AUTHENICATION SYSTEM FOR USE WITH PHARMACEUTICALS

Abstract

An authentication system reads at random or in a predetermined sequence a few, typically 3 to 5, unique product identifiers inside the package to decide whether the content is authentic or not. This cross-referencing check does not require a database connection to a central repository or database. The unique product identifiers are produced when pharmaceutical products are manufactured using embossing, for example, and a product sequence is defined by physical attributes and locations of pharmaceutical products in the packaging, the product sequence then being encrypted and used to mark the packaging of the one or more packaging levels with a coding. The coding is used to authenticate the products in the packaging downstream in the supply chain.

Claims

1. An authentication system for pharmaceutical products, comprising: product manufacturing equipment that uses embossing technology to form and mark the pharmaceutical products with a coding; a packaging line that places the pharmaceutical products in one or more packaging defining one or more packaging levels; in-line reading equipment to determine a product sequence defined by physical attributes and locations of pharmaceutical products in the packaging, the product sequence then being encrypted and used to mark the packaging of the one or more packaging levels with a coding; scanning equipment at a point in a supply chain downstream from the packaging line, the scanning equipment including a camera that images the codings of the pharmaceutical products and of the one or more packaging levels and a processor that compares the codings to one another to authenticate whether the pharmaceutical products are genuine, wherein the product manufacturing equipment marks the pharmaceutical products without adding marking products such as inks to the pharmaceutical products, the encryption of the product sequence is achieved using public-private key, and the authentication of whether the pharmaceutical products are genuine is achieved without causing the scanning equipment to communicate with a central data repository away from the supply chain, and wherein the system is configured to produce a series of packagings each having a coding, the series of packagings and the codings collectively defining a blockchain that can be stored and used for authentication at any point in the supply chain.

2. The authentication system of claim 1, wherein the product sequence is encrypted into the coding for the one or more packaging levels using a hashing algorithm.

3. The authentication system of claim 1, wherein the product sequence is encrypted into the coding for the one or more packaging levels using a symmetrical encryption.

4. The authentication system of claim 1, wherein the scanning equipment further includes at least one of: a smart phone including the camera and the processor; a parallel Optical Coherence Technology (pOCT) scanner; and a time-of-flight camera.

5. The authentication system of claim 1, wherein aggregation of a group of packagings to be stored in an outer container occurs by forming the blockchain for the group of packagings and cryptographically securing the blockchain for marking on the outer container.

6. The authentication system of claim 1, wherein de-aggregation of a group of packagings stored in an outer container includes only destruction of markings or codings of the outer container but not of the group of packagings.

7. The authentication system of claim 1, wherein the physical attributes defining the product sequence are generated by the product manufacturing equipment, the product sequence being randomized by placement of the pharmaceutical products containing the physical attributes in the locations within the packaging.

8. The authentication system of claim 1, wherein the packaging levels include blister packs into which the pharmaceutical products are loaded, and one or more outer boxes in which the blister packs are loaded.

9. The authentication system of claim 1, wherein the packaging levels include a pill bottle into which the pharmaceutical products are loaded.

10. The authentication system of claim 1, wherein the step of authenticating whether the pharmaceutical products are genuine with the processor automatically provides tamper evidence, thereby avoiding a need for tamper-evidencing structures to be included with the packaging.

11. The authentication system of claim 1, wherein the coding on the packaging includes overt information in combination with the encrypted product sequence to help foil counterfeit attempts of the packaging.

12. The authentication system of claim 1, wherein the coding on packaging may be reapplied in the supply chain when the pharmaceutical products are repackaged down the supply chain, while maintaining traceable records that can be authenticated for each of the pharmaceutical products that has been repackaged.

13. The authentication system of claim 1, wherein additional security features separate from the coding are applied to the packaging.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0030] Various additional features and advantages of the invention will become more apparent to those of ordinary skill in the art upon review of the following detailed description of one or more illustrative embodiments taken in conjunction with the accompanying drawings. The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate one or more embodiments of the invention and, together with the general description given above and the detailed description given below, serve to explain the one or more embodiments of the invention.

[0031] FIG. 1 is a schematic flow chart showing a series of steps for production and aggregation of an encrypted hash, which may be implemented by a computer having a processor and similar equipment loaded with software, in accordance with one embodiment of the present invention.

[0032] FIG. 2 is a schematic flow chart showing a series of steps for authentication and verification of a sequence using an encrypted hash, which may be implemented by a computer having a processor and similar equipment loaded with software, in accordance with one embodiment of the present invention.

[0033] FIG. 3 is a schematic flow chart showing a series of steps for authentication using symmetrical encryption, which may be implemented by a computer having a processor and similar equipment loaded with software, in accordance with one embodiment of the present invention.

DETAILED DESCRIPTION

[0034] In accordance with one embodiment, the authentication system operates along the supply chain in the following manner.

[0035] Instead of only checking if the latest outside code is valid and included in a central database repository, as is typical in conventional systems, the authentication system reads at random or in a predetermined sequence a few, typically 3 to 5, unique product identifiers inside the package to decide whether the content is authentic or not. Again, this cross-referencing check does not require a database connection to the central repository and it can therefore be performed with relatively simple readers or smart phone software applications anywhere in the world while achieving security levels that are actually higher than the ones achievable by use of central repositoriesas their sub-systems are having to deal with their own error events (readers not working reliably, database errors, aggregation errors, internet connection problems, etc.). In many of those events the central repository systems have no other choice but to send product back to the manufacturer as it cannot be reliably authenticated when in the supply chain. The authentication system of this invention eliminates such issues, as any package in the supply chain is inherently secure and can be reliably authenticated when it is already in the supply chain without the need of going back to the central repository for any information.

[0036] In this regard, because the verification is within the blister pack itself in an example where the package is a blister pack, no database access or database management is needed for performing the authentication or verification of the blister pack. More specifically, verification codes and data do not need to be sent to external databases for verifying the authenticity of a blister pack and its contents. As a result, verification of the blister pack occurs immediately upon imaging and detection of the unique product identifiers, which means that packages such as blister packs can be verified as authentic within one second. Conventional systems reliant on communication with external servers do not compare favorably with the time efficiency offered by this anti-counterfeiting and authentication process.

[0037] The authentication system is hierarchic and can be extended to any level of packaging. A user always checks the code on the outer package and compares it with a small statistically-significant sample of the codes within to reach a desired level of authentication. In terms of information every package forms a block, which is cryptographically secured and some or all packages on the same level together with their printed (or naturally measurable) codes form a blockchain, which if packaged together in a larger box itself then forms a secured block on the next higher packaging level. This inventive system fully circumvents the problem of aggregation/de-aggregation, as for de-aggregation now only the codes of the outer packages must be destroyed, while aggregation now always happens the same way by creating a secured block. The specifics of how each block is cryptographically secured can vary widely based on the embodiment, as will be readily understood by those skilled in the art. As at the lowest level (the product or blister) the product code is random and linked to the unique physical properties of an individual product, the product itself can not only be tracked and traced by the system through the supply chain from manufacture to point of distribution, but also effectively authenticated with a high degree of confidence.

[0038] In one embodiment of the invention, coding created by the authentication system is cryptographically linked to the central repository coding, which will nevertheless be necessary because of governmental requirements in target markets. However, the benefits of reliable authentication at any point in the supply chain are still realized in such circumstances.

[0039] One example of such a set of governmental regulations that the embodiments of this invention help improve compliance with is described in the '257 Publication. In this regard, the embodiments described herein are potentially useful also in markets whereto datethe majority of dosage forms are shipped in bulk and re-packaged along the supply chain. Although there is a certain trend at least in the United States to introduce blister packs, bulk-deliveries and re-packaging will still be possible after introduction of new serialization policies, which in the U.S. was set to begin with a California state law that was to originally become effective in 2015. Under this law, the so-called electronic pedigree requires a record, in electronic form containing information regarding each transaction resulting in a change of ownership of a given dangerous drug, from sale by a manufacturer 14, through acquisition and sale by one or more wholesalers, manufacturers, or pharmacies, until final sale to a pharmacy or other person furnishing, administering or dispensing the dangerous drug. The pedigree shall be created and maintained in an interoperable electronic system, ensuring compatibility throughout all stages of distribution. See California Business and Professions Code Section 4034.1.

[0040] The rules regarding the pedigree do not, however, dictate the technological implementation of identifiers put onto pharmaceutical packaging, such as blister packs or bulk packaging. In fact, the California government's written summary on e-pedigree laws says specifically: The unique identifier . . . on each saleable container of prescription drugs will most likely be carried on either a 2D bar code or an RFID chip placed on the saleable unit by the manufacturer 14. The California Legislature has not mandated these specific technologies, but they are the two methods that have been identified that could meet the requirements of the legislation. It is noted that this California law (and many other proposed U.S. state laws that were set to go into effect after 2015) was superseded before enactment by a corresponding U.S. federal law entitled the Federal Drug Supply Chain Security Act (DSCSA). Under the DSCSA, any packaging or repackaging of pharmaceuticals must include affixed or imprinted product identifiers on each package so that genuine packages can be tracked through commerce using electronic monitoring and records gathering systems for a number of years. The authentication system proposed in this application will help manufacturers and suppliers in achieving compliance with the DSCSA and other local laws and regulations that may come into effect regarding this field.

[0041] In the field, if there is any suspicion that a package or some barcodes have been tampered with, when using the authentication system, it is possible to go down to any packaging level deemed necessary reading aggregated coding to evaluate authenticity of the product. In the authentication system such reading of aggregated coding on various packaging levels can even go down to the product level and thereby authenticate the contents of any package. Therefore, the hierarchical authentication system of this invention is almost entirely immune against simple copying of some or all barcodes on the packages by counterfeiters, which is deemed the most probable attack scenario based on currently-known counterfeit activity.

[0042] This approach of scanning the contents of a package also implicitly provides tamper evidence at the same time because it authenticates the content of the packages. The authentication system therefore allows manufacturers to avoid use of any expensive security tamper evidencing labeling of packages, additional tamper evidencing structures, etc., while at the same time gaining considerable additional authentication capabilities.

[0043] One implementation embodiment of the authentication system of this invention is described as follows.

[0044] A blister containing 10 tablets has a simple random tablet code sequence of up and down sides, converting to 0's and 1's in a data collection matrix. With 10 tablets, 1024 code sequences are possible. The printed code contains open information, (tablet type, lot number, date and time of manufacturing, manufacturing line, etc.) plus a cryptographic 7-digit hash code, which is generated by cryptographically combining the actual binary tablet code sequence with the open information. As the hash has 7 digits, 10 million hashes are possible, however, out of these only 1024 are possible correct hashes. A reader who knows the cryptographic scheme used (meaning it has the correct keys stored in it) can then immediately decide by simply reading the open information and the hash, if the hash can actually be a true hash or not. In a further step, for true authentication the actual physical binary sequence can be checked. One version or embodiment of these functions is described below with respect to FIGS. 1 through 3.

[0045] An embodiment creating higher level statistical testing is the following. There are n secondary packages (blisters packed in a carton, each carton having a unique product identifier printed on the outside) packed in one larger box, which has also a printed unique product identifier on its outside. A simple algorithm is assigning a binary number (or any other number for that matter) to each unique product identifier of each carton (for example, if the checksum of the unique product identifier is between 0-4 or between 5-9 gives a 0, resp. 1). Then the packages in the box form a binary (or any other) sequence depending on their position in the box. This sequence can again be encrypted and hashes or similar checks printed on the outside of the box. It is possible to predetermine a given (if possible secret) subsequence and have a shorter code for fast crosschecks. For example, if n=125 in a box, with 555 cartons a natural subset might be to simply read the topmost 5 codes on the cartons and their corresponding sequence to determine if the content inside the box is likely to be genuine and has not been tampered with.

[0046] Now turning to the flowcharts of authentication operations possible with the authentication system of the present invention, in FIG. 1, the production of an encrypted hash is shown as process 10. The encrypted hash is produced during initial manufacturing/packaging at the beginning of the supply chain (with product manufacturing equipment that uses embossing technology), or during aggregation in the supply chain. The actual product sequence or subsequence 20 (defined by physical attributes and locations of product in a blister pack 24, for example) and open information 22 such as the product, date time, and batch of the blister pack 24 are combined using a hashing algorithm 26 to form a hash value 28. This hash value 28 then goes through step of a private encryption of the hash 30 to form what is printed on the outside of the box 34, including the open information 22 as well as the encrypted hash value 32. From this encrypted hash value 32, the authentication of the package 24 and its contents can be performed in accordance with the invention.

[0047] In FIG. 2, the authentication and verification of the sequence using an encrypted hash is shown in flow chart form as process 110. The top portion of this Figure is the same as FIG. 1, e.g., the actual product sequence or subsequence 20 in the package 24 and open information 22 such as the product, date time, and batch are combined using a hashing algorithm 26 to form a hash value 28. This hash value 28 is compared to a confirmation hash value 120 determined using a public description of the hash 122 applied to the information printed on the outside of the box 34. If the hash values 28, 120 agree at comparison step 140, then the package 24 and its contents are authenticated. The authentication is performed using scanning equipment that only requires a camera and a processor, which may be found in modern smart phones for example.

[0048] In this embodiment, the hash is actively encrypted at hashing algorithm 26 with a private key and decrypted at the public decryption of hash 122 with a public key. This step can be omitted if a secret hashing algorithm is used or a known hashing algorithm is altered in a secret way, for example by using so-called salts and peppers or similar security schemes. Authentication of the product sequence in this particular example then happens by repeating the same hashing procedure and decrypting the printed hash with a public key. If both hashes are identical, the product sequence has not been tampered with, as set forth above. This method does not rely on remote database communication to conduct the necessary authentication.

[0049] In a further embodiment of the invention, the product sequence is encrypted using a symmetric key, the full encrypted sequence or a predetermined part of it is then printed on the outside box, or the back of the blister. For example, FIG. 3 shows a flow chart summarizing this embodiment of authentication using symmetrical encryption, as process 210. The top portion of the diagram shows the production of the package 24, in which the actual product sequence or subsequence 20 is combined with open information 22 such as the product, time, date, and batch, and then the product sequence is encrypted (at step 220) to form what is printed on the outside of the box 34, e.g., the open information 22 and the encrypted sequence 40. The bottom portion of the diagram shows what a user does to authenticate, including reading the encrypted sequence at step 230, using a public/private key scheme to decrypt the product sequence at step 240, resulting in a decrypted sequence 42, and then comparing the decrypted sequence 42 to the actual product sequence 20 at comparison step 250 to determine if the product and package are authentic. When these elements match, the product and package are authentic.

[0050] For authentication, the symmetric key to decrypt the sequences is sent to authorized receivers in encrypted form, using private/public keys to protect the symmetrical key from attacks. This exchange of information is indicated by the double-headed arrow shown extending between steps 220 and 240 in the flow chart of FIG. 3.

[0051] Moreover, multiple structures may be used to provide additional optical contrast or authentication/verification of the pharmaceutical and/or packing, as described in U.S. Pat. No. 8,715,725 to Stuck et al. In this regard, additional security features may also be added in combination with those identified in the embodiment above.

[0052] As briefly described above, a generalized example of one or more additional security features on the same blister pack as the security/authentication features described above is outlined as follows. To this end, the blister pack may also include one or more of: a 2D barcode, a hologram (which may include detectable defects and/or irregularities unique to the embossing tooling used to form the hologram), and lettering in the form of microtext. The microtext defines depth and/or lateral dimensions between 2 microns to 100 microns. To this end, a microtext may cover a larger area on the blister pack of several millimeters across (e.g., such as a 10 millimeter by 10 millimeter square of microtext). In practice, the micron sized features (microtext) are distributed over this area, but the features need not be connected.

[0053] In the virtual world, blockchain-related technologies create blockchains and then distribute identical copies of same on many computers, with the copies being continuously updated and authenticated using various distributed ledger systems depending on the specific blockchain technology being used. In the present invention, the blockchain is physically implemented as the box plus the code on the box, e.g., by using random codes extracted from individual physical product properties.

[0054] While the present invention has been illustrated by the description of various embodiments thereof, and while the embodiments have been described in considerable detail, it is not intended to restrict or in any way limit the scope of the appended claims to such detail. Thus, the various features discussed herein may be used alone or in any combination. Additional advantages and modifications will readily appear to those skilled in the art. The invention in its broader aspects is therefore not limited to the specific details and illustrative examples shown and described. For example, the invention described herein is not limited to application on pharmaceutical blisters, but instead can be used for any product and package which allows to generate a reproducible unique random code for each product for example from a picture taken with a camera. The present invention then takes these individual random product codes and forms a block with them. At each level of packaging these blocks then are formed into a physical blockchain which is cryptographically secured at the next level and so on. Accordingly, departures may be made from such details without departing from the scope of the general inventive concept.