Today IBM and Seagate Technology announced that the hard disk manufacturer plans to use blockchain and security technologies to reduce product counterfeiting. The project will enable customers to authenticate the provenance of disks.
The challenge with anti-counterfeiting physical products is if something is an almost perfect clone, which one is the counterfeit one?
Two layer check
Rather than just giving the disk an identity, Seagate is trying to identify both the disk and the contents of the disk. Even though the disk is empty, the contents can be unique.
The project will involve Seagate updating the private blockchain at the point of manufacture with product authentication data using its Secure Electronic ID (eID).
Then there’s the second layer of protection. A new disk will be purged of any data. And that deletion process also includes a digital certificate electronically signed by the device using Seagate’s Certified Erase. This certificate is also stored on the blockchain, so it’s a second unique identifier.
Let’s play devil’s advocate to see how a counterfeit operator might try to break this. The announcement states that the eID and Certified Erase capabilities can enable higher levels of trust of product provenance and proof of data erasure. If these are bulletproof and the certificates can’t be cloned, then the blockchain should work on its own.
At a minimum, they’ve made it much more work for a counterfeiter because the certificate stored on the disk has to be the one that matches the disk’s eID. Counterfeiters aren’t likely to use only one eID because it would be obvious if someone buys a batch of drives that all have the same id.
Say someone manages to copy the eID. It sounds like Seagate makes that hard. In theory, the Certificate of erasure should be a second check. However, if someone clones a disk, perhaps he could also clone that certificate? If that’s possible, then the blockchain record on its own may not be sufficient. However, it’s still beneficial provided every verification check is recorded.
For example, if a PC manufacturer based in the US goes to verify a disk, and that check is logged, and then someone else a day later tries to verify a drive in China, there’s a good chance one of them is counterfeit.
Additionally, counterfeiters are likely to buy a batch of original disks. In which case they will repeatedly re-use the same set of eIDs. So if verifications are tracked, then those eIDs should crop up frequently and could be flagged.
Obviously counterfeiting is a major issue for the manufacturers. But also for customers who might buy a sub-standard disk and lose their data.
Mark Re, senior VP and CTO at Seagate said: “By combining Seagate’s innovations in product security with IBM’s blockchain expertise, we want to prove that we can help reduce the incidence of product counterfeiting in the future.”
In the future, Seagate and IBM expect to expand the network to include supply chain partners.
IBM’s Blockchain uses Hyperledger Fabric technology. The Hyperledger Global Forum takes place in Basel, Switzerland on 12-15 December. Ledger Insights is a media partner and this code will provide a 20% discount: HGF18LEDGER