Protection of valuable goods, products and brands has always been a key requirement of modern markets. The rapidly developing field of nanotechnologies, the recent advances in relatively cheap multimedia devices providing high resolution scanning, printing and high volume storage as well as the use of digital technologies, networks and computers recently revealed unprecedented security threats, counterfeiting and unauthorized distribution leading to an strong need for efficient solutions for products and goods authentication. Authentication is defined as the process of verification of added specific overt, covert or forensic features added to the product, package, label or of the identification of a component within a product or package that may verify the product or packaging as genuine. The solution to the problem of product protection against counterfeiting is highly dependent on the clear definition of risk factors incurred by the company or brand as well as by the end-users. Among the major risk factors, the most important are threats related to the counterfeiting of products, refillment of original packaging, goods tampering, illegal trading, production of look-like products, illegal franchising or any mixture of the above ones.
The above threats have very important impact on both consumers and legitimate manufacturers regarding mostly: (a) health, safety, financial or legal damages as well as abuse of consumers rights because of non-genuine products in any form of consumption, (b) reputation of manufacturer and loss of confidence of consumers with respect to the corresponding product or even brand in general, that result in the loss of sales and damage to business, (c) direct loss of sales and even of a part of market due to the presence on the market of competitive non-genuine products.
The problem of product authentication is mainly complicated due to existing schemes of international economy and distributed manufacturing and is determined in part by the chain of manufacturer-distributor-reseller-consumer. The main factors that complicate the efficient solution of product protection are:
(a) international or multiregional character of the above chain, i.e., the products produced in one county or region can be consumed in another one;
(b) sophisticated and non-uniform rules and laws of different countries;
(c) no possibility of efficient centralized control of the chain manufacturer-distributor-reseller-consumer. Essentially it concerns the difficulty of regular and mass inspection of goods in selling points by the inspections bodies trusted by the manufacturer due to the above mentioned reasons of non-uniform laws, logistics of product distribution, storage and sell as well as economic attractiveness;
(d) the protection schemes and authentication devices are often based on proprietary (in the sense of non-cryptographic) principles that results in the difficulty of their broad distribution, in quite high price and finally in limited availability to every selling point where the consumer ought to be able to verify the product;
(e) the absence of direct control of the product manufacturer over all international resellers. Once the reseller obtains a license from the manufacturer or distributor to sell N items of some product or brand, he/she can try to sell at the same time K non-genuine items of the above product or brand under the cover of the obtained license. In many cases, the end-consumer is unable to distinguish the counterfeited product or replica from the genuine, since the quality of replicas and level of counterfeiting was considerably increased during last years. Moreover, in most recent cases, the equipment of replica producers is either at the same level or even of the same origin as the original manufacturer's. In some cases, the components of goods and products of replica manufacturers have the same origin as those of original one and even sophisticated expert analysis meets difficulties in distinguishing between original and its replica. We will refer to such replica manufacturers as gray ones;
(f) even if the authentication devices are available at the selling points or pay desks, it is very likely that they will be damaged or their normal functioning will be sabotaged or the even fact of such an authentication might be hidden from the consumer by reselling personel due to the above reasons;
(g) on the technical side of the authentication scheme and device design it should also be unfortunately acknowledged that no a single security feature can be considered completely resistant to all criminal attacks. Given enough time, money and efforts, almost any feature could be reproduced. This again recalls the need to use practically approved cryptographic principles potentially combined with multiple features and multifunctional security devices;
(h) the authentication devices designed to detect the security features are often quite expensive for the end-consumers, the procedure of authentication is quite complex and timely, the proprietary nature of security features restricts at the same time the broad distribution of such devices, finally the stand-alone functional aim of the authentication device, i.e., the fact that it can only be used for the authentication of a given product, is not very attractive for the majority of consumers who do not often buy a given product thus do not need to keep such a device nearby;
(i) finally, authentication devices are not sufficient by themselves without appropriate protocols and broad public popularization of such a possibility or even additional consumer motivation to perform the authentication check.
Thus, there is a great need in efficient protocols, methods and tools to prevent counterfeiting and to motivate consumers to only use genuine products. This problem is still open and very challenging due to the above reasons. At the same time, the protection should be cheap and well suited to the manufacturing process in both mass-market and luxury segments. Simultaneously, it should be available to every consumer disregarding the country or region, time and place and should not require any special devices based on proprietary technology. Contrarily, it is highly desirable to design such a technology that can be based on public devices that are also at the disposal of most potential consumers and are independent of sellers or distributors. All these conflicting requirements should be simultaneously satisfied. It is not always the case and a compromise solution should be proposed.
Therefore, we consider an alternative cryptographic-based approach modifying the basic principles of common authentication protocols. Further, on-line product authentication based on technical capabilities of portable devices available to the majority can represent a reasonable trade-off for many practical scenarios described above. Finally, to cope with the cryptographic-based principles it is beneficial not to rely on security features that are based on physical properties of materials that are either known to a small number of professionals or are difficult to replicate. In any case, the above-described factors (i.e., mostly every feature can be counterfeited with sufficient time and money, these devices/security features are expensive in both manufacturing and verification and not available to everyone, the public presence of verification devices is not desirable or justifiable for various above reasons) restrict their broad practical usage.
Therefore, it is highly desirable to construct such a protocol, where using on the products or packaging simple features that might even be insecure in nature and the devices available to everyone, potentially even without any special security equipment or software inside, to enable real time, cheap and reliable authentication of products and brands in any place and time with the elements of consumer stimulation of performing this action by proposing the various bonuses, prizes, stimulating cost reductions for the bought products or the services used in the authentication protocol.
To be fully compliant with the above requirements of the availability of authentication services to every consumer at any time, it is beneficial to consider the protocol based on portable devices. US Patent No 2003/0136837, filled Jun. 22, 2001 and published Jul. 24, 2003 [1] discloses a method and a system for the local and remote authentication of an item, in particular a security document, with the help of an authenticating device, comprised in, connected to, or linked to mobile communication equipment. The described item carries a marking exhibiting a characteristic physical behavior in response to interrogating energy, such as electromagnetic radiation and/or electric or magnetic fields. The idea behind usage of markers with the characteristic physical behavior that can be coded or not and are difficult to obtain or to produce is to confer the item resistance against counterfeiting. The authentication device should be equipped by a corresponding sensor that can perform the verification either locally, i.e., directly on the portable device, or remotely using on-line access to the remote server. In the case of local verification, the corresponding software and/or database should be either installed on a Java card or uploaded prior to the verification. Although, the basic idea is compliant with the above requirements, the described method of product authentication has some open issues. First, the portable device should be equipped with a special sensor capable to communicate with the above anti-copying security materials. This raises two serious concerns. The first one is related to the fact that the sensors should be mass-scale integrated into the portable devices of various manufacturers; this might raise various practical difficulties regarding standardization, price of portable devices, energy consumption, weight, and consumer's reluctance to have some not often used features in their equipment. Secondly, to perform the authentication according to the described local protocol one has either to download the corresponding software or to use specially prepared security cards. In most cases, the software installation on portable devices by ordinary consumers is not likely due to the infrequent need in product authentication. Moreover, there is an important diversity of portable devices, of their operating systems, programming and software. This makes the process of developing verification software quite complex, expensive and slow with respect to new updates. Additionally, consumers with frequent need in authentication will more likely prefer secure smart cards based solutions on their mobile devices. However, even in this case the device should have regular access to a database for updates of the new products. Moreover, the disclosed protocol does not address the important issue of the database update according to the information about performed product requests or the fact of product consumption. A serious threat is the duplication of the product IDs once the proprietary information carried by the physical material is discovered or decoded. This task is also facilitated for the counterfeiter by the availability of sensors in public portable devices.
An idea similar in spirit was disclosed in Patents No 2002/0146146 [2] and No 2005/0213790 [3], using either portable devices equipped with optical cameras or computers connected to the web-cameras capable to capture digital watermarks and connected via internet with the product ID database, where the watermark is considered to be a security feature difficult to copy. Although, Patent 2002/0146146 enables the connection with the product ID database, the need of stationary web-camera and regular Internet connection seriously restricts the usage of the disclosed invention. According to the second patent [3], one can benefit from wireless communications using portable devices in the protocol requiring the interaction between the product and database. Therefore, one can envision potential combination of techniques claimed in these two patents to achieve the desirable goal similarly to [1] with the only difference of using digital watermarks instead of secure physical materials. However, even in this case the above-mentioned shortcomings of the proposed protocol are not completely resolved. In particular, one is facing the same problem with the software installation to perform authentication and the issue with the database update with respect to the requested product information. Moreover, the main security load is put on the digital watermark instead of on materials with the special physical properties. It is assumed that the watermark cannot be reproduced from the printed data. However, it was demonstrated that most of spread spectrum-based digital watermarking techniques are vulnerable to the so-called copy attack [4]. The main idea behind the copy attack is a possibility to predict the watermark from an image (even without the knowledge of the used secret key), enhance it and copy to another product image or logo. New recent studies additionally revealed that quantization-based data-hiding techniques are even more vulnerable to such kind of attacks since they are characterized by higher security leakages [5, 6]. Moreover, the sensitivity attack can be efficiently used to reveal the secret information with the available detector/decoder, which is the case for the considered application, and then the copy attack can be successfully applied [7, 8]. Therefore, it is highly unlikely that solely current digital watermarking technology can resolve the issue of reliable document authentication.
It should also be pointed out that once the security features of physical materials are disclosed, one could reproduce the product, packaging or label in any desired quantity. This threat can be over passed providing the possibility to a consumer to consult the database according to the described protocols and obtain the confirmative or negative answer concerning product authenticity.
A similar idea is also described in RU Patent number RU 2181503, filled Jul. 30, 2001 and published Apr. 20, 2002 [9] where the index generated from a random numbers generator is assigned to every product that is stored in the database and printed on the product, packaging or label. Additionally, the telephone number or Internet address are indicated on the product or label. An opaque erasable film covers the index. After purchase the consumer removes the opaque layer and sends the index to the control service. The product authenticity is decided based on the comparison of the communicated index and the index stored in the database. A similar idea with coded information in the form of barcodes is described in the RU patent No RU 2132569, filled Nov. 11, 1998 and published Jun. 27, 1999 [10]. The described way of product ID communication to the server in the case of telephone call described in [9] consists in establishing the communication with the database via phone call and dialing the product ID after opaque film removal during the call. The result of the verification of the dialed number with the database is pronounced to the caller. Thus, the number is introduced manually only after removing opaque film, i.e., after damaging the integrity of the product, and the spelled confirmation is not stored by the consumer. Moreover, the database is not updated according to the request and the caller information is not registered and stored (for various security and promotion reasons that will be disclosed below). This interaction protocol represents a number of serious security concerns regarding the protocol in general as well as the way a particular product index is communicated. First, once the product ID is disclosed for any reason it is publicly available and nothing prevents counterfeiters to copy on the other products covering it with the opaque film. Every authentication request generated based on the faked product that is sent to the indicated telephone number or Internet address would then confirmative. Secondly, the product can only be authenticated after purchase, which complicates the procedure of the product return, replacement or even compensation. Moreover, the consumer has no confirmation that he has checked the claimed product from a given mobile device since he/she does not receive any sort of certificate message or proof. Thirdly, since some products are manufactured in quantities in the order of millions, the product index can be quite lengthy for the manual input/communication. This raises two serious concerns: the motivation of consumer to input such lengthy indices especially in cases when several items are bought will be low, and the probability that the typed/dialed index be correctly retyped from the product or packaging is not 100%. It should be pointed out that no form of coding was assumed to tackle with these issues.