In the battle against counterfeit drugs in the pharmaceutical supply chain, Texas Instruments (NYSE: TXN) and VeriSign, Inc. (Nasdaq: VRSN) have introduced a model for Authenticated RFID that has the potential to enhance security and chain-of-custody controls. The Authenticated RFID model will combine ISO/IEC standard 13.56 MHz RFID and PKI (Public-key infrastructure) technologies in a two-stage approach to fight the counterfeit drug problem. Texas Instruments and VeriSign are developing the Authenticated RFID model to support item-level authentication at the pharmacy, and the implementation over time of a supply chain infrastructure to validate transactions at any point along the chain of custody.
This Authenticated RFID model proposes an enhancement to item-level product security in real-time by creating stronger authentication between the tag and any Authenticated RFID reader from the point of manufacture to the point of sale. 3M, a leading provider of security solutions including RFID tracking and authentication systems, will supply the Authenticated RFID readers to support this new model. By initially deploying the technology at the point of manufacturing and the point of dispensing, the pharmaceutical industry can benefit from a higher level of item-level authentication to thwart counterfeit products.
This Authenticated RFID model employs real-time, off-network authentication at the dispensing pharmacy, a first step that can be implemented quickly with minimal investments in current infrastructure. The integration of RFID and PKI technologies would facilitate identification of unique items, automate data collection and provide authentication at multiple read points as a product moves through the supply chain.
Through the use of standards-based public key technology, digital signatures and data encryption, the Authenticated RFID model would enable enterprises to create and validate ownership during multiple states of shipping and receiving. The use of PKI would enable products to be authenticated by a trusted third party, and encrypt information sent between parties. VeriSign currently provides encryption and authentication services for 93 percent of the Fortune 500 and the top ten U.S. banks.
This new model is an important step forward in the fight against counterfeit drugs, extending the track and trace capabilities of RFID by adding real-time off-network authentication, said Julie England, vice president of Texas Instruments and general manager of Texas Instruments RFid Systems. Working with the ISO/IEC and EPCglobal Inc. international standards organizations, were seeking to leverage existing technologies and infrastructure to address the need for item-level pharmaceutical authentication to help provide a safe and secure supply chain.
One of the more difficult challenges faced by manufacturers and retailers alike is trying to determine the custody of a product at the various stages of its journey along the supply chain, said Brian Matthews, vice president of VeriSigns Naming and Directory Services. VeriSign is very familiar with using authentication to verify whos real and whos not in online transactions. Were bringing that expertise to bear on the problem of defining whats real, and on recording ownership of products as they move through a complex shipping process that begins with manufacture and ends with the display on store shelves.
Multi-tiered Model for the Problem of Product Counterfeiting and Diversion
Product counterfeiting and diversion is a significant problem today, particularly in the pharmaceutical supply chain. This problem threatens corporate revenues, and more importantly, consumer safety. The Authenticated RFID model envisions bringing together a combination of hardware and service-based architecture to provide manufacturers with multiple lines of defense in addressing this issue. The Authenticated RFID model as proposed today has the following features:
Unique RFID Tags - The first line of defense in the model is the RFID tag or transponder. During manufacturing, the tag manufacturer locks data onto the tag, including a Unique Identification (UID) number and the Product Manufacturer Identifier (PMID) number, to create a secure and unalterable code.
Digital Signing of Tags - During the product manufacturing process, tag data is digitally signed with the product manufacturers private key and the signature is locked into the tags memory. The tag is then applied to the product. A digital signature is then used by Authenticated RFID readers to validate the tagged pharmaceutical product at the pharmacy or anywhere in the supply chain.
Supply Chain Event Validation - As the tagged products move throughout the supply chain, Authenticated RFID readers write chain-of-custody event markers on the tag. An added layer of tag validation is then implemented by comparing the tag event markers to data from full chain-of-custody systems of record in the supply chain. This represents a third line of defense.
This multi-tiered approach to improving chain of custody controls within the pharmaceutical supply chain would provide manufacturers, distributors and retailers with added levels of security that they need to deploy authenticated RFID solutions.