top of page
Two factor authentication for physical products (p2FA)

Two factor authentication is the gold standard for protecting transactions online. However, no equivalent approach has been developed for physical products. In response, we have developed new patent protected ADI technology to enable the first and only 2FA platform for physical products. This allows products to transit any unregulated sales channel securely, enabling the secure sale of any product, by anyone, through any channel. It also enables better security than serialisation, without the cost or complexity.

>How is it 2FA for physical products?

>How does it compare to serialisation?

>What are ADIs?

>Why is it unique?

>Why is it important?

>Is customer engagement, expertise, or education required?

>How we will leverage p2FA to develop the world's most comprehensive product security and digital health hub

2FA for physical products?

How is it 2FA for physical products?

 

Two-factor authentication is the gold standard for protecting transactions online. So, how is our platform 2FA for physical products? 

Factor 1. In conventional 2FA, the first factor is a user appearing legitimate to a website by logging in with the correct password. In the case of Nucleotrace p2FA, the first factor is the product appearing legitimate to a customer by presenting with the correct physical attributes. The first factor for both 2FA and p2FA rely on conventional ‘technologies’ that alone are regarded as insecure. 

Factor 2. In conventional 2FA, the second factor is an identifier code provided by a third party (an authenticator app) that confirms the first factor is legitimate. This identifier ‘times-out’ to prevent brute force hacking attacks. In the case of p2FA the second factor is also a unique identifier (ADI code) provided by a third party (Nucleotrace), that confirms the product is legitimate. This identifier also ‘times-out’ or self-destructs to prevent a package being replicated or reused. 

How does it compare to serialisation?

How does it compare to serialisation?

 

 

Unlike serialisation, p2FA is a customer driven solution that is intuitive to use, easy to implement, low-cost, and may be deployed as a complementary technology to serialisation in developed economies, or an entire security package in countries where serialisation is impractical or has not been implemented.

Presentation6.png

p2FA is less expensive and less complex. A key advantage of p2FA over serialisation is that it does not rely on trained individuals in a supply chain to document custody transactions and decommission unique identifiers at the point of sale correctly. This makes p2FA a less expensive and less complex solution than serialisation. It also enables products to transit any unregulated sales channel securely.

p2FA is more secure for four main reasons. Firstly, unlike serialisation, where the unique identifier is always visible and can be copied at any point in the supply and distribution chain, p2FA codes may only be copied in their 10-minute active time window. Secondly, p2FA codes do not rely on trained individuals a the point of sale to decommission unique identifiers correctly, which is subject to fraudulent activity and human error. Thirdly, p2FA extends the 'security chain' to the customer, not just the point of sale. Lastly, p2FA enables customers to rapidly and accurately detect counterfeit products in circulation. 

p2FA is easy to implement, suitable for developing and transition economies. Product serialisation has been implemented in pharmaceutical supply chains with considerable success in economies that score high on Worldwide Governance Indicators (WGI) for Government Effectiveness, Regulatory Quality, Rule of Law, and Control of Corruption. This is because product serialisation relies on highly regulated markets and sophisticated supply chain management. This is not a practical solution for many parts of the world that do not score high on WGI indicators, and where the implementation cost of serialisation is prohibitive. p2FA is a simple solution that is suitable for developing economies.

 

What are ADIs?

What are ADIs?

 

Auto-decommissioning identifiers (ADIs) are a unique identifier that exists in three physical states: concealed, active, and auto-decommisioned. Specifically they are (1) and anti-tamper device that is (2) coupled to a package opening mechanism and comprised of (3) a unique identifier which is (4) concealed until open and (5) may be scanned and validated by the customer, and (6) auto-decommissions (self destructs) after 10 minutes. ADIs are the key enabling technology of p2FA.

1. Anti-tamper device. ADIs are an anti-tamper device that is designed to complement serialisation by solving the problem of ‘direct-to-customer’ falsified and counterfeit medicines.

2. Coupled to an opening mechanism (e.g. seal or sticker). The ADI is activated by opening the package and therefore does not rely on a change in customer behaviour to initiate the auto-decommissioning reaction.

3. Unique identifier. The ‘unique identifier’ prevents more than one package being copied at a time and thereby destroys the business case for counterfeiters. It also provides a means for containment if counterfetti

 

4. Concealed until open. This prevents counterfeiters copying the unique identifier and duplicating packages upstream from the point of sale.

 

5. May be scanned and validated by the customer. Customer driven authentication permits safe online ‘grey market’ sales, as well as captures any possible counterfeits in circulation. When scanned, the unique identifier is electronically decommissioned. This information may be shared with the product manufacturer.

 

6. Auto-decommissions after 10 minutes. This takes the unique identifier out of circulation 10 minutes after a package is opened, without relying on a change in customer behaviour thereby eliminating replicated and reused package counterfeiting downstream from the point of sale.

Why is p2FA unique?
Why is p2FA unique?
Simple customer driven solution

Simple, customer driven solution. ADI auto-decommissioning is placed in the hands of the customer, who can visually observe real-time self-destruction of the unique identifier. Permits safe grey-market direct-to-customer sales.

Auto-decommissioning identifiers eliminate reused and recycle package counterfeiting

Auto-decommissioning safety net. Two routes for ADI decommissioning - automatic decommissioning of the physical identifier, and virtual decommissioning of the identifier through a smartphone application. If the user fails to decommission virtually, automatic physical decommissioning acts as a safety-net and takes the unique identifier out of circulation – does not require a change in consumer behaviour.

Counterfeit and diverted pharmaceuticals and cosmetics technology

Eliminates most types of falsified medicines. Fraudulent actors only have a 10-minute window to copy a unique ADI before it self-destructs. Eliminates reused, replicated, and diverted product counterfeiting. 

Brand protecting and trust

Increases trust, protects brand. Builds customer confidence, trust, and brand protection.

Affordable, inexpensive DNA tracing technology

Low implementation cost, low complexity.  Manufacturers and customers don’t need to rely on individuals at, and upstream from, the point of sale to validate custody transactions and decommission serialisation identifiers correctly. Easily integrated into packaging processes as a post-manufacturing step. 

Network effect and driving customer engagement

Drives customer engagement.  Product validation may be linked to a rewards scheme on future purchases from member pharmacies, driving network effects that further secure pharmaceutical supply chains.

Why is p2FA important?

Why is p2FA important?

Counterfeit products incur a massive human and economic cost. Our p2FA platform leverages proven 2FA technology to protect against counterfeit, diverted, and falsified products.

  • Customer driven solution. ADI auto-decommissioning is placed in the hands of the customer, who can visually observe real-time self-destruction of the unique identifier.

  • Does not rely on a change in customer behaviour. Two routes for ADI decommissioning - automatic decommissioning of the physical identifier, and virtual decommissioning of the identifier through a smartphone application. If the user fails to decommission virtually, automatic physical decommissioning acts as a safety-net and takes the unique identifier and package out of circulation. 

  • Increases trust, protects brand. Like 2FA that prevents fraudulent users appearing as legitimate, p2FA prevents fraudulent products appearing as legitimate.

  • Low implementation cost, low complexity. Manufacturers and customers don’t need to rely on individuals at, and upstream from, the point of sale to validate custody transactions and decommission serialisation identifiers correctly. Easily integrated into packaging processes as a post-manufacturing step. 

  • Drives customer engagement. Product validation may be linked to a rewards scheme on future purchases from member retailers, or linked to warranty verification, driving network effects that further secure pharmaceutical supply chains.

Is customer engagment required?

Is customer engagement, expertise, or education required?

 

Our p2FA platform is specifically designed not to require any customer engagement, expertise, or training - although we do encourage it.  Unique identifiers are displayed in ADI QR codes that can be scanned with pre-installed smartphone software, the decommissioning reaction is initiated by opening an anti-tamper sticker, and if customers do not scan the ADI code it will auto-decommission anyway and take that package out of circulation. We believe these features are critical to the widespread adoption of p2FA technology.

ADI features.png
bottom of page