14 minute read
2.2.1 Product authentication and track and trace: unique visual identity
We will now provide some practical examples using the submissions we received to show how the combination of all these elements can limit some of the risks highlighted by the scenarios. The use of the submissions will also allow us to appreciate the different approaches that can be followed to ensure supply chain security as well as some innovative and potentially interesting features that contributors include to better respond to the risks presented by the scenarios. Some of these features could already be implemented in the market while for others, additional research and development may be needed.
2.2.1 Product authentication and track and trace: unique visual identity
Technology submission 1
This submission focuses on the use of a machine-readable unique code and its subsequent coding, decoding and validation system. The solution is based on printing of stamps, seals or labels that are attached to the products and that are tamper evident. The authentication component of this technology is quite innovative, as it merges different elements to authenticate the product, namely a machine-readable 2D barcode (using symmetric and asymmetric cryptography), security holograms and glitter inks with unique patterns. The objective of the solution is to code information in a unique identifier that combines several layers of security measures by combining the physical characteristics of the product with a digital identity that is stored in a code that is fully customizable and adaptable to any product. The code is readable via a mobile app, enabling authorities, stakeholders and customers to read the code at any point. Coded information can be performed via several layers of security, such as private, public and encrypted. The code can be hidden in the aesthetics of the design and has high capacity to store a great amount of information.
One of the most interesting aspects of this option relates to the creation of a unique visual identity of the product to be authenticated and then tracked and traced. The code provided by this solution is composed of a graphic and a physical component. The graphic code is the printed part of the solution (a bidimensional code composed of cells that can be filled with a grid of pixels) and is designed to be validated by using images acquired by most cameras. Additionally, the presence of a hologram increases the security of this code by providing a specific optically variable response to improve visual identity, with design features and a geometric description that are unique for the specific hologram cut. This is the physical part of the code. By having the graphic code and the hologram working together, the test of authenticity of the visual identity can be improved through a cross validation between the graphic code and the hologram. The random-generated geometric coordinates of the hologram can be coded in the graphic code part. After this, they are photographed and registered at the production line, linking the physical product to their digital identity. The unique random position of the hologram is almost impossible to reproduce, and its validation can be made offline.
In a nutshell, the complete authentication solution can be divided into different security layers: 1) the printed-graphic code, 2) holographic Optical Variable Devices (OVD), and 3) the glitter inks; all which have a unique and irreproducible pattern.
Furthermore, glitter-ink patterns unique to each code can also be used for authentication purposes and as unique product identifiers due to their physical unclonable function (PUF). Glitter inks produce a random permanent pattern when printed. It is a printing process defined as “chaotic” and guarantees a unique pattern each time it is produced. The brightness of glitter particles provides an additional mechanism to prevent the reproduction of the authentication method since each particle reflects light in a specific direction. This unique characteristic of a printed pattern with glitter inks is unclonable and irreproducible. Validation of this complex visual identity can be performed by means of an app that identifies all the parts, decodes and validates them. The decodification can also be performed through a mobile app while offline. During the validation process through the app, several elements are analysed, such as: the stamp structure and colour, the graphic code reading, the hologram features and colour shifting, the Unique Identifier (UID) registration, the brand, the producer, and the stamp activation time. The system has capabilities to be used as a track and trace (T&T) framework, either implementing one or being integrated with an external T&T. It is also possible to integrate blockchain technology.
In addition to this, INCM is currently conducting a project which endeavours to validate the integrity of wine already bottled by analysing its composition without the need to open the wine bottles. This idea can be also applied to other already packed food and beverages. This project would be a complement to the existing UniQode technology, developed and patented by INCM, that is able to authenticate the packaging.
Submission received from INCM – Portuguese Mint and Official Printing Office
This submission presents several interesting features, and these elements together are used to increase the security of objects, products or services, helping in their traceability and in the identification of counterfeiting activities and criminal infiltrations in the supply chain. Furthermore, for what concerns the clear identification of the code, this solution offers multiple options, as the use of: 1) a printed-graphic code, 2) a holographic OVD, and 3) glitter inks, are combined to provide different layers of security. The codes can be shaped into different icons, depending on the product. The labels can be fully customized to fit the needs of the producer. They contain a unique sequence of codes and data that provide specific information about the individual product.
Source: INCM
The use of a dedicated app also shows how monitoring can be done in practice, since the app provides information that is taken directly from the traceability system, such as the origin and time/location stamp. The app would recognize if the product was manipulated, generating a red cross when scanning the code. This is useful for tamper-evident purposes, while this kind of monitoring is not intrusive.
Source: INCM
This submission allows us to discuss how authentication and track and trace technology in general can target some of the issues identified in the three risk scenarios related to food fraud. In order to prevent the copy of designs and the repacking operations and the sale of fraudulent food as genuine, the adoption of authentication options like codes, tags, labels or seals offer a set of tools that provide an initial security layer. The tamper-evident solutions and the unique identifiers also aim at minimizing the possibility of having counterfeit products in the market. The overt and covert options allow the stakeholders and the clients to recognize original products, especially to avoid the possibility that consumers are unaware of fraudulent purchases.
The use of traceability systems not only provides an additional layer of security, but it also targets other issues presented in the scenarios, such as the distribution of the falsified goods, the use of clandestine sweatshops and production centres, and the lack of full monitoring and control of the production and distribution chains. The track and trace solutions enable the monitoring of the processes involved in the supply chain, granting visibility to identify illicit activities related to the deviation of the products from the supply chain or unauthorized insertions into it.
Source: INCM
In particular, for what concerns risk scenario 1 (infiltration of the dairy supply chain), the described technology can support a risk reduction in several steps of the criminal business model. In particular, risk is reduced thanks to the use of non-replicable codes that are recognizable both visually and via the use of specific tools. As seen before, these codes create the visual identity of each product and contain various technologies whose combinations create the uniqueness of each product identity and renders its duplication extremely difficult. In many cases the replication of these codes, even if possible, in theory, would involve a great investment from organized criminals, limiting their business case. In addition, the replication would only be visual; the mobile app would not read the non-original code. Furthermore, the visual identity is used to track and trace the product along the distribution chain, in effect securing the existing legitimate supply chain from infiltration of products that are not recognized at one of the various control stages of the distribution.
This can limit risks related to the following steps of the criminal plan:
Copying of local producers’ packaging design by using sweatshops and subsequent infiltration of these products into the legitimate supply chain.
Procurement of low-level milk or dairy products, their packaging with falsified labels imitating the design of legitimate and well-known local producers, and their insertion into the supply chain.
Distribution of the falsified goods via the criminal group’s comprehensive and well- structured network, which includes dozens of wholesalers and supermarkets controlled by their frontmen, to infiltrate the distribution of dairy products and deliver them to unsuspecting retailers.
In risk scenario 1, some steps of the criminal plan are still difficult to limit, in particular step 2) control of the supply chain by using original packaging of the businesses which fell under the control of organized crime and step 1) on the acquisition of criminal control over sectors of the legal economy. The technology proposed partly mitigates the distribution of the falsified goods via the criminal group’s comprehensive network since, in the case in which the whole supply chain is controlled by organized crime, it can provide a check point for stakeholders or consumers only at the ultimate point of sale.
The difficulty for supply chain security technology to limit these risks is valid for the majority of the submissions received.
For what concerns risk scenario 2 (parallel market for catering supplies) the same considerations presented for risk scenario 1 also apply in this case. The combination of authentication via a strong digital identity with track and trace technology, can limit the following steps of the criminal plan:
Building a parallel market for catering food supplies.
Develop a fully-fledged supply chain for vegetables and dairy products.
With reference to step 3 “Develop a fully-fledged supply chain for vegetables and dairy products” and step 5 “Building a parallel market for catering food supplies”, if shops also use technology to perform a final check of products they receive and then sell to the final customer, then infiltration of unauthorized goods at final selling points is made much more difficult. Of course, in this case technology also relies on the honesty of final sellers and does not apply to those cases in which the criminal group controls these shops. In this case, the possibility given to consumers to check the products they buy could assist in making the distribution more secure.
Also, for risk scenario 2, the same steps identified for risk scenario 1 cannot be mitigated by the use of supply chain security technology. Once again, this is common to many submissions.
For what concerns risk scenario 3 (e-commerce: criminal infiltration of online supermarket chains for home delivery of fake food), this submission can partly support securing online markets, especially considering that, also in the food sector, products will have a physical distribution component and they will necessarily pass through a series of distribution elements. Securing these elements could be the key to limit some of the steps of the criminal plan highlighted in this scenario, especially:
Selling fraudulent food as genuine via the control of well-known e-supermarkets and by copying the design, packaging and trademark of well-known producers.
The same considerations presented for the previous risk scenarios apply in this case, in relation to the mitigating effect on this step that can be created by the combination of authentication via a strong digital and physical identity with track and trace technology. Considerations of the role of consumers also apply in this case and are possibly even more relevant, since online purchases may involve a direct relationship and line of shipping from the seller to the purchaser.
Also, in the case of risk scenario 3, other technological resources should be used to mitigate other steps of the criminal plan, which cannot be limited through supply chain security technology.
As seen in the case of risk scenarios 1 and 2, this corresponds with the majority of the submissions received.
Summary table submission 1: possible application to limit risks highlighted by the scenarios
Scenario
Scenario 1: Infiltration of the dairy supply chain Step 1 – Control of the distribution market by owning or controlling legitimate operators.
Step 2 – Control of the supply chain using the technology owned by the controlled legitimate operators.
Step 3 – Copying local producers’ packaging design and subsequent infiltration of these products into the legitimate supply chain.
Step 4 – Procurement of low-level milk or dairy products, their packaging with falsified labels imitating the design of legitimate and well-known local producers, and their insertion into the supply chain.
Step 5 – Distribution of the falsified goods via the criminal group comprehensive and well- structured network, which includes wholesalers and supermarkets controlled by their frontmen.
Applicability of the solution
Risk is reduced thanks to the use of non-replicable codes that are recognizable both visually and via the use of specific tools and, by using track and trace technology to secure the supply chain. The identity of each product is created by using a unique tamper-evident code merging a graphic and a physical component. Furthermore, the graphic and the physical part of the code can also cross-validate for increased security. The flows of products along the supply chain can be checked using an app, giving consumers the possibility of performing an offline check.
The technology solution offers a combination of a graphic code and a hologram as verification of authenticity. The code is easily readable, moreover, a falsified label would not be read by the app if the stakeholders or customers attempt to scan it. The risk of insertion of counterfeit products into the supply chain is reduced with the use of track and trace technology.
If the whole supply chain is controlled by organized crime, then only checks performed at the ultimate point of sale or performed by consumers could spot the illicit product.
Scenario
Scenario 1: Infiltration of the dairy supply chain Step 1 – Control of the distribution market by owning or controlling legitimate operators.
Step 2 – Control of the supply chain using the technology owned by the controlled legitimate operators.
Applicability of the solution
Scenario
Scenario 1: Infiltration of the dairy supply chain Step 1 – Control of the distribution market by owning or controlling legitimate operators.
Step 2 – Control of the supply chain using the technology owned by the controlled legitimate operators.
Step 3 – Copying local producers’ packaging design and subsequent infiltration of these products into the legitimate supply chain.
Step 4 – Procurement of low-level milk or dairy products, their packaging with falsified labels imitating the design of legitimate and well-known local producers, and their insertion into the supply chain.
Step 5 – Distribution of the falsified goods via the criminal group comprehensive and well- structured network, which includes wholesalers and supermarkets controlled by their frontmen.
Step 6 – Distortion of competition.
Applicability of the solution
Risk is reduced thanks to the use of non-replicable codes that are recognizable both visually and via the use of specific tools and, by using track and trace technology to secure the supply chain. The identity of each product is created by using a unique tamper-evident code merging a graphic and a physical component. Furthermore, the graphic and the physical part of the code can also cross-validate for increased security. The flows of products along the supply chain can be checked using an app, giving consumers the possibility of performing an offline check.
The technology solution offers a combination of a graphic code and a hologram as verification of authenticity. The code is easily readable, moreover, a falsified label would not be read by the app if the stakeholders or customers attempt to scan it. The risk of insertion of counterfeit products into the supply chain is reduced with the use of track and trace technology.
If the whole supply chain is controlled by organized crime, then only checks performed at the ultimate point of sale or performed by consumers could spot the illicit product.
If the supply chain is secured, then in that specific market criminals may find it more difficult to implement their criminal plan and distort competition. This can be seen as a by-product of the implementation of the technology.
Scenario 3: E-commerce: criminal infiltration of online supermarket chains for home delivery of fake food Step 1 – Control of legitimate e-operators.
Step 2 – Selling fraudulent food as genuine through the controlled e-supermarkets.
Step 3 – Expansion of e-commerce market through the creation of a Super E-food app. If the whole online supply chain is controlled by organized crime, and since the e-supermarkets sell directly to the final consumer, then only checks performed by the latter could spot the illicit product.
Step 4 – Creation of dedicated social network groups/pages to sell fraudulent products to final customers.
