If I Were a Counterfeiter…

If I were to think as a counterfeiter, I would want to exploit every weakness in anti-counterfeiting technologies and also want my illicit products to slip into the supply chain as quietly as possible.

Before exploring how a counterfeiter thinks, let's look at the strategies that work and the ones that aren't as effective. In a previous article, I discussed Applied DNA Sciences and botanical DNA as a new anti-counterfeiting technology. The key to the best security is to have processes and materials that cannot be cloned so that the counterfeiters are unable to imitate the markers themselves. (See: Counterfeiters Meet Their Match in DNA Tagging.)

I've also written about the effectiveness of RFID tagging but discovered that — for about 10 euros — a duplicate tag can be produced. Consequently, the best technology for anti-counterfeiting must be both unclonable and affordable so that even small businesses can protect their product lines from incorporating illicit parts and materials.

Counterfeiters are beginning to realize this. So, let's take a trip into a counterfeiter's mind.

If I am a counterfeiter, RFID wouldn't really scare me because all I have to do is get my cloned tag through the supply chain before the real one enters it. In that case, the subsequent scan on the original tag will set off the alarm that a cloned tag must have been scanned previously at the same scanning station. The alarm bells flagged the existence of my counterfeit, but now it is a race to get the bogus tag through all remaining scanning stations and into the distribution system before the real tag is scanned for the first time.

That won't be a big problem if the first and bogus shipments go by air and the second by ocean freight. Or, I could just grab the original RFID tag off one container and slap it on my own container, which is filled with my bogus parts. As far as the shipper knows, it has the licit goods in its cargo holds. No, with my sophisticated network in full swing, RFID isn't really a problem. I just have to make sure I keep my people at the logistics end of things well paid and happy.

What am I going to do with plant DNA markers? It can't be as easy as making my own DNA ink with just any plant growing in my backyard. That would be too easy. I have to assume that the boys in white coats have some kind of extra security built into their DNA markers. But I also know that it still costs time and money to verify a genome sequence. So, if I want to defeat the DNA tech, I had better focus on moving as quickly as possible to beat the wholesale DNA deployment timeframe. This technology will become truly ubiquitous, spurred on by the ever decreasing cost of sequencing.

Just a few short years ago, a sequencing operation required weeks or months of intensive lab forensics and cost many thousands of dollars. Now, the same operation can be performed on a table top sequencer in a matter of hours and at a cost of about $1,000.

I know that DNA tagging is only in the early testing and verification stages, so I don't have to be too concerned about it now, but I had better start using some of the millions of dollars I am making from my counterfeit parts and invest my own R&D into reverse engineering. I need to discover the ingredients of the secret sauce that has the military's confidence level so high in this technology.

There's another technology that, as a counterfeiter, I'm not sure how to crack. My own lab techs have been able to look at and clone every encryption key on all the non-volatile memory devices like EEPROMS and Flash because all the data is still there when the power is switched off and the chips are removed from the board. And, I'm not even using expensive forensic techniques for reading those keys. Everything I am doing is standard operating procedure for the usual failure analysis processes. For those encryption schemes that have off-board keys, all I have had to do is tie into the bus circuit and read the bits as they come streaming by.

But I have my work cut out for me with this new anti-counterfeiting technology incorporating Physically Unclonable Functions (PUFs). The new hardware-intrinsic security is based on the properties of device materials at sub-micron levels. That, in itself, is not a big hurdle, but the encryption key is only present when the device is powered on, and every single chip has its own unique key. Even if I could get one key, it would only be for that one chip, and I would have to destroy it in the process. Every chip key is different. The marker is intrinsic in the silicon. And the marker disappears if I remove the power from the part. This is going to slow my business down for sure.

I will have to learn much more about this technology; otherwise, I am out of business for semiconductor devices.

Right now, I understand that microprocessors, microcontrollers, certain oscillators, and FPGAs are inherently primed for this technology, but it is only a matter of time before they build these dedicated encryption arrays into smaller devices that don't need memory except for incorporating encryption key placement.

My boys downtown tell me Douglas is going to write a follow-up article about this technology. I'm going to make sure we follow this guy closely. We may have to make him a nice pair of cement overshoes and take him for a little ride down by the East River. Ain't that right, boys?

32 comments on “If I Were a Counterfeiter…

  1. opeters
    May 7, 2012

    Douglas, thanks for your engaging article. I am not sure, however, whether it is a vote of confidence in the APDN technology that is currently available, or a preference for the PUF technology under development. You had mentioned you were going to meet with the Applied DNA Science team with regard to costs and timetable, any news there?  By the way, I understand APDN is working with the College of Nanoscale Science and Engineering in an effort to intergrate their DNA tech within computer chips, here's a link to the video/press release FYI..  Thanks again!

  2. dalexander
    May 7, 2012

    Opeters I believe what really nails the security for Applied is that they also manipulate the plant DNA with an integrated marker so it is more than just the raw DNA. I think it is their secret process which locks down the security. The PUF solution is not an add-on process in the marking stage because the bit train is already intrinsic to the device. The sequence is picked up before packaging and recorded instantaneously for electronic verification via a secure server access. While DNA marking cost is virtually negligent, it is the cost of post-scanner verification/authentication via lab testing that may be not practical for small companies. Also, remember the other trade-off, PUFs are limited to semiconductors with latches or SRAMs and therefore, currently device application is limited. In the end, I think we might see hybrid security measures using multiple technologies across the supply chain.

  3. prabhakar_deosthali
    May 8, 2012

    In my opinion, all these new technologies are going to be expensive for encryption at the manufacturers end and decryption at the buyer end.

    If such advanced technologies are applied on the packaging ( not the chip packaging but the material packaging) and if the packaging is made more secure and tamperproof then it will become an economical and feasible for all suppliers and buyers.

    Such technologies can then be applied for all size, passive as well as active components and won';s require a special process to be added in the manufactruing of the components.


    May 8, 2012

    I believe Philips has been shipping product with PUF for many years so you can probably find some interesting information there.

  5. ITempire
    May 8, 2012

    Since, there is no immediate introduction of DNA expected, so counterfeiters can relax. They can probably enjoy the counterfeiting era as RFID and other measures are in their pockets. Even if DNA method comes, there will be solution through reverse engineering soon as the counterfeiting market is too lucrative and the participants cant accept defeat. The even bigger challenge will be to make this DNA technology cheap enough so that small-size manufacturers are able to adopt it.

  6. ITempire
    May 8, 2012

    @ Prabharkar

    “If such advanced technologies are applied on the packaging “

    You have made a valid point. The counterfeiters then have to get hold of packages of used products and they can then repack their counterfeit products into original packages. That seems impossible.

    Also we have to assume that counterfeited packages arent a possibility; which unfortunately they are. The risk of counterfeited products are similar to those of counterfeited packages.


  7. dalexander
    May 8, 2012

    Prabhakar and WaqasAltaf, We have been talking mostly concentrated ink DNA solutions, but the DNA can also be added to adhesives so if a packaging tape has the OEM's Logo printed (ink) marker and the adhesive tape securing the shipping carton flaps and edges together, throw in a DNA spray all over the carton as in the case of the earlier article mentioning the company marking their rolls of copper, then we have an even harder to clone security method. I will be meeting with the tech folks at Applied very soon and I will explore with them the directions they have been considering and mention carton/container level security. I will follow up with another post. I know Opeters has been following this with great interest.

  8. dalexander
    May 8, 2012

    All, I am getting dangerously close to mere speculation on the full capabilities and limitations of DNA marking. I do not want to go too much deeper Into this until I have met with the scientist involved. Let me make sure we are on solid technical ground before this subject coverage becomes too diluted and mushy to be of any real worth. Standby for the rock solid information.

  9. dalexander
    May 8, 2012

    Flyingscot, Great hearing from you! I will try to find the contact at Philips and get back to you. Thanks for the heads-up.

  10. sdrobac
    May 8, 2012

    Douglas – You note in your post that you “discovered that — for about 10 euros — a duplicate tag can be produced”.  I'm a long-tiome RFID guy, and have anticipated such a thing happening eventually, but had not heard about it until I saw your post. 

    It has long been possible to copy the user-programmed number in an RFID tag and load it into another tag, but all of the RFID chips being produced today by mainstream suppliers also have a unique Tag IDentifier, or TID, which cannot be changed.  So if a true clone can be produced, that means that some (rogue?) chipmaker is producing a chip with a writeable TID.  If that's the case, I'd love to learn more.  Can you pass on any background you might have on the topic?  Thanks!

  11. dalexander
    May 8, 2012


    If you give me your email, I will send you an excellent PDF that covers this. I have a contact page at

  12. dalexander
    May 8, 2012

    Flyingscot, Philips are the key pioneers of PUF research. There are a number of papers online that you can read by searching “Philips Using PUFs”. Some of the PDFs are general introductions and others go into testing detail that is really intriguing. Can you help me find an article where they are actually shipping their products with PUF security for the mass market?

  13. sdrobac
    May 10, 2012

    Douglas – Thanks!  The authors of the report you referred to (the EU-funded BRIDGE program) do a pretty good job of laying things out, and I don't see anything to disagree with.  The 2 key takeaways regarding cloned tags, in my opinion:


    1.        Tags (the chips, specifically) cannot currently be cloned, at least in the form of normal tags placed on any large volume of items.  However, it is possible – and will likely be financially rewarding – for bad guys to, at some point, produce “blank” chips that can be programmed as clones.  Once that happens, the clones will be detectable by firms which maintain good databases and communications infrastructures, but perhaps not quickly enough to prevent significant losses.

    2.        Although tags cannot be cloned yet, a tag can be impersonated by a relatively simple battery-powered PC board-based solution.  This is the 10-euro fake that you mentioned in your original post.  Such a tag generally won't look like a normal RFID tag, but in some cases it can be hidden or possibly disguised as a large ruggedized tag.  This is potentially an immediate threat for some high-value items.


    It will be interesting to see how long it takes for the above scenarios to have an impact.

  14. Anand
    May 10, 2012

    The marker is intrinsic in the silicon. And the marker disappears if I remove the power from the part. This is going to slow my business down for sure.

    @Douglas, I think PUF's now only slow down the business but they have reliability issue as well because they are subject to environmental variations such as temperature, supply voltage and which can affect their performance.


  15. opeters
    May 10, 2012

    Douglas, Here's a new development I thought appropriate to share regarding authentication using an iphone.


  16. dalexander
    May 10, 2012

    Anandvy, Actually, they are not subject to these stresses which makes them more robust. In accelerated stress screenings, it was determined that even the aging of the silicon did not impact the integrity of the PUF. That is why this is a viable security. If you are interested in the lab reports, email me and I will forward them to you. The test simulated 20 years over a couple of months. It is called HALT and HASS testing. Highly Accelerated Life Testing for HALT.

  17. elctrnx_lyf
    May 11, 2012

    Douglas, that's really a nice wrteup. Fun to read with good introduction on puf. Looking forward to know more. But is it really possible to put these into passives and small active components.

  18. dalexander
    May 11, 2012

    Elctrnx_lyf, Your question is very significant. It is probably the most asked question from a standpoint of universal application deployment. Right now I need to ask that question of some key researchers. If ceramics and organic materials can be included then there has to be some other kind of PUF not based upon silicon gate technology. Polymers might be infused with carbon nanotubes for this purpose, but let me look into this as the implications for a positive response are tremendous. Standby.

  19. paulwolb
    May 14, 2012

    Very Interesting.  I took away these things from the article: 1) A Sticker on a Container of parts is not a solution; 2) Solution must be automated and also identify counterfeits already in the inventory.

    DNA technology points out that the verification must be inherent to the component in question.  With the stakes as high as it is, relying on Chain of custody is not just a huge mistake, but have likely already pervaded Global component inventories with counterfeits.  People are corruptible.

    If I were a counterfeiter, rather than breach a secure system, I'd pay people to vouch counterfeit products into secondary or tertiary supply chains upstream that would drift into primary markets.  Keep trying until you find one that taps into your target market.

    A better solution is Quality Control/Testing.  If you come up with a testing standard, you can create devices that automaticxally puts a component through a round of tests with random inputs that knows what outputs to expect.  If a component's features return the correct answer to the questions, within specced performance, then you can consider the component non-counterfeit.

    This device(s) should also vouch components already in the industry so serves a dual purpose.  And counterfeiting provides a company with cost justifications for purchasing equipment, hiring Component QA professionals, and implementing robust procedures.

    If I were a well-funded Chinese Company or North Korean operative with adequate resources, I could pay more to get the top-secret technologies and product a counterfeit product of equal quality that will perform reliably, but this is a far less attractive and profitable endeavor.  I'd switch to an easier target and market.

  20. Barbara Jorgensen
    May 14, 2012

    Wow. There goes the path of least resistance for counterfeiters. I'm sure a lot of these guys can out-engineer the best of security tags, but I'm thinking about ROI. How much money would you have to make to make it worthwhile? Pulling parts off a board is one thing, but dodging RFID and plant DNA takes it to another level. I'm wondering if there is a cadre of tecchies out there that develop this stuff and then sell or license it to counterfeiters? Do counterfeiters have R&D budgets? Fascinating stuff…

  21. dalexander
    May 14, 2012


    Your point is the sticking point in any security environment. If you can appeal to the greed response in an unscrupulous character placed in a critical position in a security network, your security is compromised. In that event, the employee himself could be a counterfeit with the only intention for hiring on was to be able to get the critical information for his REAL employer. OOOOOOOOOOOOO7 intrigue! I am trying to leave plenty of room here for healthy paranoia. 

  22. dalexander
    May 14, 2012


    A thousand apologies for “Baraba”…although it is kind of a cool name. I guess in Hebrew that would mean something close to Son of aba which is close to abba which means Father in a very endearing way.

  23. Barbara Jorgensen
    May 15, 2012

    Douglas: I think we are on to something here. I think it is more Tom Clancy than 007, although I never read any of the Ian Fleming novels…

  24. bolaji ojo
    May 15, 2012

    Douglas, Glad to see Barbara's name can be upended too. I have had the pleasure of being known as blji, bojali, bojo or some other variation of my name. Interestingly, some of these errors have come in emails, which makes me wonder about the emails I didn't receive because somebody couldn't figure out how my correct mailing address!

  25. bolaji ojo
    May 15, 2012

    Paulwolb, I like the term “chain of custody” and especially your assessment that this cannot be relied upon to fight counterfeiting. In fact, the reliance on that “chain of custody” is the centerpiece of many people's argument. Buyers are asked to buy only from franchise distributors alone or the actual manufacturers. This presupposes that these sources cannot be corrupted. It represents a baseline, only, though. As you noted, people can be bought.

  26. Barbara Jorgensen
    May 15, 2012

    Douglas and Bolaji: LOL!!! Douglas: no problem, typos make us all human 🙂 I like the background note: my name actually comes from “barbarian,” meaning “stranger.” I like your version better.

    Bolaji: I plead guilty to “Boloji”–why use two vowels when one will suffice? 😉


  27. BLYNCH
    May 15, 2012

    Wouldn't a large part of this problem go away if customers purchased from Authorized, Franchised Distributors / or Manufacturers direct, instead of searching the world for anyone who can supply a product for 'less'? 

  28. Barbara Jorgensen
    May 15, 2012

    @BLYNCH: In theory, absolutely. In practice, independents don't just sell stuff, they buy it as well. The imperfections in forecasting mean there will always be a supply/demand imbalance. The supply chain is a two-way street where partners buy and sell, and most independents buy and sell the same factory-made products OEMs and EMS companies are buying. While it is true that buying from an independent increases the risk you may end up with a counterfeit part, the terms “independent distributor” and “counterfeit” are not interchangeable. Reputable independents go to great lengths to avoid counterfeits.

  29. dalexander
    May 15, 2012


    Could you identify some of the independent distributors and tell us what they do to catch the counterfeit parts before they go into their stockrooms? Do they hire outside companies to do the work or do they have internal people assigned full time to the job.

  30. BLYNCH
    May 16, 2012

    I certainly am not saying 'independent' and 'counterfeit' are interchangeable but

    as you say, it greatly increases the risk, at that point why wouldn't you eliminate

    the greatest risk first and tighten up from there?

  31. Barbara Jorgensen
    May 16, 2012

    Agreed–that is actually a best practice, according to the ECIA.

  32. Barbara Jorgensen
    May 16, 2012

    Hi Douglas: I've spoken with America II, World Micro directly, and corresponded with several other independents within the past year or so. One of our bloggers, Dawn Gluskin, is a principal at an independent and writes at length about some of the techniques.

    America II buys its own equipment which consists of x-ray and scanning equipment and really good (forget the term–micron?) microscopes. Components go through both tests before they are sold. Most of the independents seem to do their inspection in-house, although I've heard of some that outsource it.

    I know there are a couple of different ways to scan/x-ray components. I know AmII uses the more robust of the options.

    I'll check a few sites and back to you with more technical terms. “Really good” microscopes doesn't really cut it…


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.