ORIGINLABEL IS AN UNREPEATABLE A REVOLUTIONARY IDENTIFIER FOR EACH OF YOUR PRODUCTS
Personalization machines and complete solutions, support for operations
EVERYTHING WHAT YOU NEED
Revolutionary Brand Protection
If you want to maximize your profit in the same time with raising customer trust and satisfaction, Origin Label will be able to help you while you make business more white.
Our solution provides genuine brand protection alongside the services provided by product designation labels. Patented high-tech ID tag production and associated offline-online reading process algorithm with multiple levels of protection.
The communication flow
The technology is based on a unique mark and a 2D code. The 2D code contains the electronic signature data of the Manufacturer or Issuer. Each product is signed. The Originlabel technology is able to assign the “carrier” (The Product) and the manufacturer information as “data” on different products in an authenticated way. The unique random mark is coming from a heavy ion accelerator. The recognition of the unique random mark is based on optical image processing. A special robust algorithm calculates a defined long string (data-representant) from the image for digital signature purposes (at least 2048 bit, or more length RAW RSA).
The digital signature data with the product information from the manufacturer is inserted into a 2D code (ISO/IEC 18004) or data matrix (ISO/IEC 16022) which is printed onto a label body or laser engraved around the unique random mark on the same foil.
Using a dedicated OriginLabel controller or „OriginLabel” mobile phone, the origin of the product can be verified off-line, using the manufacturer’s public key certificate.
The OriginLabel Centre is able to provide so called trusted verification service. In case of trusted verification, the verification result will be signed by the Centre and time stamped by a Certificate Authority, and the answer is sent back to the user across three channel: via OriginLabel application, via SMS and optionally via email.
Most frequent questions and answers
The OriginLabel is an Anti-Counterfeit product verification technology which gives unique security labels onto the products. These labels are able to ensure an easy check for anybody to decide that the product was manufactured, or issued by the entity who claims that.
OriginLabel consists of two parts. A unique mark and the digitally signed manufacturer or issuer claim (data). The unique mark is a non reproducable identification tag which is an at least 1 square millimeter sized PET or polycarbonate foil piece. These foil piece contains the real random located non-through pores fulfilled with unique luminescent ink, for general usage in 2 µm size. Most of the cases there is a QR code surrounding the unique mark in 4×4 mm size. In case of special need it is possible to take smaller or bigger sized QR code around the unique mark or near to it onto the label body. Further possibility for manufacturers or issuers to take only the identification tag to the label and the signed data will be stored in RFID chip near to the identification tag for easy check.
The OriginLabel is a security label which has to be placed – fixed – to each product, practically within a production site. These labels can be read – checked – by fixed-installed OriginLabel readers or by dedicated mobile phone.
To check the originality of any product there are two possibility “Commerce” and “Trusted” because according to Common Criteria an open network connected device has to be considered as unprotected environment, so the result of the check can be faked on the screen in a high attacking potential environment. Separated data-representant belongs to both checks under the digital signature data within the QR code. Each OriginLabel reader or dedicated mobile phone is able to execute “Commerce” level check on the spot without any network activity (Off-line check). The “Trusted” level check is available only by the on-line verification service of the OriginLabel Centre. In this case the compressed and locally signed (by dedicated SIM card) images go up to the Centre and the result of the verification will come back with time-stamped manner by a Certificate Authority on three different channels, within the application, via SMS and optionally via email.
The content of the QR code are given and digitally signed by the manufacturer or issuer in case of each label. The QR code contains all the necessary obliged information about the product given by the manufacturer or issuer. In most cases the product name, serial number, the issue and expire date, further product verification data, the international standardized barcode value and any special information for the product usage, for example storage temperature, humidity, , etc.. All products related data which is contained within the QR code will be shown on the reader’s screen.
It is strongly suggested to read the product information on the screen and to compare it with the given other information of the product in case of any suspicious case, otherwise the strong glue material is able to ensure that the label cannot be separated from the product without damage within the given temperature range.
In generally the label contains more than 10 000 real random located, in most cases 2 µm sized non-through pores in 1 mm2 area, fulfilled with unique luminescent ink. This 1 mm2 area will be checked on three ways.
- the three dimension check
- the luminescent ink spectral check
- Cryptography check
In case of fix installed readers the check is 3-4 seconds from the beginning – to place the label under the reader – until the appearance of the result on the screen. In case of “Trusted” verification, the timeframe for the check can be longer with 3-4 seconds depending of the speed of the Internet access to the OriginLabel Centre.
It depends on more facts, first of all the applied size of the pores. This range is from 450 nm – (optical diffraction limit) – until 4 µm, but suggested maximum 2 µm. The second factor is the possible dust size. Below 2 µm pore size special readers are needed. In generally at least the 50% of the processed area for cryptography has to be undamaged. That causes that smaller area than 0,5 mm2 cannot be offered. In case of special needs the data content of QR code can be applied in different size or ways like RFID.
To check an OriginLabel no need any database neither in case of Commerce, nor Trusted check. That causes there is no label database in the OriginLabel Centre. Each label contains all the necessary attributes to decide the originality of a product. The differences between the two methods – Commercial, or Trusted – are that in case of Commercial verification the secure token of the reader has the cryptographic key to process the Commerce datarepresentant, while to process the Trusted datarepresentant only the HSM module of the OriginLabel Centre has the necessary key and in Trusted verification case the digitally signed and a Certificate Authority time stamped answer of the OriginLabel Centre cannot be modified by any attacker.
OriginLabel technology carries passive verification attributes, where the manufacturing technology of the basic track-membrane material gives the guaranty that only one copy exists of any piece of the membrane which will be used for any label as real random mark and there is no way to produce two equal piece. In case of RFID only the high priced (more Euro) and at least CC EAL4+ or higher certified chip platforms are able to give similar, but not equal guaranty against copying. Not mentioning the radio frequency mass in case of power attack and the fact that according to Common Criteria there is no protection against high level attack.
Anybody can decide, that from the following 10 requirements, fulfilled by OriginLabel, how much can be fulfilled by any other anti-counterfeit technology:
- Unique, proven random marking of each product.
- Protection against copying of the unique product mark (Against photolithographic attack, only 3D structure is the protection).
- Protection against cloning of the unique product mark (Evidence is needed, that even the manufacturer is unable to produce two or more equal pieces).
- Determined length data-representant has to be calculated from the unique random mark.
- Robust data-representant is needed to identify the partly damaged random mark
- Authenticated assignment of the unique product mark – „Carrier” – with the manufacturer’s/issuer’s statement – „Data” (Digital signature).
- Authenticated product verification on the spot without database access.
- To ensure product verification check possibility on two layers.
(In case of high value product verification have to ensure possibility for independent verification check by the technology centre.)
(According to Common Criteria any open network connected computer has to be considered as unprotected environment.)
- More independent channels are needed to send the authenticated verification result of the OriginLabel centre to the client.
(Against unauthorized modification of the central digitally signed and time stamped (by Certificate Authority) verification result, the answer has to be sent within application, via SMS and optionally by email to the client.)
- To ensure that Unique Product Mark will be destroyed and invalid in case of any remove attack.