Security Printing and Imaging : authentication, forensics

Imaging Challenges, Part Deux

StevenSimske — Sat, 20 Sep 2008 11:30:00 GMT

In a blog post earlier on this busy blogging week (hard to tell I'm spending a lot of time rotting in airports/hotels, no?), I introduced some of the difficulties in image clustering, or aggregation. This post introduces some of the broad approaches used to solve such imaging challenges.

Broadly, there are at least three classes of image analysis technologies used to compare photos (more broadly termed "images" to include scanners, cameras, inspection systems, video, and all other forms of "image capture"):

1. Machine vision/pattern recognition

2. Segmentation-based approach

3. Image modeling

There is some overlap among these three approaches, but they are distinct enough to proceed.

1. Machine vision/pattern recognition: This approach typically uses correlation (a statistical measure of image similarity) to compare two images. Correlation can be used to compare texture, frequency, color, shape and/or other content in the two images compared. The use of frequency-based (looking for how an image varies spatially in one or more directions) comparisons allows images of different scale (size of features) to be readily compared by simply scaling the frequency outputs relative to one another. Best matches provide the scale differences and subsequent alignment of the relatively scaled images. Machine vision systems usually are initialized through "training" the system by capturing one or more images of a calibrating (or "ground truth") feature to which the other image(s) is(are) compared. Clearly, such pattern recognition or "machine vision" based systems are especially amenable to inspection, wherein many images are to be compared to the calibration image. This type of comparison is especially effective for comparing Pictures #1 and #2 in the "Imaging Challenges" post of two days past.

2. Segmentation-based approach. Image "segmentation" is the process by which an image is divided into regions, called segments, which can thereafter be used as individual images for comparison. Therefore, this approach is recursive inasmuch as it affords refined segmentation, or sub-segmentation, as further information needs to be extracted. Images which contain steganographic (hidden) information such as digital watermarks, fiducial marks, and the like, are effectively analyzed by these approaches. Note that this approach is also taken on the "storage" side for many compression approches, such as tiled JPEGs. This segmentation-based approach can be used to cluster Picture #3 in the "Imaging Challenges" post with Pictures #1 and #2.

3. Image modeling. An image model is a description of salient features for the image analysis algorithm to find in the image. This may be conveyed through a template (description of layout), a feature set, or other means. An "image model" assumes that the image processing system is capable of "image understanding", meaning it is capable of accurately deciding whether or not an image contains a match to the model defined. Such a system relies on powerful statistical classifiers to decide on a "yes" or "no" for the match. Clearly, the goal is to have 0% false positives (no regions identified as matching that actually are not matches) and 0% false negatives (no regions that actually are matches but are missed, or unidentified). In reality, though, the system is tuned to provide the best overall accuracy based on the task at hand. If the cost of a false positive is much higher than the cost of a false negative, then the system should be tuned to favor false negatives (miss some matches) but have very high confidence in the matches. This is usually the case for the reading of security-related information [in future blogs, I will discuss classification in greater detail]. Note that, if each GPS location has a "model" for the images that can be captured (such as a 3-D panoramic), there is the possibility that Picture #4 in the "Imaging Challenges" post could be aggregated with Pictures #1-#3 (even though the content in the Picture has no overlap with the other 3). Currently, however, except in expensive systems for high-security locations, these models do not yet exist. But, they will in the future (think about 3-D video games, for example, in which a 3-D panoramic model is created for various "rooms" in the game).

-Steve

Imaging Challenges

StevenSimske — Thu, 18 Sep 2008 11:57:00 GMT

"Imaging" is a broad term meaning the ability to transform, interpret and/or associate an image. Sounds pretty easy, right? But when you consider what is actually involved, it's pretty hard. Most modern digital cameras (and other photo-capture devices) are packed with a host of "automatic" imaging, such as noise removal, contrast/exposure enhancement, etc., up to red-eye removal and photo album aggregation. All of which implies there are (hopefully reliable!) algorithms available to improve the quality of an image (and thus improve its value).

However, the way you will use an image (called its "workflow") impacts what algorithms you will use to clean it up, improve its quality, and otherwise transform it. Normal metrics for "image quality", for example, are not as important in security printing and imaging as are the more arcane concepts of inspectability, authenticability and forensics-capability. Consider, as an exemplar, if I have added information--such as a 2D bar code or a digital watermark [hidden, or "steganographic" information]--to an image, then whatever I do with my imaging should be focused on helping me reliably extract that information rather than improving the aesthetics of the image.

How hard can that be, you ask? Let's look at four photos that each contain one set of identical information; namely, the GPS location that the image was taken from.

Picture 1 is the new Sao Paulo bridge by day, from the 31st floor:

Picture 2 is the same bridge, from the same floor, with a different aspect ratio:

The third is taken from the same GPS location, 30 floors lower, and at dark:

And the last image is taken from the same GPS location, 6 stories up, in the opposite direction:

What information do these pictures have in common aside from the GPS location? Picture 1 and 2 are pretty similar to the human viewer, but to the imaging algorithm have a number of distinctions. Perspective, aspect ratio, contrast and exposure all differ considerably. Most image-clustering technologies, however, can aggregate (find similar) these two. But if the bridge were watermarked, would the photos equally represent those watermarks? Would the same bridge in Picture 3 also aggregate with Pictures 1 and 2? Humans would say yes, but machine algorithms are not so sure. Picture 4, not a chance for the machine (or for any human who did not have the memory of both images), without the GPS information.

This represents (somewhat figuratively) some of the challenge involved in security imaging. In practice, we are not usually required to associate Picture #4 with Pictures 1-3 except through metadata (image header) search. In future blogs, I will discuss how the imaging is actually able to work (and work well!) on Pictures 1-3.

-Steve

Ecosystem Score: Proving It’s Real vs. Proving It’s Fake?

StevenSimske — Sun, 17 Aug 2008 06:43:00 GMT

In the previous blog, I talked about your Deterrent Score, and mentioned you must multiply it by your Ecosystem Score to get your overall effectiveness. As I mentioned in the May 12 blog, it takes PRACTICE to put such an ecosystem together. In today’s blog, let’s talk about how a deterrent might fit into the ecosystem.

Also, for today’s blog, I had a discussion with two of HP’s top experts on anti-counterfeiting. Jim Colby is HP’s Manager for Packaging and Anti-Counterfeiting Technology, and Dave Kellar is a Technical Expert for Package and Product Anti-Counterfeiting. Dave initiated the conversation, sending a link to XStream Systems, Inc.’s XT250 System that provides Authentication Technology with “See –Through” Vision (see http://www.bpcouncil.com/index.php?sid=10&lang=en&act=page&id=716).

The description states that “drugs can be verified while still in their manufacturer's sealed containers – as the system can scan through opaque plastic, cardboard, and even metal packaging to ensure consumer safety”. This is classified as a “forensic” deterrent—meaning a deterrent that can authentic down to the individual item. However, there has to be an ecosystem around this deterrent—starting off with measuring the material property, comparing the property to the correct data for the product, and receiving the real/fake result.

In addition, there are some issues specific to the type of forensic deterrence offered. For one thing, how sensitive is the technology to the active ingredient? Can different concentrations of reagent be readily differentiated? How often are there false positives? How often are there false negatives? Can the “authentic” amount of active ingredient be spoofed with 1%, 10%, 1000% of the normal amount? By including some of it on the packaging?

The ecosystem issues extend well beyond these questions. Who are the intended authenticators? Inspectors? Retailers? Customers? How will these authenticators be educated to understand what to do when the results indicate a failure? And what of cost? How much does the test cost? How much does the education and training cost? How is the data conveyed from the point of testing to the analysis service? How is data integrity maintained? The comment that “Wholesalers acquire conclusive proof of due diligence and of the authenticity of their inventory” could provide a few liability issues if/when there is a mistake (false positive, or especially false negative). In other words, XStream claims to “prove” authenticity, which in my experience is usually more difficult than proving something is non-authentic (or counterfeit).

Take mass serialization data, for instance. A legitimate number suggests but does not prove authenticity, but a non-legitimate number proves something is wrong. Just because the correct active ingredient is present does not prove the product is legitimate. After all, savvy counterfeiters really do want to get away with it as long as possible without having to change to another product.

I ran these concerns past Jim and Dave. Dave’s feedback was: “The main area of interest for me was the process to check the product through the package, eliminating the risk of used packaging or refills. The main problem is still who would check, as I do not see this system as a consumer overt confirmation. As you stated I do not believe the system could check for fake product salted in with the good or the ingredient added to the package material.” Like me, Dave was excited that the device allows you to potentially check the product through the packaging. This is even more powerful than RFID, which allows you to check the mass serialization information through the outer packaging.

Jim backed this up. He noted “I too am enamored with the concept of 'authenticating' actual product through packaging, and this does take the serialization step farther, but with all the same issues with serialization; namely, how to interpret results.” Jim noted that wholesalers would have difficulty arguing for “having conclusive proof of authentic inventory”. Jim also offered the important observation that “the more complex and costly it is to 'authenticate' a product-- the happier a counterfeiter becomes, because they know very few people will have the means to check and so very few products will actually get checked". Indeed, trying to outspend a counterfeiter is never a good idea.

Based on this example of a very good technology being deployed into a rather challenging ecosystem, we see that the Ecosystem Score is really dependent on much more than technology. It depends on simplicity; that is, ease of training and implementation as much as ease of performing the authentication. It depends on an “impedance match” between what you are trying to prove and what you actually can easily prove. In my opinion, this technology will be very useful in screening large lots by (indepthly) analyzing only a sample of the product. It may be less useful at the item level.

-Steve