A solution for the identification and anti-counterfeiting of products
Edit: why IOTA?
I have been asked to explain why we use IOTA for this solution. The answer is simple: IOTA is currently the only distributed ledger that lets us create professional applications with direct control over cost, performance and reliability. The resulting efficiency does not depend on the network usage level, nor is it affected by variable costs deriving from the transactions fees, and at the same time the data is replicated, made immutable in the process, on all the other nodes of the network. A perfect combination of control over a private node and resilience of a public network.
The evaluation of the origin of a product, i.e. the identity of its manufacturer, is an important matter for many industrial and commercial sectors.
Preventing the illicit exploitation of established brands, which would otherwise suffer a loss of market share and profit, is not the only objective of anti-counterfeiting. Even more important is to protect the final purchaser who expects to buy an original product, conform to the quality specifications necessary for its given purpose. The supply chain is another process affected and often exploited for the production and distribution of fake products.
The counterfeit product, intended to be sold on illegitimate business, is typically made with inferior materials and significantly lower quality of assembly compared to the original. However, these features are difficult to determine by the final consumer or by the trader who receives a proposal from a wholesaler.
The solution to the problem has always been based on the addition of distinctive elements on the product that are clearly visible and difficult to replicate. In short, the strategy is to make the replication of that product expensive. However, this approach has lost its effectiveness due to the increased availability and cost reduction of industrial printers and technological devices needed to reproduce labels, holograms, RFID tags, and other elements that would be attached to the final product to make it distinguishable. This is why manufacturers no longer adopt expensive solutions that may shortly become ineffective.
This said, in a totally different field (digital documents production) the counterfeiting issue has been completely solved with solutions based on digital encryption: the digital signature of documents (digital) and e-mail messages (certified mail).
The digital signature of e-mails and documents is costly, but since the volume of “signatureable” objects is very high, a low cost per signature is achieved.
The technology on which the digital signature is based is now virtually inviolable.
The idea behind our solution is simple: offer to every industrial and commercial sector the same level of security provided by the solutions of digital signature or certified mail.
The digital signature system
Digital signatures are based on a series of technical and organizational elements that are not easily replicable in a generic context:
- the signature is produced with an asymmetric encryption algorithm, so without the private key it is not possible to create a valid signature;
- the public key is inserted in a certificate stored on a public server. Anyone can obtain the certificate and therefore the public key to confirm the validation of the signature;
- the private key is produced and stored on a device capable of creating the signature. The private key is therefore never exposed so it is not clonable.
The organizational part of this system is too complex to validate a generic product, especially in the case of popular and low-cost items. However, the general scheme remains valid and has a superior effectiveness compared to simpler solutions because it raises the costs necessary to obtain a credible falsification.
ProductID Security Strategy
The security level of our ProdutctID solution is based on a series of measures that produce the same level of security as the digital signature, but with lower operating costs:
- use of electronic signature algorithms with an asymmetric key;
- use of cryptographic tokens similar to those used for digital signatures;
- decentralized public key repositories.
Key publication system
Unlike the system used for the signature and certified mail, ProductID does not use a centralized storage controlled by an institution or a company: the keys are stored in a registry that is distributed, unalterable, replicated on hundreds of servers and accessible to the public without intermediaries.
This reduces the operating cost of the system since the security of the public key container is intrinsic to the public register (IOTA in this case).
Signature validation system
The process of validating a signature (therefore a token) is carried out by a web front end, therefore it is not necessary to create a specific app.
The web front end is also distributed: the code is stored on the same distributed ledger where the public keys are stored. This prevents any possible attack on the validation server code that would make the entire security architecture ineffective.
The token used for the digital signature creates the signature by receiving data from an application. This element, besides being a cost, is also a potential point of attack. In the ProductID system, in most cases, an app is not required. The token generates a signature using a variable factor (the number of times the token has been read). The signature and the variable factor are stored in the register at each reading. This makes the signature only valid for a given factor and prevents that factor from being used twice.
The writing operation is currently performed by a centralized server managed by Things Lab. This is the only point of centralization of the security system but its decentralization is predicted by the end of 2019 due to functional components of the IOTA system.
Visualization of product data
Once the Smart Card has been validated, the verification web page is able to redirect the browser to the original product page of the brand owner’s website. The site can validate the request in two ways:
- validating on its own the signature passed as a parameter;
- accepting the redirect only if it comes from the ProductID site.
This means that product-specific data cannot be accessed without a valid and validated token.
The use of the Smart Card to validate the property of a good or a product is only a simple case of traceability.
ProductID is designed to manage the validation of a product through the registration of the validation factor produced by the Smart Card (user counter plus the signature with asymmetric key). Since the security container does not limit the amount or the type of data stored, the writing of metadata is also automatically supported as the card is read.
A practical tracking example of the manufacturing steps:
- the product enters a processing facility;
- the smartcard is read and validated.
The validation web front end redirects it to a tracking web page:
- using the card’s number as a parameter, the page identifies in which processing phase the product is;
- the page presents a form that the operator has to fill in;
- when the operator confirms, the tracking page asks the back-end to write the data on the register;
- the back-end validates the request and publishes the data.
When leaving the processing facility, the sequence is repeated with its appropriate form.
If trust is a sensitive factor in the process, in the second and third steps the human operator can be replaced for the input by certified sensors (i.e. genomic sensor to determine the type and origin of a substance) or by independent oracles (even with a distributed consensus, for example using IOTA’s Qubic in the near future) that are able to collect information from external sources.
Comparing with other common solutions
Label with QR code
QR codes can contain a variety of information. To allow the identification of a product, the QR code must contain an URL that makes it possible to activate a web page by passing a unique identification code.
The solution based on QR code is limited by its static nature: if not inserted in a package or protected by a “scratchable” film, the QR code can easily be copied and applied to a fake product.
Moreover, if the product data were publicly verifiable, it would be easy to create false QR codes that would correctly activate the validation server. This solution is therefore only possible with a fully centralized and protected system. This reduces the level of trust in the certification provided and produces hidden costs related to the need to protect and maintain a centralized server.
NFC technology allows the creation of tags that can interact with a radio reading device at close range (Near Field Communication).
NFC technology is very versatile, but not all electronic labels are the same.
The most common NFC tags are simple memories (e.g. tags based on NXP NTAG213/215/216 chips). If used to open a validation webpage, no advantage over the QR code would be offered. They are widely available on the market and can be written with a simple mobile phone. Cloned tags are identifiable only with tools that require specific expertise.
More sophisticated tags are able to do a minimum of processing and produce a signature.
Just like ProductID, the signature given as a parameter to a web server is based on an usage counter, so it changes every time the tag is read.
This approach is much more resistant to counterfeiting as it is not possible to extract from the original tag the key used to make the digital signature, and therefore an invalid tag will never produce a valid signature. However, this approach has an important limit: to contain the cost of producing the tag, a symmetrical signature algorithm is used, which means that the key used to sign is the same that must be used to verify the signature. This implies that the key cannot be published and therefore the verification must be performed by a centralized server that stores it.
The cost to protect the server from attacks is a critical factor. But even with a high level of protection from external attacks, the centralized server is always subject to risks of internal attacks: any violation of this server would result in the loss of security of all valid tags.
Non-digital or hybrid solutions
Some manufacturers have proposed “analog” solutions to produce labels that are easy to read by an optical scanner but not as easy to reproduce thanks to a fairly complex production process.
The same approach is being studied to produce digital tags. The identification code is derived from the physical uniqueness of the chip.
These strategies are certainly advantageous because they are cheap and currently complex to violate, but their effectiveness is limited by the need to use specific apps or readers.
Comparative analysis of traditional signatured-based systems vs. ProductID
In general, you can notice that the ProductID solution is not unlike other well-known and secure digital signature systems, but it is much safer in comparison to a low-cost system based on symmetric cryptography, especially in the long term.
The use of IOTA as public ledger, shared among hundreds of nodes and dozens of permanodes, makes it impossible to tamper with the public key and dramatically decreases the security management costs.
Low-cost hybrid solution
The ProductID system offers the top security amongst the anti-counterfeit systems: however, the Smart Cart cost makes it convenient only to protect high-cost products.
A hybrid system is proposed to protect low-cost products:
- a Smart Card is used to identify a batch of a specific product;
- each batch is distributed as a unit to the dealer/distributor/reseller. The reading of the Smart Card combined with the arrival of the batch to the location where it is separated into individual products creates a geographic point of reference;
- each individual product contains a QR code that was previously associated with the Smart Card.
When the final consumer scans the QR code, they will see the information associated with the batch and the sales location where the batch was intended to arrive.
The same web page is able to inform the client of a possible fraud if the sales point is too distant from the official destination point of the batch
Proof of ownership
The life of the Smart Card is virtually unlimited. This fact, associated with the equally unlimited availability over time of the IOTA distributed ledger on special nodes (permanodes) makes it possible to attribute an additional meaning to the token associated with valuable products.
It is easy to add a reference to the product owner’s identity to transform the token itself into a proof of the ownership of the product.
Decentralization combined with digital signature techniques makes it virtually impossible to breach the system’s security.
The only possibility left to a counterfeiter is to create an entire fake chain of products, tokens that simulate the ProductID Smart Card and a website that simulates the one of the original manufacturer.
This risk is not manageable with the technology of the digital signature token, but there are many tools to protect consumers from fraud carried out via email or fake websites similar to the real ones (phishing). Therefore this risk is also easily manageable.
ProductID is the top solution for security, anti-counterfeiting, tracking and ownership management of valuable products and critical components that need to be identified with certainty. The adoption of Smart Cards in conjunction with the IOTA technology produces the best price/security ratio on the market.