With no fanfare or publicity, the International Standards Organisation (ISO) has adopted a new standard which should bring significant benefits to the hologram industry. ISO12931 covers Performance criteria for authentication solutions used to combat counterfeiting of material goods, and is – as far as we are aware – the first international standard to provide guidance to rights holders on how to protect their products from counterfeits.
The introduction to the Standard explains the growing problem of counterfeit products (or ‘material goods’, which includes manufactured finished goods, original equipment components and goods from nature), and states that ‘The authentication element provides a specific and more reliable method of determining if the item is genuine or a counterfeit good’. It goes on: ‘This International Standard sets out the performance criteria for purpose- built authentication solutions.
These authentication solutions are designed to provide reliable evidence making it easier to assess whether material goods are authentic or counterfeit.’ The Scope of the standard is also described carefully as: ‘intended to guide…organisations in the determination of the categories of authentication elements they need to combat those risks, and the criteria for selection of authentication elements that provide those categories, having undertaken a counterfeiting risk analysis.’
For the security holography industry, a crucial part of 12931 is the definitions (a required part of any ISO standard). ‘Hologram’ or ‘holography’ is not specifically used in the standard, which carefully does not promote any particular technology or features.
However, the standard identifies the use of only two types of authentication solutions, overt and covert. An overt authentication element and a covert authentication element are defined respectively as:
* (an) authentication element which is detectable and verifiable by one or more of the human senses without resource to a tool (other than everyday tools which correct imperfect human senses, such as spectacles or hearing aids);
* (an) authentication element which is hidden from the human senses until the use of a tool by an informed person reveals it to their senses or else allows automated interpretation of the element.
The Standard dispenses with the idea of a ‘forensic solution’, a phrase that is often heard in discussion of authentication solutions. Instead, it describes forensic analysis, defining this as:
"scientific methodology for authenticating material goods by confirming an authentication element or an intrinsic attribute through the use of specialised equipment by a skilled expert with special knowledge".
Thus a hologram, for example, meets the definition of an overt authentication element and, depending on the optical design, may also contain parts that meet the definition of a covert authentication element. Forensic analysis can also be applied to a hologram by microscopically examining the diffraction pattern to ascertain that it matches that of a genuine hologram.
This concept of overt and covert authentication elements is carried through in to a discussion of the ‘audience’ for information about the elements adopted on a material good. The general audience will receive knowledge through public media – advertisements, websites, marketing materials – whereas the restricted audience comprises people that need to know about the specifics of the authentication solution and how to examine it.
An authentication tool will be required to examine a covert solution, and thus information about what to look for with this tool will be made available only to the restricted audience.
In describing how an overt solution is examined, ISO 12931 states that ‘Ideally the inspector will have a genuine authentication element as a reference comparison,’ going on to say ‘Overt authentication elements must be difficult to copy accurately so that their absence or their imperfections will alert examiners to the fact that a material good may not be genuine.
The Standard also discusses the relationship between authentication solutions and track and trace solutions. It states simply that ‘Track and Trace technology when used alone is not considered to be an authentication solution.’ Covert authentication elements, it points out, require a tool for examination, and that tool may be standalone and reveal something in the authentication element to human senses, or may require a network connection.
Risk analysis the key
These discussions of the categories of authentication solutions are important, but they are a preamble to the key section of ISO 12931, which explains to authentication users how to assess the performance criteria they require of their authentication solutions. It recommends that a user undertake a risk analysis before assessing which category or categories of authentication solution provide the functionality to meet the risks thus defined.
The characteristics to be considered are not only those related to the obvious authentication functionality, but also physical characteristics such as size and thickness, environmental durability and so on – issues which are often overlooked by users (and which can prove awkward for suppliers, as the US Bureau of Engraving and Printing’s crumple test has shown, in which holograms did not pass this test when first proposed for use on US dollar bills).
Authentication aspects that should be considered include tamper resistance and attack resistance, points which may seem obvious to suppliers but which users often need reminding they need to consider.
Having carried out a risk analysis, then selected and implemented authentication solutions, ISO 12931 then guides users through an effectiveness assessment. The Standard takes a lifecycle approach to authentication, recognising that it may be important to authenticate a material good long after its first sale, but also proposing that users need to remain active in assessing the effectiveness of the solution they have adopted.
Users can’t sit back, complacent in the knowledge that they have an authentication solution, but need to carry out regular effectiveness assessments. ‘Effectiveness assessment is a means to evaluate that a solution is complying with the established standards and if the solution is providing a measurable result,’ according to the Standard.
The Standard follows through on its recommendations to users, in that it shows a risk analysis and authentication solution selection process, as well as including selection criteria tables in Annexes to the main standard.
Benefits for the holography industry
Before the publication of this Standard, brand owners and other rights holders were dependent on authentication solutions providers to guide them through their requirements for the protection of their material goods, or, in some few cases, they have been provided with guidance from their trade association. Dependence on suppliers for guidance has been, understandably, uncomfortable for many rights holders so they have preferred to do nothing and turn a blind eye to their losses to counterfeits. For the first time they now have an objective guide to how to proceed.
This in itself should encourage more rights holders to take seriously the counterfeit problem and how they can protect against it. The success of management practice standards such as ISO 9000 shows how beneficial an international standard can be in providing common principles and practices.
Thus ISO 12931 should encourage the use of authentication solutions. More particularly, it encourages the use of overt and covert solutions, functional categories that can be combined in one hologram. It is now up to secure hologram suppliers to build compliance with 12931 in to their marketing materials and training.
ISO 12931 is available to download and will also be available from national standards agencies.