Countering RFID Counterfeiters

By Andrew Price

Some RFID vendors are taking steps to outsmart counterfeiters.

  • TAGS

Jun 05, 2007By Mary Catherine O'Connor

Radio frequency identification has been hailed not only as a great tracking technology but also as a way to stop counterfeiters from sneaking fake products into the supply chain. Drug companies and manufacturers of high-priced goods are attaching RFID tags at the item level and using the unique Electronic Product Code on each tag to authenticate the product. But some security experts say it's only a matter of time before counterfeiters outsmart the system. Now, some RFID vendors are taking steps to outsmart counterfeiters.

While each EPC is unique, someone could read it from one tag and encode it on another, a practice called cloning. Some HF tags have a built-in feature that can easily thwart attempts at cloning. The International Standards Organization (ISO) requires manufacturers to encode a unique, unalterable number to the memory of each chip used to create HF ISO 15693 RFID inlays. End users, such as pharmaceutical company Pfizer, use this unique chip ID to authenticate products by associating it with the EPC encoded to the tag. Even if a counterfeiter were able to lift the EPC from a tag attached to a vial of Viagra and encode it to another HF tag attached to a counterfeit vial, the tag's chip ID wouldn't match Pfizer's records.


Tags made with Impinj's Monza/ID chip could help pharmaceutical companies authenticate their products.

The EPC Gen 2 standard lacks this built-in protection, because it doesn't require chipmakers to encode a unique identifier to each Gen 2 chip. Impinj encoded its first Gen 2 chip, the Monza, with the same product and manufacturer ID. But last summer Impinj began producing the Monza/ID chip, which uses a unique chip identifier that lets end users take advantage of this second identifier to authenticate their products.

But Mike Sheriff, CEO of Airgate Technologies, says using ISO or EPC tags with factory-programmable identifiers is not a foolproof anticounterfeiting measure. While RFID tags based on published standards allow easy data exchange between partners and encourage competition among vendors to create low-cost, interoperable RFID goods, the tag technology is public knowledge, making it susceptible to reverse engineering by counterfeiters.

Airgate's solution is the GenuDOT product authentication system; it uses tags made with the Hitachi µ-chip, which has a proprietary air-interface protocol with data encryption. Sheriff says the protocols used to encode and read the tags are not published standards, so counterfeiters won't be able to clone the tags and attach them to fake goods. But end users already using EPC or ISO tags for product tracking will need to purchase and attach a second tag, and install a second RFID infrastructure. Sheriff believes the benefits of this system will outweigh the added cost for companies that can lose millions each year if their products are counterfeited.

Other vendors are taking different approaches to product authentication. Hyan Microelectronics, a Chinese maker of RFID antennas and tags, developed an anticounterfeiting smart label that's designed to prevent counterfeiters from removing RFID labels from authentic products and attaching them to fake ones. It uses an HF inlay compliant with either the ISO 14443A or ISO 15693 standard. The end user can encode product or other identifying data to the inlay, which uses an antenna made of Parelec's Parmod silver-based conductive ink. The antenna is printed onto the label's adhesive substrate so that when the label is removed from a product, the antenna breaks and the inlay is no longer readable.


SecureRF's Lightweight Multistream Encryption tag is designed for tracking perishable goods.

Texas Instruments and data security provider Certicom developed a system that protects the data encoded to HF ISO 15693 RFID tags. Manufacturers install a "signing appliance" to their interrogator infrastructure, which receives and encrypts the EPC. The encoded number is used in an advance shipment notice (ASN) sent to supply-chain partners. When they receive the tagged products, they can read the encrypted tag and compare it with the encrypted number in the ASN. Supply-chain partners could purchase the Certicom software needed to decrypt the numbers. But without the software, a counterfeiter would not be able to decrypt the numbers, access the EPCs and encode them to fake products.

SecureRF's Lightweight Multistream Encryption tag is a battery-assisted passive EPC Gen 2 tag designed for tracking perishable goods. It has an integrated temperature sensor and uses a proprietary data encryption scheme. Companies can encrypt non-EPC data to the tag's memory, such as temperature history and any codes they choose to use to authenticate products. Special software is needed to decrypt and read the data.

Who's Who in RFID Product Authentication


Airgate Technologies


www.airgatetech.com

Certicom


www.certicom.com

Hyan Microelectronics


www.hyanlabel.com.cn

Impinj


www.impinj.com

SecureRF


www.securerf.com

Texas Instruments


www.ti.com