Banking on Serialization
One of the greatest challenges to using RFID for product authentication is easing data sharing. “Will there be a big database in the sky with all our codes?” I heard many ask at RFID World in Dallas.
AstraZeneca isn’t waiting for an answer. It is moving ahead with a non-RFID product authentication solution. The drug maker is launching its Serialized Authentication Program for Nexium (everywhere but in the United States). Each cartoned blister package carries a serialized unique carton number (UCN) in both a Data Matrix code and a human-readable alphanumeric number, and a tamper-evident security seal (TESS) containing a unique serial Data Matrix code. Software developed by Authentix (Dallas) assigns randomized serial codes to the TESS. Once the TESS is applied to the carton, the serial code is activated, validated, and entered into a database housed by AstraZeneca. The UCNs are then linked in the relational database to the Data Matrix codes on the unit-level TESS.
RFID’s end-to-end supply-chain visibility is surely more sophisticated, you may be saying. Trouble is, the supply chain isn’t that sophisticated yet. At RFID World I listened to pharma companies that have had real success in internal pilots and with selected trading partners. But a supply chain that can authenticate legitimate product—and call out fake product—at any point, any time, is not yet in place.
To be fair, the Serialized Authentication Program itself is still in development. AstraZeneca and Authentix are focusing on the front and back ends of the supply chain first, with plans to work inward when the time is right.
“Mass serialization in which products are identified at the front and back ends of the supply chain is more manageable,” says Jim Rittenburg, vice president of healthcare and life sciences, Authentix. “It gives companies more control during manufacturing and dispensing rather than trying to track a product through the entire chain.”
Rittenburg envisions the program working much like the way credit card purchases are currently approved. Products are authenticated at the point of dispensing, just like a credit card is verified at the point of purchase. If a serial number is called up at more than one dispensing site, the product is flagged as suspect. There is no central repository for banking information—just a rapid, secure system in which banks and merchants communicate. “These principles need to come over to the drug industry,” says Rittenburg.
Ironically, companies driving RFID use have already started working with banking-industry technology providers for help. Chipmaker Texas Instruments and pedigree-solution provider SupplyScape have both announced programs with VeriSign.
For proof that AstraZeneca’s program is the best approach, Rittenburg points to the European Federation of Pharmaceutical Industries and Associations (EFPIA) November 2006 endorsement of serialization “as the most promising solution to fight counterfeiting and illegal diversion threats in Europe and globally.”
AstraZeneca’s program is impressive in its simplicity and practicality. And the banking industry is a good model for a ubiquitous, rapid, easy-to-use authentication system. But the system will need more safeguards. The U.S. Department of Justice cites a study conducted in Montreal in 1997 that showed that credit card fraud was successful 45% of the time at checkout. For the drug industry to bank on such a system, it needs to offer much better numbers.