WO2015140643A2 - Rfid based anti-counterfeiting, distribution enhancement and customer analysis system - Google Patents

Rfid based anti-counterfeiting, distribution enhancement and customer analysis system Download PDF

Info

Publication number
WO2015140643A2
WO2015140643A2 PCT/IB2015/000981 IB2015000981W WO2015140643A2 WO 2015140643 A2 WO2015140643 A2 WO 2015140643A2 IB 2015000981 W IB2015000981 W IB 2015000981W WO 2015140643 A2 WO2015140643 A2 WO 2015140643A2
Authority
WO
WIPO (PCT)
Prior art keywords
consumer
product
producer
unique
authentication
Prior art date
Application number
PCT/IB2015/000981
Other languages
French (fr)
Other versions
WO2015140643A3 (en
Inventor
Alexander BUSAROV
Yaroslav BELINSKIY
Original Assignee
Busarov Alexander
Belinskiy Yaroslav
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Busarov Alexander, Belinskiy Yaroslav filed Critical Busarov Alexander
Publication of WO2015140643A2 publication Critical patent/WO2015140643A2/en
Publication of WO2015140643A3 publication Critical patent/WO2015140643A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/018Certifying business or products
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0241Advertisements
    • G06Q30/0251Targeted advertisements

Definitions

  • RFID tags are applied to authentic items that producers wish to protect from counterfeits.
  • a consumer enables a software client and scans a product with his/her smartphone.
  • Authentication request is sent to a backend server.
  • the server references the received data against a library of unique data points in the backend database and sends a response to the customers smartphone.
  • the response consists of an authentication result displayed to the consumer through the software client and a data package that updates information on the RFID tag.
  • the respective data point in the back end database is updated and synchronised with the
  • the system provides 3 layers of authentication that allow to overcome the majority of shortcomings of other similar systems.
  • the first layer is an encrypted or not encrypted unique ID that is stored in both RFID tag on a product and a corresponding data point on the back end database.
  • the second layer is a rewritable secret that is rewritten and synchronised on both RFID tag and the back end database data point every time an authentication scan is performed.
  • the third layer is data on the consumers location at the time of scanning the product that is sent to the back end server when performing an authentication scan and that is checked against corresponding information in the backend database. All 3 layers are used in a combination for protection against cloning the RFID tags by counterfeiters.
  • the same software client described in the Type 1 interaction allows for producer to communicate additional information to the consumer.
  • the producer can communicate new information including but not limited to offers, promotions and warnings that might be of interest to the consumer.
  • the nature of such offers and promotions can include but is not limited to discount deals on the next purchased item, price comparison with other locations, price comparisons with online sales channels, gifts, loyalty points etc.
  • the producer can use the Type 2 interaction to communicate to the consumers a warning, warning them not to purchase the given product.
  • Type 1 and Type 2 interactions allow tracking individual product items and maximizing the efficiency of distribution networks. This feature enables the implementation of regional price discrimination in geographically diverse regions and penetration of markets previously unattainable due to problems with distribution.
  • the data will also allow measuring store shelf traffic drastically increasing the measurement accuracy of the producer's advertising activity, in various media.
  • Product tags used in the System can use any RDIF chips that have both rewritable and non-rewritable memory.
  • the RFID chips that work with the system include but not limited to: active and passive chips, low, high and ultra-high frequencies (LF, HF, UHF), that work in ranges as small as 0.2 cm and above.
  • Product tags also carry certain data in the form of a visible unique ID (e.g. QR code).
  • Software client in the System refers to a mobile phone or another
  • APP communication device application
  • This APP is used primarily for communication between RFID tag on the product and the backend database.
  • the use, however, is not limited to communication function and may include, but not limited to, encryption of data, advertising and informational services, as well as other commercial and non-commercial services.
  • the software client may initiate a scanning of the unique ID.
  • Public data networks refers to any communication channel between mobile phone or another communication device and the backend database. These networks would normally be, but not limited to, mobile operator networks that allow data transfer and wifi networks.
  • Backend server and database refers to server and database placed on one or multiple computers that stores data and performs required algorithms for operation of the System.
  • the data stored includes, among other things, unique IDs of Product tags, current and previous secrets for each tag, history of tag scans as well as location of the scans.
  • the server also hosts and runs software, required to operate System in the way described in this document.
  • the rewritable secrets authentication step is skipped and authentications is performed through the unique ID (e.g. stored on on the QR code) and the Consumer's phone geolocation
  • Consumer wishing to authenticate a product activates a software client on his or her NFC enabled smartphone. The consumer then brings the NFC enabled smartphone in close proximity to the RFID tag on the product packaging for the NFC reader to establish connection with RFID tag. The client sends a challenge to the RFID tag requesting the unique ID and the secret.
  • Smartphone sends tag's unique ID, secret and geolocation data via public data networks (mobile carriers) to the backend servers for verification
  • the server updates the secret in the corresponding data point in the database
  • the amount of information that is presented in the authentication response may range from a binary "Genuine”/ "Not Genuine” result to a more detailed response regarding results of all the layers of verification.
  • the process is simplified in that the unique ID is sent through the software client together with geolocation data of the consumer's smartphone. This data pair is then matched with the corresponding data pair for that particular individual product item in the database. Depending of the result of the matching procedure the authentication result is generated and sent to the consumer's smartphone.
  • the unique ID e.g. QR code
  • the first layer of protection of the system is the tag ID that is unique for every tag.
  • the ID is generated randomly thus, apart from the case of a predetermined leak, would not be economically feasible for a typical counterfeiter to break using existing code-breaking methods.
  • the ID is stored within the tag's memory and not on the product packaging thus preventing a less sophisticated counterfeiter from getting access to the ID for the purpose of copying it to the counterfeit products.
  • the second layer of protection is a Secret that is stored in the rewritable portion of the RFID tag and in the backed database where it is associated with the unique tag ID.
  • the pair ID/Secret on the tag has to match the ID/Secret pair in the backend database. Every time an authentication process is performed a new Secret is written to both the RFID tag and a data point associated with the unique tag ID it in the backend database.
  • the first authentication challenge performed by the customer on the genuine tag with an ID that was copied will write a new secret to both the tag and the associated data point in the backend database. This way any amount of counterfeited products with copied IDs will be out of sync with the backend database and hence will not pass the authentication test.
  • the third layer of protection is geolocation data that is sent by the smartphone while performing an authentication request.
  • a producer is able to associate tag IDs of a certain batch of products with a particular distribution channel and/or particular geography with a varying degree of granularity.
  • the system checks if the received geolocation data matches the geolocation data associated with the given tag ID in the backend database.
  • the System will allow development of database containing data on trustworthy retailers and distributors as well as those where counterfeit products have been regularly detected. This database is then used as an additional layer of security in authenticating products.
  • a counterfeiter may purchase a genuine product, copy the RFID tag and reproduce it on a number of counterfeit products. Since the original RFID tag is taken out of circulation the Secret on the RFID tag and the backend database will not be updated. A counterfeiter may potentially introduce the counterfeit batch into the supply chain, however since only one counterfeit item may be sold before the secret is updated and the database goes out of sync with the batch, it is not economically sensible for a counterfeiter to do such an exchange. In addition such strategy may be further hampered through an introduction of an expiration time of tag associated data points in the backend database.
  • DOS Denial of Service
  • the System is potentially vulnerable to attacks when the attacker installs malicious software either on the consumers' smartphone or the backend database and compromises the authentication process.
  • Reusing genuine tags and genuine product packaging is also a threat to the System. This threat is, however, limited by the geolocation data layer of protection. In an event the counterfeiter is reusing genuine tags or product packaging, the counterfeit products will need to be placed in the same retail location as the original one, thus restricting counterfeiters activity significantly.
  • System's Auxiliary Capability I New Marketing and Communication Channel
  • the system leverages consumer's concern about the authenticity of the Product in order to achieve the wide adoption and frequent utilization of the software client. This presents a unique opportunity for producer to reach a wide consumer base with offers, promotions and other information that may be tailored for individual consumer's preferences.
  • the authentication capability of the software client is the distinguishing feature that would allow wide adoption of the software client and inspire consumer trust thus circumventing chief shortcomings of systems that are designed to ONLY communicate marketing offers to the consumer
  • the Producer is able to communicate offers and promotions based on individual consumer preference that could be deduced from the Consumer's scanning behaviour as well as his activity in social networks, and other public profiles.
  • the offers may be presented at the moment of scanning and be tied to a particular retail location or can be pushed to the Consumers phone not at the moment of scanning.
  • the moment of scanning indicates high probability of the purchase decision on behalf of the Consumer.
  • the Producer may use this opportunity to communicate alternative locations for the purchase of the Product which may include both brick and mortar stores as well as online retailers.
  • the Producer may encourage certain type of behaviour on behalf of the consumer by tethering the software client to the existing or new loyalty system.
  • the Producer may choose to communicate to Consumer a warning, encouraging NOT to purchase the given Product.
  • the System will greatly improve the measurability of certain retailing
  • the System will generate data on the amount of authentication scans that can be compared to the number of purchases from a particular retailer that provides with valuable insights into the effectiveness of marketing and merchandising.
  • a covert anti-counterfeiting solution is a solution where part, or all of the elements, can not be identified by an individual who was not specifically trained to identify covert anti-counterfeit solutions or without special attention or equipment.
  • These solutions include, but not limited to, any marks made with invisible ink, hidden or not obvious changes to product packaging, marks small enough to be not noticeable by human eye.
  • These systems are normally used by specially trained agents working for product manufacturers to identify counterfeit items.
  • the obvious disadvantage of such system is the limitation on the number of agents that can use it - each individual needs either special training or tools to use the system.
  • the System does not have such a limitation. According to the System, the authentication of products can be performed by a member of general public using a mobile phone and a data
  • Optically variable devices e.g. holograms
  • An optically variable device such as a hologram, normally incorporates a 3- dimensional construction that changes visual appearance for a human eye under different angles. Such construction is meant to be complex for counterfeiters to reproduce and, at the same time, simple enough for untrained agents to authenticate. The practice has shown, however, that the counterfeiters have reached significant enough sophistication to copy these optically variable devices with sufficient precision, so that an untrained person with no special equipment is unable to correctly authenticate such devices.
  • Unique identification systems place a unique ID for every product item.
  • the unique ID can be sequential, random or pseudo-random and can be placed in multiple forms: a visible number or a string of characters, one or two-dimensional barcode, unique topography, RFID or any other means of adding information to product or product packaging.
  • Such systems normally allow the consumers or end buyers to
  • the authentication algorithm checks the unique ID on the product or product packaging against the database of authentic IDs (for sequential, random or pseudo-random generated IDs) or IDs generating function (for sequential or pseudo-random generated IDs). If the unique ID on the product or product packaging matches the unique IDs database or IDs generating function, the product is considered authentic and the corresponding message may be delivered to the user. If the unique ID on the product or product packaging does not match the unique IDs database or IDs generating function, the product is considered not authentic and the corresponding message may be delivered to the user.
  • the main disadvantage of such system is vulnerability to copying of unique IDs on products or product packaging while the products are in the supply chain. For example, the counterfeiters may be copying unique IDs during transportation to wholesaler and creating multiple product items with each of the copied unique ID. b. Unique identification systems with limited number of checks by customer.
  • the main disadvantage of the simple unique identification system described above can, at least partly, be solved by limiting the number of successful checks the user can have on each particular product ID. This can be done both digitally or physically.
  • the digital solution tracks the number of requests for authentication received for each particular unique ID and confirms authentication only for the first n attempts, where n is normally pre-set by the system administrator.
  • the described digital solution is often aided by a full or partial physical cover of the unique ID, such as a scratch line. For these solutions the user is required to remove the cover before being able to complete verification of the unique product ID.
  • Bundling unique product IDs with some element which is complex or costly (relative to the cost of production of such element) to reproduce is another anti-counterfeiting solution currently available.
  • Such elements include the Prooftag 1 solution and several others. These elements would typically use a random or pseudo-random process to generate a physical structure which is complex and relatively more expensive to copy and link physical qualities of such structure, most often its visual appearance, to unique product ID either through a database that contains the description of the physical qualities and unique IDs or through a function that generates the unique product IDs fully or partially based on the physical qualities of the physical structure.
  • the authentication of products in these systems combines authentication of both unique product IDs and the corresponding physical structures. Such systems have at least two significant shortcomings.
  • the first one is the technical complexity of authentication of the physical structure.
  • the Prooftag solution mentioned above requires user to manually authenticate a picture of the physical structure corresponding to the product unique ID in question to the actual visual appearance of the physical structure on the product packaging. This requires significant extra effort from the consumer which may significantly limit adoption of the system.
  • the second shortcoming is the potential for counterfeiter to reproduce visual appearance of the physical structure well enough for authentication to generate false positive responses on the products, even though the physical structure will not be reproduced completely. Given today's state of development of printing technology, reproducing visual appearance of a physical structure to an extent where difference between original physical structure and the copy is not apparent to a human eye can be well within the cost a potential counterfeiter would pay to break the anti-counterfeiting technology.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Strategic Management (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Development Economics (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Game Theory and Decision Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present claim is for a digital communication system between producer, consumer and individual product that uses communication networks available to the general public. The system consists of 3 basic components: product tags, backend database that stores various kinds of product data and a software client stored on consumer's mobile phone. The system enables the following three types of interaction: Type 1) Consumer is able to authenticate and obtain additional information about the product that he/she intends to purchase, Type 2) Producer is able to communicate additional offers, promotions and other information to the consumer that may or may not be individualised for particular consumer, Type 3) Producer is able to obtain information including, but not limited to product sales location and store shelf traffic of individual stock keeping units.

Description

This PCT application claims priority to U.S. Provisional Patent Application Ser. No. 61/955,228 filed on Mar. 19, 2014. The entire specifications of the PCT and provisional applications referred to above are hereby incorporated by reference.
Type 1 interaction
RFID tags are applied to authentic items that producers wish to protect from counterfeits. A consumer enables a software client and scans a product with his/her smartphone. Authentication request is sent to a backend server. The server references the received data against a library of unique data points in the backend database and sends a response to the customers smartphone. The response consists of an authentication result displayed to the consumer through the software client and a data package that updates information on the RFID tag. The respective data point in the back end database is updated and synchronised with the
corresponding tag. The system provides 3 layers of authentication that allow to overcome the majority of shortcomings of other similar systems. The first layer is an encrypted or not encrypted unique ID that is stored in both RFID tag on a product and a corresponding data point on the back end database. The second layer is a rewritable secret that is rewritten and synchronised on both RFID tag and the back end database data point every time an authentication scan is performed. The third layer is data on the consumers location at the time of scanning the product that is sent to the back end server when performing an authentication scan and that is checked against corresponding information in the backend database. All 3 layers are used in a combination for protection against cloning the RFID tags by counterfeiters.
Type 2 interaction
The same software client described in the Type 1 interaction allows for producer to communicate additional information to the consumer. During the
scanning/authentication process described in Type 1 interaction, the producer can communicate new information including but not limited to offers, promotions and warnings that might be of interest to the consumer. The nature of such offers and promotions can include but is not limited to discount deals on the next purchased item, price comparison with other locations, price comparisons with online sales channels, gifts, loyalty points etc.
In case of a recall, the producer can use the Type 2 interaction to communicate to the consumers a warning, warning them not to purchase the given product.
Type 3 interaction
The data generated during Type 1 and Type 2 interactions allows tracking individual product items and maximizing the efficiency of distribution networks. This feature enables the implementation of regional price discrimination in geographically diverse regions and penetration of markets previously unattainable due to problems with distribution.
The data will also allow measuring store shelf traffic drastically increasing the measurement accuracy of the producer's advertising activity, in various media.
Going forward the anti-counterfeiting system under present claim will be referred to as "System". System Components
1 . Product Tags
a. Product tags used in the System can use any RDIF chips that have both rewritable and non-rewritable memory. The RFID chips that work with the system include but not limited to: active and passive chips, low, high and ultra-high frequencies (LF, HF, UHF), that work in ranges as small as 0.2 cm and above.
b. Product tags also carry certain data in the form of a visible unique ID (e.g. QR code).
2. Software client
Software client in the System refers to a mobile phone or another
communication device application (APP) for Android, iOS, QNX (RIM), Windows Phone, Symbian, webOS or any other platform. This APP is used primarily for communication between RFID tag on the product and the backend database. The use, however, is not limited to communication function and may include, but not limited to, encryption of data, advertising and informational services, as well as other commercial and non-commercial services.
If a smartphone is not equipped with the RFID reading capability the software client may initiate a scanning of the unique ID.
3. Public data networks
Public data networks refers to any communication channel between mobile phone or another communication device and the backend database. These networks would normally be, but not limited to, mobile operator networks that allow data transfer and wifi networks.
4. Back end server and database
Backend server and database refers to server and database placed on one or multiple computers that stores data and performs required algorithms for operation of the System. The data stored includes, among other things, unique IDs of Product tags, current and previous secrets for each tag, history of tag scans as well as location of the scans. The server also hosts and runs software, required to operate System in the way described in this document.
If the authentication is performed through the unique ID (e.g. QR code) alone, then the rewritable secrets authentication step is skipped and authentications is performed through the unique ID (e.g. stored on on the QR code) and the Consumer's phone geolocation
System processes Processes Diagram
Please, refer to the drawings for the process diagram Processes description for RFID-enabled mobile phones Stage I
1 ) Consumer wishing to authenticate a product activates a software client on his or her NFC enabled smartphone. The consumer then brings the NFC enabled smartphone in close proximity to the RFID tag on the product packaging for the NFC reader to establish connection with RFID tag. The client sends a challenge to the RFID tag requesting the unique ID and the secret.
2) Tag sends its unique ID and secret to the Smartphone
3) Smartphone sends tag's unique ID, secret and geolocation data via public data networks (mobile carriers) to the backend servers for verification
Stage II
4) Data received from the smartphone is matched against a database where unique ID, most recent secret and tag's designated geolocation are stored.
5) A new secret is generated
Stage III
6) A verification response and new secret are sent to the smartphone via public data networks
7) Smartphone writes the new secret to the RFID tag
Stage IV
8) Smartphone checks that the new secret has been successfully written to the RFID tag and sends confirmation to the server
9) The server updates the secret in the corresponding data point in the database
10) The backend server sends confirmation of successful database update to the smartphone
Stage V
1 1 ) The customer is presented with the verification result.
The amount of information that is presented in the authentication response may range from a binary "Genuine"/ "Not Genuine" result to a more detailed response regarding results of all the layers of verification.
If the authentication is done via the scanning of the unique ID (e.g. QR code) alone, then the process is simplified in that the unique ID is sent through the software client together with geolocation data of the consumer's smartphone. This data pair is then matched with the corresponding data pair for that particular individual product item in the database. Depending of the result of the matching procedure the authentication result is generated and sent to the consumer's smartphone.
System's core: Multi-layered Authentication
Key distinguishing feature of the System is its 3 layers of authentication that every authentication request must go through before a customer can be presented with a confirmation of authenticity. In addition, the System produces an effect that disrupts economics of counterfeiting.
Unique ID
The first layer of protection of the system is the tag ID that is unique for every tag. The ID is generated randomly thus, apart from the case of a predetermined leak, would not be economically feasible for a typical counterfeiter to break using existing code-breaking methods. The ID is stored within the tag's memory and not on the product packaging thus preventing a less sophisticated counterfeiter from getting access to the ID for the purpose of copying it to the counterfeit products.
Rewritable Secret
The second layer of protection is a Secret that is stored in the rewritable portion of the RFID tag and in the backed database where it is associated with the unique tag ID. In order to pass this authentication layer the pair ID/Secret on the tag has to match the ID/Secret pair in the backend database. Every time an authentication process is performed a new Secret is written to both the RFID tag and a data point associated with the unique tag ID it in the backend database.
Should a counterfeiter copy the RFID tag together with the unique ID, the first authentication challenge performed by the customer on the genuine tag with an ID that was copied will write a new secret to both the tag and the associated data point in the backend database. This way any amount of counterfeited products with copied IDs will be out of sync with the backend database and hence will not pass the authentication test.
Geolocation
The third layer of protection is geolocation data that is sent by the smartphone while performing an authentication request. A producer is able to associate tag IDs of a certain batch of products with a particular distribution channel and/or particular geography with a varying degree of granularity. When comparing data received from the smartphone with information stored in the backend database the system checks if the received geolocation data matches the geolocation data associated with the given tag ID in the backend database.
In an extremely unlikely event of counterfeit products with copied tags penetrating the distribution system and a copied tag going through the authentication process before the secret in the genuine tag has been changed the system will perform a check of the product location with the designated location of the tag ID in the backend database.
Additional protection
- To make counterfeiting economically feasible a counterfeiter will need to produce a significant amount of counterfeited products per one copied RFID tag. Since a single authentication scan will automatically put the entire counterfeit batch out of sync with the backend database and will prevent it from passing the authentication challenge the System will severely damage the economics of counterfeiting.
- Overtime the System will allow development of database containing data on trustworthy retailers and distributors as well as those where counterfeit products have been regularly detected. This database is then used as an additional layer of security in authenticating products.
Authentication System Vulnerabilities
Potential attack strategies Physical tag copying
A counterfeiter may purchase a genuine product, copy the RFID tag and reproduce it on a number of counterfeit products. Since the original RFID tag is taken out of circulation the Secret on the RFID tag and the backend database will not be updated. A counterfeiter may potentially introduce the counterfeit batch into the supply chain, however since only one counterfeit item may be sold before the secret is updated and the database goes out of sync with the batch, it is not economically sensible for a counterfeiter to do such an exchange. In addition such strategy may be further hampered through an introduction of an expiration time of tag associated data points in the backend database.
Eavesdropping
A similar to the above strategy is the eavesdropping technique, where a counterfeiter copies the RFID without actually purchasing the genuine product. In this case it might be possible for the System to give a false positive response to the authentication challenge under the following circumstances:
a) The genuine RFID tag that remained on the shelf at the retailer has not being scanned after the eavesdropping had taken place. b) The counterfeit product is scanned prior to the genuine product. c) The counterfeit product is placed with the same retailer where the eavesdropping took place, for otherwise the geolocation verification will prevent the authentication.
It can be seen that each of this conditions drastically reduces chances of success of this kind of attacks and taken together with the fact that a counterfeiter would only be able to sell one counterfeit item before the entire batch is placed out of sync with the backend database makes the System almost entirely resistant to this kind of attacks.
Cyberattacks on data centres, smartphones or carrier networks
Remote attacks on the Systems support networks present the most serious threat to the Systems intended operation.
DOS attacks
The most common type of such attacks would be the so called "Denial of Service" (DOS) attack where customers won't be able to perform authentication due to system outage. Repeated and prolonged DOS attacks would be detrimental to consumer's trust and thus a widespread adoption of the System.
Malicious software
The System is potentially vulnerable to attacks when the attacker installs malicious software either on the consumers' smartphone or the backend database and compromises the authentication process.
Reusing the tags and product packaging
Reusing genuine tags and genuine product packaging is also a threat to the System. This threat is, however, limited by the geolocation data layer of protection. In an event the counterfeiter is reusing genuine tags or product packaging, the counterfeit products will need to be placed in the same retail location as the original one, thus restricting counterfeiters activity significantly.
Leaks of backend data
Leaks of backend data can be a significant threat to System's operations. However, even the leaks of original data on tags' unique IDs and corresponding secrets is limited in potential damage to the System operation. If data is leaked, such a leak becomes apparent when counterfeit tags with leaked information start undergoing authentication. This is the case because the original tags will also be open for authentication by users and unique ID-secret pairs will start to desync
System's Auxiliary Capability I: New Marketing and Communication Channel The system leverages consumer's concern about the authenticity of the Product in order to achieve the wide adoption and frequent utilization of the software client. This presents a unique opportunity for producer to reach a wide consumer base with offers, promotions and other information that may be tailored for individual consumer's preferences. The authentication capability of the software client is the distinguishing feature that would allow wide adoption of the software client and inspire consumer trust thus circumventing chief shortcomings of systems that are designed to ONLY communicate marketing offers to the consumer
Some areas of System's applicability:
Offers and Promotions
The Producer is able to communicate offers and promotions based on individual consumer preference that could be deduced from the Consumer's scanning behaviour as well as his activity in social networks, and other public profiles.
The offers may be presented at the moment of scanning and be tied to a particular retail location or can be pushed to the Consumers phone not at the moment of scanning.
Choice of location
The moment of scanning indicates high probability of the purchase decision on behalf of the Consumer. The Producer may use this opportunity to communicate alternative locations for the purchase of the Product which may include both brick and mortar stores as well as online retailers.
Loyalty system
The Producer may encourage certain type of behaviour on behalf of the consumer by tethering the software client to the existing or new loyalty system.
Recall management
In case of a product recall or otherwise the Producer may choose to communicate to Consumer a warning, encouraging NOT to purchase the given Product.
System's Auxiliary Capability II: Enhanced Product Distribution
Leveraging the geolocation data, producers will be able to significantly improve their distribution network, especially in the markets with significant regional discrepancy and difficulty in accessing and controlling certain regions.
Since significant amount of consumer products are sold through wholesale distributors, who often operate in designated areas or with selected retailers it becomes essential for producers to establish tight control over the distributors in order to maximize efficiency of the distribution network. Some areas of System's applicability: Preventing arbitrage:
Regional discrepancy prompts producers to establish regional price
discrimination. This can tempt certain distributors to compromise the arrangement by purchasing products in the lower priced regions and selling them in other regions at a premium, thus stripping producer of additional earnings. Since the System will be constantly generating geolocation data for the products it will greatly facilitate tracking and closing channel for
undesirable arbitrage.
Better control over distributor's area of operation:
Since producers tend to receive higher margins in the distribution channels where they deal directly with the retailer as opposed to a distributor it is in producers interest to protect regions where direct sales have been
established from neighbouring distributors. The Systems greatly simplifies such control through the geolocation data.
Additional tracking data
The System will greatly improve the measurability of certain retailing
indicators like store traffic to purchase ratio. The System will generate data on the amount of authentication scans that can be compared to the number of purchases from a particular retailer that provides with valuable insights into the effectiveness of marketing and merchandising.
Alternative Systems
There are a number of alternative systems currently used by manufacturers to protect against counterfeit products. A brief overview of such systems is given below with details of advantages of the System put forward.
1 . Covert solutions.
A covert anti-counterfeiting solution is a solution where part, or all of the elements, can not be identified by an individual who was not specifically trained to identify covert anti-counterfeit solutions or without special attention or equipment. These solutions include, but not limited to, any marks made with invisible ink, hidden or not obvious changes to product packaging, marks small enough to be not noticeable by human eye. These systems are normally used by specially trained agents working for product manufacturers to identify counterfeit items. The obvious disadvantage of such system is the limitation on the number of agents that can use it - each individual needs either special training or tools to use the system. The System does not have such a limitation. According to the System, the authentication of products can be performed by a member of general public using a mobile phone and a data
connection, both of which are already very widespread. 2. Optically variable devices (e.g. holograms).
An optically variable device, such as a hologram, normally incorporates a 3- dimensional construction that changes visual appearance for a human eye under different angles. Such construction is meant to be complex for counterfeiters to reproduce and, at the same time, simple enough for untrained agents to authenticate. The practice has shown, however, that the counterfeiters have reached significant enough sophistication to copy these optically variable devices with sufficient precision, so that an untrained person with no special equipment is unable to correctly authenticate such devices.
3. Unique identification systems.
Unique identification systems place a unique ID for every product item. The unique ID can be sequential, random or pseudo-random and can be placed in multiple forms: a visible number or a string of characters, one or two-dimensional barcode, unique topography, RFID or any other means of adding information to product or product packaging. Such systems normally allow the consumers or end buyers to
authenticate the product through various channels.
There are multiple variations of such systems. Here we consider several variations. a. Simple unique identification system.
Under simple unique identification system the authentication algorithm checks the unique ID on the product or product packaging against the database of authentic IDs (for sequential, random or pseudo-random generated IDs) or IDs generating function (for sequential or pseudo-random generated IDs). If the unique ID on the product or product packaging matches the unique IDs database or IDs generating function, the product is considered authentic and the corresponding message may be delivered to the user. If the unique ID on the product or product packaging does not match the unique IDs database or IDs generating function, the product is considered not authentic and the corresponding message may be delivered to the user. The main disadvantage of such system is vulnerability to copying of unique IDs on products or product packaging while the products are in the supply chain. For example, the counterfeiters may be copying unique IDs during transportation to wholesaler and creating multiple product items with each of the copied unique ID. b. Unique identification systems with limited number of checks by customer.
The main disadvantage of the simple unique identification system described above can, at least partly, be solved by limiting the number of successful checks the user can have on each particular product ID. This can be done both digitally or physically. The digital solution tracks the number of requests for authentication received for each particular unique ID and confirms authentication only for the first n attempts, where n is normally pre-set by the system administrator. The described digital solution is often aided by a full or partial physical cover of the unique ID, such as a scratch line. For these solutions the user is required to remove the cover before being able to complete verification of the unique product ID. These solutions have a number of important shortcomings. The solutions without physical cover of the unique ID are prone to have the unique IDs copied by counterfeiters, after which there is a high chance the system authenticates counterfeit products and doesn't authenticate authentic products. This happens if the counterfeit product is attempted for authentication before authentic product with the same unique ID. The solutions with physical cover protects from situation where counterfeiters copy unique product IDs. However, the solution becomes inconvenient for the user, since the product loses it's marketable condition after first authentication attempt: once the cover protecting the unique product ID is removed it can not be replaced. This limitation practically implies that such anti-counterfeiting solution can only be implemented after purchase of the particular product by the customer. This is a significant limitation as most users would prefer to know if the product they are buying is authentic before they purchase it, not after they do so. c. Unique identification system with a corresponding "uncopyable" element.
Bundling unique product IDs with some element which is complex or costly (relative to the cost of production of such element) to reproduce is another anti-counterfeiting solution currently available. Examples of such elements include the Prooftag1 solution and several others. These elements would typically use a random or pseudo-random process to generate a physical structure which is complex and relatively more expensive to copy and link physical qualities of such structure, most often its visual appearance, to unique product ID either through a database that contains the description of the physical qualities and unique IDs or through a function that generates the unique product IDs fully or partially based on the physical qualities of the physical structure. The authentication of products in these systems combines authentication of both unique product IDs and the corresponding physical structures. Such systems have at least two significant shortcomings. The first one is the technical complexity of authentication of the physical structure. For example, the Prooftag solution mentioned above requires user to manually authenticate a picture of the physical structure corresponding to the product unique ID in question to the actual visual appearance of the physical structure on the product packaging. This requires significant extra effort from the consumer which may significantly limit adoption of the system. The second shortcoming is the potential for counterfeiter to reproduce visual appearance of the physical structure well enough for authentication to generate false positive responses on the products, even though the physical structure will not be reproduced completely. Given today's state of development of printing technology, reproducing visual appearance of a physical structure to an extent where difference between original physical structure and the copy is not apparent to a human eye can be well within the cost a potential counterfeiter would pay to break the anti-counterfeiting technology.

Claims

This PCT application claims priority to U.S. Provisional Patent Application Ser. No. 61/955,228 filed on Mar. 19, 2014. The entire specifications of the PCT and provisional applications referred to above are hereby incorporated by reference. Claims
1 . A digital system enabling communication between consumers, producers and individual product items comprising of:
a. Tags applied to individual product items consisting of digital data
storage accessible via RFID protocol and data stored in the form of a visible IDs ( such as QR code)
b. Software client on consumers' smartphones
c. Public data networks
d. Backend server and database
And allowing combining authentication and marketing capabilities in one software client.
2. A method of individual product item authentication consisting of the following: a. For RFID enabled mobile phones: matching individual product items' unique IDs with i. rolling secret ii. geolocation data of product scan b. For mobile phones not enabled with RFID reader: matching individual product items' IDs with geolocation data of product scan
3. Consumer-producer communication channel : A communication channel that allows consumers to scan the tag on an individual product item with the software client installed on their smartphones, which then communicates with the producer's backend server and database and obtains information relevant to the product such as:
a. Product authentication using smartphones equipped with RFID readers using the following information:
i. Unique ID: The software client sends the unique ID that it reads from the tag attached to the individual product item, to the backend server where it is matched against the database to determine whether the ID is valid.
ii. Rolling secrets: Each unique ID, described in the claim 2.a.i is paired in the database and on the tag with a secret, which is changed with each performed scan. The information on correct pairing of unique ID and the secret is synchronized on the tag and the database after each authentication request. To pass this layer the authentication challenge from the tag must produce a valid pair of the unique ID and the synchronised rolling secret. iii. Geolocation: The authentication request in addition to unique IDs (claim 2.a.i) and rolling secrets (claim 2.a.ii) carries current geolocation data of the consumer's smartphone, which is matched against the geolocation data of the intended retail venue of the individual product item.
b. Product authentication using mobile phones not-equipped with RFID readers through the following layers of defence: i. Unique ID: Same principle as described in the claim 2.a.i with software client obtaining the unique ID from a visible ID (e.g. QR code) on the tag.
ii. Geolocation: same principle as described claim 2.a.iii
c. In addition to the authentication result the consumer obtains
information regarding the scanned individual product item including, but not limited to: the place of origin, manufacturing date, ingredients, etc.
Depending on circumstances and settings, the System may produce an authentication result utilizing all authentication layers described in claims 2. a and 2.b. consecutively or non-consecutively
The System may also utilize only some defence layers described in claims 2. a and 2.b to produce an authentication result
4. Producer-consumer communication channel. Producer can utilize the
software client on the consumer's smartphone that is used by the consumer as described in claim 2 to communicate additional information that may contain, but is not limited to marketing and promotional materials.
a. Producer may communicate offers to the consumer through the software client that duplicate current offers that are available at the given retail location for certain range of products
b. The Producer may communicate offers that are individualised for the given consumer, based on, but not limited to: scan history, information obtained through consumer's social networks profile, retail location, etc. c. Producer may utilize the software client to suggest an alternative purchasing location for a given product through the client, that may include other brick and mortar stores as well as online retail channels. d. Producer may initiate and complete a sale of a given product through the software client.
e. Producers may send notifications regarding ongoing offers and promotions at various locations, including the online channel, without consumer initiating a product
f. Producer may link the software client with a loyalty programs rewarding specific consumer behaviour.
g. In case of a recall producer, may communicate an appropriate warning to the consumer urging the consumer not to complete the purchase of the product.
h. Producer may utilize the software client to communicate any other
information not described in claim 2 and claims 3. a through 3.g
5. Producer may utilize the data obtained from the activity described in claims 2 and 3 in order to:
a. Improve its inventory management through tracking the scanning
pattern and geolocation data described in claim 2 through eliminating the opportunity for arbitrage by the regional distributor where regional pricing differential is implemented.
b. Protect areas where the Producer has established direct sales contract with the retail chains or has unique arrangement with certain
distributors in that area from encroachment by distributors from other areas.
c. Measure the effectiveness of promotional activity in-store or other
media including methods described in claim 3 through measuring scans frequency from activity described in claim 2 with up to real-time data display.
d. Measure differences in regional effectiveness of promotional activity in- store or other media including methods described in claim 3 through measuring scans frequency from activity described in claim 2 with up to real-time data display.
PCT/IB2015/000981 2014-03-19 2015-03-18 Rfid based anti-counterfeiting, distribution enhancement and customer analysis system WO2015140643A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201461955228P 2014-03-19 2014-03-19
US61/955,228 2014-03-19

Publications (2)

Publication Number Publication Date
WO2015140643A2 true WO2015140643A2 (en) 2015-09-24
WO2015140643A3 WO2015140643A3 (en) 2016-01-14

Family

ID=54145437

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2015/000981 WO2015140643A2 (en) 2014-03-19 2015-03-18 Rfid based anti-counterfeiting, distribution enhancement and customer analysis system

Country Status (1)

Country Link
WO (1) WO2015140643A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210084021A1 (en) * 2019-09-18 2021-03-18 Bioconnect Inc. Access control system
CN113256918A (en) * 2021-06-28 2021-08-13 四块科技(深圳)有限公司 Anti-counterfeiting verification method, device and system based on digital label and storage medium
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7774268B2 (en) * 2003-03-03 2010-08-10 The Tb Group, Inc. System, method, and apparatus for identifying and authenticating the presence of high value assets at remote locations
US20050234823A1 (en) * 2004-04-20 2005-10-20 Rainer Schimpf Systems and methods to prevent products from counterfeiting and surplus production also of tracking their way of distribution.
US20070179978A1 (en) * 2005-11-14 2007-08-02 Lee Kin K Systems and methods for anti-counterfeit authentication
CN102609846B (en) * 2011-03-18 2014-02-05 诺美网讯应用技术有限公司 Anti-false verification method and system based on communication network
GB2495480A (en) * 2011-10-05 2013-04-17 Coapperative Ltd Product authentication using unique code

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system
US20210084021A1 (en) * 2019-09-18 2021-03-18 Bioconnect Inc. Access control system
US11736466B2 (en) * 2019-09-18 2023-08-22 Bioconnect Inc. Access control system
CN113256918A (en) * 2021-06-28 2021-08-13 四块科技(深圳)有限公司 Anti-counterfeiting verification method, device and system based on digital label and storage medium

Also Published As

Publication number Publication date
WO2015140643A3 (en) 2016-01-14

Similar Documents

Publication Publication Date Title
US11544519B2 (en) Systems and methods for generating secure tags
US10412071B2 (en) Secure transaction systems and methods
CN104854642B (en) For the method and apparatus using physical features mark manufacture article
US8421593B2 (en) Apparatus, systems and methods for authentication of objects having multiple components
CN103295143B (en) Commodity antifake check method
US20170032382A1 (en) System and Method for Product Authentication
CN107341676A (en) False proof mark and the method for tracing to the source
CN105981061A (en) Method and system for verifying of the authenticity of a consumer product
WO2017116303A1 (en) Secure dual-mode anti-counterfeit product authentication methodology and system
CN105849739B (en) Authentication system and authentication method
Jayaprasanna et al. A block chain based management system for detecting counterfeit product in supply chain
CN102622624B (en) A kind of commodity counterfeit prevention identification system and method
WO2015140643A2 (en) Rfid based anti-counterfeiting, distribution enhancement and customer analysis system
CN103577996A (en) On-line verification method and system
JP2020197937A (en) Authenticity determining apparatus, authenticity determining system, and authenticity determining method
KR100524176B1 (en) Mobile phone capable of reading genuine article verifying information stored in a RF-tag and method for administrating service management executable in a computer communicating with the same phone
CN105225119A (en) Smart random antifalsification label
KR101285972B1 (en) System and method for preventing forgery and tampering of electronic tag
CN110533430A (en) A kind of antifake method for products and system and electronic device
JP2009530945A (en) Method and apparatus for authenticating a static data carrier
WO2014134827A1 (en) System and method for authentication
EP3924882B1 (en) A system and a method for identifying an article and whether an ownership of said article exists
KR101192972B1 (en) An authenti cation system for anti-forgery using the smart card chip and method of thereof
JP2004299864A (en) Distribution information managing device, distribution information managing method, distribution information management program, and recording medium
CN111985931A (en) Anti-counterfeiting verification system

Legal Events

Date Code Title Description
NENP Non-entry into the national phase in:

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15765401

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 15765401

Country of ref document: EP

Kind code of ref document: A2