Âéśš´ŤĂ˝

Fighting fakery: How to make products immune to counterfeiting

Alcohol, medicine, money, car airbags – you name it, it's been faked. Now tags you can't copy could block bogus goods forever

whisky bottles

DETECTIVES from the City of London Police had been investigating the activities of Robert Czernik for a year. In February, they finally picked him up and charged him with “selling goods liable to be mistaken for a registered trademark”. That might not sound like a heinous offence, but the goods in question were counterfeit car airbags that would not have worked properly in a collision. Police have alerted 680 people they think bought the airbags on eBay, and Czernik is due to be tried in the coming weeks.

It’s a reminder that all manner of goods are subject to fakery. People have tried to counter the problem for hundreds of years using devices intended to prove authenticity. In the Middle Ages, elaborate wax seals were the method of choice in Europe. Today, holograms and watermarks are ubiquitous. But the principle has remained the same all along: tag goods with an object that is extremely difficult to copy. Trouble is, “extremely difficult” isn’t always good enough – we need tags that are impossible to copy.

That is not beyond our wits. The basic recipe for unfakable tags has been around for 15 years, but it was always too complicated, costly and impractical. But make it work – as one man now claims he has – and fakery could be a thing of the past.

Criminals do a roaring trade in forging consumer products from cigarettes and alcohol to condoms. They aren’t shy of opportunism: knock-off solar observing glasses led to permanent eye damage for one man watching August’s US eclipse.

Perhaps the most troubling area of counterfeiting is pharmaceuticals. In 2015, Interpol’s seized fake medicines worth $81 million. Sometimes the drugs are merely diluted; other times, active ingredients are replaced with chalk or worse. The problem is most acute in developing countries, but the West gets its share too, with up to half of drugs bought online being fakes.

To see our best anti-counterfeiting efforts, you only need reach into your pockets: banknotes are full of colour-changing prints, watermarks and luminescent inks. Yet cloning each of these features is possible if you have time and resources. In 2007, the forger (real name Thomas McAnea) was apprehended in Glasgow, UK, while printing half a million highly sophisticated copies of ÂŁ20 notes.

In most situations, however, forgeries don’t need to be perfect because the point is not to fool experts but ordinary people. What we really need, then, is a security tag that is both impossible to fake and easy for anyone to verify. Cue the idea of one Ravi Pappu.

In 2001, Pappu was beginning a PhD project at the Massachusetts Institute of Technology that involved developing machines to scan 3D objects – anything from fingerprints to brains – in fine detail. However, a lot of his colleagues were working on security tags, and an inspiration from the digital world made him think he might be able to help.

Pappu knew that digital cryptography is based on a series of fundamental algorithms called primitives. One of these primitives is called the one-way function, so named because it is easy to compute in one direction but practically impossible backwards. Imagine, for example, multiplying two extremely large prime numbers. That’s easy for a computer, but the reverse – factorising to find the original primes – is so time-consuming as to be unfeasible. Such primitives can be combined like building blocks to do things like generate secure email signatures.

Pappu thought it might be possible to make a physical version of these one-way functions. “The moment I said those words – ‘physical one-way functions’ – in my head, the way to demonstrate it became very clear,” says Pappu, who now works for In-Q-Tel, a non-profit organisation that invests in security technology.

In essence, he needed to create a physical tag that produced some sort of readout, like a string of numbers or a bar code. Getting the readout from the tag should be easy, but working backwards from the readout to make a tag to match should be impossible. If he could pull that off, then products could be labelled with tags that would be easily verifiable via their readout – and entirely unclonable.

In his PhD thesis, Pappu . First, he stirred microparticles into a gel so they ended up in random positions. Once the gel had set, he could shine a laser at it to create a readout: a speckled pattern of light and shadow.

pills
Edible security tags could be printed on individual pills
plainpicture/Tine Butter

In principle, a manufacturer would be able create a such a tag, measure the pattern of light and shadow and upload the details to a public database. Then anyone buying an object with that tag could measure the pattern themselves and access the database to check the entry matched their purchase.

Yes, counterfeiters would be able to see that pattern too. But to clone the tag, they would need to work out the exact positions of the microparticles from the scattering pattern. That would be like looking at a shadow cast by three people standing in front of each other and trying to figure out what they look like. Even if the counterfeiter managed that, they would still need to arrange the microparticles with unattainable precision to get the same readout.

Other researchers embraced Pappu’s idea and renamed it the physical unclonable function (PUF). But some wrinkles still had to be ironed out. For one thing, you needed a perfectly positioned laser to read the pattern. More important, though, were the limitations of the readout. The laser beam produced a strictly black-and-white pattern, which would give pixels corresponding to a 0 or 1, when digitised. That generates a lot of possibilities but, ideally, we would want so many that we could never run out of unique tags – enough to label each and every object we might conceivably want to sell.

Over the past decade, researchers have explored PUF designs that would generate higher numbers of unique tags. One idea was to have a coloured pattern. To that end, some researchers tried using chemical dyes in place of Pappu’s microparticles, though that wasn’t straightforward because they tended to fade over time.

A way round this hurdle emerged in work by , a biotechnologist at the University of Copenhagen in Denmark. Arppe was experimenting with random arrays of lanthanide compounds that luminesce in luscious shades of pink, blue and green. Then she stumbled across Pappu’s work and realised she’d inadvertently created a coloured PUF, one that was far more stable than any of the dye-based devices. Even so, “there hasn’t been a perfect PUF system yet,” she says. Scanning the readout of most of them, Arppe’s included, still requires specialist equipment and expertise.

The ultimate in security

At last, however, that could be changing, thanks to , a physicist at Lancaster University, UK. Like Pappu and Arppe, Young never planned to start fighting counterfeiting. He works on the properties of materials that are one atom thick, like graphene.

A couple of years ago, it struck him that these 2D materials still hadn’t found a killer application. The trouble is, they have random defects like impurities and holes in their atomic structure. That makes it “very difficult to make two devices that behave in exactly the same way”, says Young. Discussing the problem in a hallway with a colleague one day, he suddenly had a thought: the defects could actually be useful – in PUFs.

Young’s idea was to make security tags using flakes of 2D materials like graphene oxide or tungsten disulphide, which luminesce colourfully like Arppe’s lanthanides. Under a beam of light, the imperfections in each tag create . A smartphone’s flash is enough to excite the luminescence and the camera can capture it: no other equipment required (see diagram, above).

Young’s PUF is probably the most secure yet. Because the luminescence is dependent on each atomic defect, cloning the tag would involve manipulating each atom in the sheet. With current technology, that would take about the age of the universe. “Nobody is ever going to come up with a security solution that is more unique than the atomic scale,” says Young.

Best of all, Young’s work can potentially help tackle the scourge of fake drugs. The tags are, he says, safe for human consumption. Once they have passed government food safety tests, they could be printed directly on to pills, ensuring that each comes from a trustworthy source.

We don’t yet know whether pharmaceutical firms will adopt that idea. But in other areas the transition to things that cannot be faked could be swift. Young’s spin-off company, , recently struck a deal with OpSec, one of the world’s largest makers of holograms. The firm will start incorporating atomic scale PUFs into their holograms next year. The first products to get the treatment? Car parts… airbags included.

This article appeared in print under the headline “Genuine article”

Topics: Materials / security