forensic deterrence offered. For one thing, how sensitive is the technology to the active ingredient? Can different concentrations of reagent be readily differentiated? How often are there false positives? How often are there false negatives? Can the “authentic” amount of active ingredient be spoofed with 1%, 10%, 1000% of the normal amount? By including some of it on the packaging?

The ecosystem issues extend well beyond these questions. Who are the intended authenticators? Inspectors? Retailers? Customers? How will these authenticators be educated to understand what to do when the results indicate a failure? And what of cost? How much does the test cost? How much does the education and training cost? How is the data conveyed from the point of testing to the analysis service? How is data integrity maintained? The comment that “Wholesalers acquire conclusive proof of due diligence and of the authenticity of their inventory” could provide a few liability issues if/when there is a mistake (false positive, or especially false negative). In other words, XStream claims to “prove” authenticity, which in my experience is usually more difficult than proving something is non-authentic (or counterfeit).

Take mass serialization data, for instance. A legitimate number suggests but does not prove authenticity, but a non-legitimate number proves something is wrong. Just because the correct active ingredient is present does not prove the product is legitimate. After all, savvy counterfeiters really do want to get away with it as long as possible without having to change to another product.

I ran these concerns past Jim and Dave. Dave’s feedback was: “The main area of interest for me was the process to check the product through the package, eliminating the risk of used packaging or refills. The main problem is still who would check, as I do not see this system as a consumer overt confirmation. As you stated I do not believe the system could check for fake product salted in with the good or the ingredient added to the package material.” Like me, Dave was excited that the device allows you to potentially check the product through the packaging. This is even more powerful than RFID, which allows you to check the mass serialization information through the outer packaging.

Jim backed this up. He noted “I too am enamored with the concept of 'authenticating' actual product through packaging, and this does take the serialization step farther, but with all the same issues with serialization; namely, how to interpret results.” Jim noted that wholesalers would have difficulty arguing for “having conclusive proof of authentic inventory”. Jim also offered the important observation that “the more complex and costly it is to 'authenticate' a product-- the happier a counterfeiter becomes, because they know very few people will have the means to check and so very few products will actually get checked". Indeed, trying to outspend a counterfeiter is never a good idea.

Based on this example of a very good technology being deployed into a rather challenging ecosystem, we see that the Ecosystem Score is really dependent on much more than technology. It depends on simplicity; that is, ease of training and implementation as much as ease of performing the authentication. It depends on an “impedance match” between what you are trying to prove and what you actually can easily prove. In my opinion, this technology will be very useful in screening large lots by (indepthly) analyzing only a sample of the product. It may be less useful at the item level.

-Steve

Sustainability and Security Printing & Imaging

StevenSimske — Thu, 17 Jul 2008 16:16:00 GMT

Why is a blog on Security Printing & Imaging important? A short list includes the ease, flexibility and ubiquity of product authentication that security printing and imaging enables; the novel and interdisciplinarian research underpinned; empowerment of the consumer through increased access to many layers of product information; and sustainability. I'll review the first three, but for today's blog I will focus on the (most likely) surprise entry on that list: sustainability.

1. Ease, flexibility and ubiquity of product authentication

Branded products use printing to convey the brand, SKU, product information and other data of salience to the consumer. Often, the printing is performed on the package or label. In other cases, the printing is performed on marketing collateral associated with the product. In the case of single event items, the printing literally is the product--i.e. lottery, sports tickets, concert/event tickets, entrance passes, etc.--no printing, no value. Regardless, the printing is highly tied to the product, and so authenticating the printing, if done within the right ecosystem surrounding the creation and lifecycling of the printing, is tantamount to authenticating the product. This has been discussed in past blogs under security variable data printing (e.g. see "Universal Acid", 19 May 2008), or SVDP.

2. The novel and interdisciplinarian research underpinned

You've likely heard both sides of the argument for the Space Race, which culminated in NASA landing half a dozen times on the moon and declaring victory over the USSR (although the USSR won every other event in the Space Race, so perhaps it is told and internalized differently in Russia). Proponents credit the Space Race for the computer, for color television, Nixon's visit to China, Detente, and more. The political advantages seem more likely, since for technology the consensus viewpoint appears to be that "the United States long ago learned that the spin-off argument is a weak one; although developing spacecraft does produce some useful technologies, it is generally inefficient. If you want a faster computer chip, then develop one; there is no need to go to the Moon to do so" (http://www.thespacereview.com/article/137/1). Others would say, more pointedly, "$30 Billion and all we got from that was Tang"? (Don't get me wrong, I like Tang, but I doubt it took $30 Billion to develop).

However, in the case of security printing and imaging, it is much more credible to argue that attacking counterfeiting will benefit many other important areas of research, including but not limited to: (1) novel cryptographic systems, (2) inspection, (3) quality monitoring and assurance, (4) imaging in general [from surveillance to improved authentication techniques to multimedia/multimodal imaging technologies], and (5) technology hybridization (e.g. merging printing with RFID). In addition, many novel security-printing-as-printing approaches are certain to benefit next-generation printing in arenas from sensors to printed electronics to printed batteries. More on these and other printing research areas will be described in future blogs, but suffice it to say that security printing and imaging cuts across many important technological disciplines and, in so doing, opens the door to novel advanced research.

3. Empowerment of the consumer through increased access to many layers of product information

Do you want your customer to spend more time with your product? If not, you should. Because advertising is still the most effective means to draw customers to your product. Ask Google. Their market cap to revenue ratio is roughly twice that of Microsoft, and eight times that of HP. They empower customers through simultaneously providing information and advertisement.

A simple packaging example is the in-store battery tester. Built onto the battery, this is a risky sensor--what if the battery isn't juiced anymore? But it gets the customer to spend a few extra seconds with the product--in essence, it's advertising. Every second counts--customers are much more likely to purchase a product they have interrogated.

Mobile bar code providers are seeing the on-product barcode reader as another means to garner customer/product interaction. Stick around, there will be plenty more on this in future blogs, too.

4. Sustainability

For most people, "sustainability" rightly evokes environmental concerns, usually featuring food production, oil production and global warming issues. Food production (and its high use of fossil fuels) is rightly the first focus, e.g. as noted on http://www.commondreams.org/archive/2008/07/17/10414/, "This year’s dead zone in the Gulf of Mexico is likely to be the largest on record and growing U.S. corn production is a primary cause of the worsening conditions, federal and state scientists said Tuesday"

But sustainability is also about not adding new environmental, fuel and/or complexity costs to a product. Let's face it, as described in (1.) above, you're going to print anyway. And, the printing stays with the package. You've added "nothing" to the environmental cost when you achieve security through printing that would have occurred anyway. As such, printing sustainability is assured through the extant approaches to recycling, repurposing, next-generation biofriendly inks, or from separating the label from the package.

Reuse is the best approach, but biodegradable recycling is a not-too-distant second. Take for example the introduction of biocompostable utensils--e.g. http://www.ecowise.com/index.php?cPath=22_187_195. This has changed the game for "to go" cups. So, will their be a biocompostable RFID? It is likely that RFID will always have a place in the supply chain, especially where line of sight is impractical or where track and trace is sufficient (authentication can occur elsewhere). If RFID can be printed with a biodegradable variable data print process, it will completely change the game for supply chain visibility and the marrying of track and trace with authentication.

Finally, sustainability can be achieved through the rationalizing of product recalls. That is to say, sustainability is also about not wasting. Ask yourself: Do product recalls help the planet? Only to the extent that they pull dangerous material off the shelf. But pulling everything off the shelf because some items are suspect is a huge waste. Recalls of counterfeited products right now are hampered by the lack of an effective means to determine what should be pulled from the shelves and destroyed, and what should be left there. Security variable data printing (SVDP) can provide "extra" variable regions that are used only when recall is required. These are not tracked, authenticated or advertised under normal circumstances, but are read and acted upon when there is a product recall. The surfeit of security marks that SVDP provides affords such an approach in a way no other security deterrent currently can. Remember that the same security features can be used for track and trace, authentication and forensics simultaneously. The nature and breadth of the SVDP features depends on how costly the product is, how skilled the inspectors/retailers used to manage the recall are, and how costly it is to with full confidence evaluate a potentially counterfeited product. Among other factors. But, the point is, it can be done (and is done).

Would you throw out an entire carpet because you dropped a staple? No, you'd try to vacuum it up. So, why throw out good product in order to make sure you've pulled all the counterfeits off the shelf? SVDP is the "recall vacuum". I highly recommend it as one of your brand protection expedients. It's a defensible--and sustainable--plan forward.

-Steve