mPedigree’s Goldkeys© solution offers a mass serialization system that can help with product tracing and consignment tracking but it is not really an authentication technology, is it? It can certainly not guarantee 100% that a product is a genuine item even when the HIDDEN CODE (‘HID’) exists in the validation dataset and has never been checked previously. This is because the incoming HID can be from the first ‘duplicate-pack’ of a series of fakes. Not so? While it is of course true that no anti-counterfeiting system can offer 100% fool-proof security either in theory or in practice, the authentication element of the Goldkeys© system is based on the end-to-end supply chain validation mechanism, and the record of custody that is maintained across multiple actors in the supply chain, and not just on the SMS validation alone. For instance, there is a market ‘pre-scanning’ module that prevents brand owners/managers from putting packs of a product in the market if a duplicate has already been successfully validated. This in effect means that brand owners are able to react and remedy even the challenge posed by a ‘successful fake’, as in the hypothetical scenario described above. So while the system does not provide 100% assurance, as indeed no brand protection system can, it must be emphasised that, in comparison with other techniques accepted as offering authentication, Goldkeys© does provide a high degree of authentication. Girl unsure about the authenticity of the product at supermarket

Well, but isn’t the mPedigree Goldkeys© solution working at cross-purposes with global serialisation initiatives based on GS1 standards, that are already being promoted in markets such as Europe, California, India, Brazil, Turkey and elsewhere? The markets where the Goldkeys© approach appears to be gaining ground do not appear to be creating the right compatibility frameworks for global trends. That is not actually accurate. The HID codes used for the authentication aspect of the Goldkeys© system are playing the role of ‘triggers’ of a back-end process, and are not designed to be content carriers. They do not themselves represent any alternative standard, and can be tied rather easily to global frameworks such as GTIN or other similar standards with the click of a mouse

But isn’t it the case that because not all consumers actually SMS the HID through the public shortcode into the validation system, the loopholes in the mPedigree solution are bigger than is the case with systems that do indeed ensure that each HID is checked, such as for instance the EFPIA pilots in Europe that integrate various dispensing points, including those at retail level? Since the validation mechanism does not require 100% consumer compliance to pose a strong deterrence to counterfeiters or for the end-to-end system to be effective, the degree of ‘aggregate authentication’ remains very high. In fact, there is no algorithm capable of predicting which end-consumer in which segment of the market or geographical location will eventually send in the HID, thus providing a randomised control that is as theoretically difficult and complex to breach as the EFPIA and IOM recommended approaches.