The International Standards Organisation (ISO) has adopted a new standard which should bring significant security benefits to the hologram industry.
ISO 12931 covers ‘Performance criteria for authentication solutions used to combat counterfeiting of material goods’ and is – as far as we are aware – the first international standard to provide guidance to rights holders on how they can protect their products from counterfeits.
The introduction to ISO 12931 explains the growing problem of counterfeit products (or ‘material goods’, which includes manufactured finished goods, original equipment components and goods from nature), and states that: ‘The authentication element provides a specific and more reliable method of determining if the item is genuine or a counterfeit good’.
It goes on: ‘This international standard sets out the performance criteria for purpose-built authentication solutions. These authentication solutions are designed to provide reliable evidence, making it easier to assess whether material goods are authentic or counterfeit.’
The scope of ISO 2931 is also described carefully as… ‘intended to guide… organisations in the determination of the categories of authentication elements they need to combat those risks, and the criteria for selection of authentication elements that provide those categories, having undertaken a counterfeiting risk analysis.’
Definitions play a central role
For the security holography industry, a crucial element of ISO 12931 centres on the definitions (a required part of any ISO standard). ‘Hologram’ or ‘holography’ is not specifically used in the standard, which carefully does not promote any particular technology or features.
However, the standard identifies the use of only two types of authentication solutions: overt and covert. An overt authentication element and a covert authentication element are defined respectively as:
- (an) authentication element which is detectable and verifiable by one or more of the human senses without resource to a tool (other than everyday tools which correct imperfect human senses, such as spectacles or hearing aids)
- (an) authentication element which is hidden from the human senses until the use of a tool by an informed person reveals it to their senses or else allows automated interpretation of the element.
Dispensing with the idea of a ‘forensic solution’
ISO 12931 dispenses with the notion of a ‘forensic solution’, a phrase that’s often heard in discussion of authentication solutions.
Instead, it describes forensic analysis, and defines this as: “Scientific methodology for authenticating material goods by confirming an authentication element or an intrinsic attribute through the use of specialised equipment by a skilled expert with special knowledge.”
Thus a hologram, for example, meets the definition of an overt authentication element and, depending on the optical design, may also contain parts that meet the definition of a covert authentication element.
Forensic analysis can also be applied to a hologram by microscopically examining the diffraction pattern to ascertain that it matches that of a genuine hologram.
This concept of overt and covert authentication elements is carried through to a discussion on the ‘audience’ for information about the elements adopted on a material good. The general audience will receive knowledge through public media – advertisements, websites, marketing materials – whereas the restricted audience comprises people that need to know about the specifics of the authentication solution and how to examine it.
An authentication tool will be required to examine a covert solution, and thus information about what to look for with this tool will be made available only to the restricted audience.
In describing how an overt solution is examined, ISO 12931 states that: ‘Ideally, the inspector will have a genuine authentication element as a reference comparison,’ going on to say: ‘Overt authentication elements must be difficult to copy accurately so that their absence or their imperfections will alert examiners to the fact that a material good may not be genuine.’
ISO 12931 also discusses the relationship between authentication solutions and track and trace solutions. It states simply that: ‘Track and Trace technology when used alone is not considered to be an authentication solution.’
Covert authentication elements, it points out, require a tool for examination, and that tool may be standalone and reveal something in the authentication element to human senses (or may require a network connection).
Risk analysis: the key
These discussions of the categories of authentication solutions are important, but they’re really a preamble to the key section of ISO 12931 which explains to authentication users how to assess the performance criteria they require of their authentication solutions.
It recommends that a user undertakes a risk analysis before assessing which category or categories of authentication solution provide the functionality to meet the risks thus defined.
The characteristics to be considered are not only those related to the obvious authentication functionality, but also physical characteristics such as size and thickness, environmental durability and so on – issues which are often overlooked by users (and which can prove awkward for suppliers, as the US Bureau of Engraving and Printing’s crumple test has shown in which holograms did not pass scruitny when first proposed for use on US dollar bills).
Authentication aspects that should be considered include tamper resistance and attack resistance: points which may seem obvious to suppliers but which users often need reminding they need to consider.
Having addressed risk analysis and then the selection and implementation of authentication solutions, ISO 12931 guides users through an effectiveness assessment. ISO 12931 takes a lifecycle approach to authentication, recognising that it may be important to authenticate a material good long after its first sale, but also proposing that users need to remain active in assessing the effectiveness of the solution they’ve adopted.
Users cannot sit back, complacent in the knowledge that they have an authentication solution, but need to carry out regular effectiveness assessments.
According to ISO 12931: ‘Effectiveness assessment is a means to evaluate that a solution is complying with the established standards and if the solution is providing a measurable result.’
ISO 12931 also follows up on its recommendations to users in that it shows a risk analysis and authentication solution selection process, as well as including selection criteria tables in Annexes to the main standard.
Benefits for the holography industry
Before the publication of ISO 12931, brand owners and other rights holders were dependent on authentication solutions providers to guide them through their requirements for the protection of their material goods (or, in some few cases, they have been provided with guidance from their Trade Association).
Dependence on suppliers for guidance has been, understandably, uncomfortable for many rights holders so they have preferred to do nothing and turn a blind eye to their losses to counterfeits.
For the first time, they now have an objective guide to how to proceed.
This in itself should encourage more rights holders to take seriously the counterfeit problem and how they can protect against it. The success of management practice standards such as ISO 9000 shows how beneficial an international standard can be in providing common principles and practices.
Ultimately, ISO 12931 should encourage the use of authentication solutions. More particularly, it encourages the use of overt and covert solutions, functional categories that can be combined in one hologram.
It’s now up to secure hologram suppliers to build compliance with ISO 12931 into their marketing materials and training.
Ian Lancaster is general secretary of the International Hologram Manufacturers Association
*Ian Lancaster was a member of the ISO Committee that produced ISO 12931, while the IHMA was involved from an early stage in developing the document
Free Download: The Video Surveillance Report 2023
Discover the latest developments in the rapidly-evolving video surveillance sector by downloading the 2023 Video Surveillance Report. Over 500 responses to our survey, which come from integrators to consultants and heads of security, inform our analysis of the latest trends including AI, the state of the video surveillance market, uptake of the cloud, and the wider economic and geopolitical events impacting the sector!
Download for FREE to discover top industry insight around the latest innovations in video surveillance systems.
