Counterfeit medicines and the diversion of legitimate product are serious and growing global issues for the biotechnology and pharmaceutical industries, governments and patients. Recent advances in technology have allowed non-traditional procurement routes for pharmaceuticals (e.g. repackaging, internet pharmacies) to emerge. These technologies and routes have developed faster than the regulations can adapt to accommodate them. In 2007, US customs seizures of counterfeit pharmaceuticals increased by 500% over 2006. currently estimates that nearly 97% of approximately 55,000 online pharmacies are illegitimate or do not have appropriate registrations and information on their websites. The existing historically weak laws and regulations are not suitable for protecting brand owners or patients. Furthermore, the industry can not wait for legislation that is currently being debated to take effect five or ten years from now. In this article, we build upon the findings reported in Cambridge Consultants’ whitepaper “Phony Drugs, Real Solutions: Practical Anti-counterfeiting Considerations” and examine the current state of regulations and the role of technology to enable brand owners to protect themselves and the patients that rely on their products.

Vulnerabilities With Current Regulatory Proposals

Currently, there is insufficient regulation of internet pharmacies. In September 2010, a new bill in the United States Senate was introduced that would enable the US Attorney General to lead investigations and, if infringement is found, take action (in the form of a restraining order or injunction) against both domestic and non-domestic domains used for illegitimate or infringing activity. In December 2010, institutions in the EU approved an agreement requiring any seller of medicines over the internet to register with the authorities in his home country and further ensure that the products being marketed are licensed for sale in the countries targeted for export. These measures are complicated by net neutrality and freedom of internet issues, which limit the ability of governments to enforce injunctions against websites registered internationally or with Registrars or ISPs without policies with respect to selling of illegal or counterfeit products.

Additionally, there are insufficient penalties for counterfeiting. In some countries, counterfeit drugs are not illegal, or are a violation of trademark laws. Often the punishment associated with counterfeiting is a fine, which is small in comparison to the revenues generated by the sale of counterfeit products, and not reflecting the potential harm of counterfeit drugs. The regulations and punitive measures for counterfeit drugs are light compared to those for narcotics. The Falsified Medicines Directive in the EU is years away from having an effect. Thus, in the absence of suitable regulations, the responsibility falls to the brand owners to protect themselves and the patients who rely on their products.


Figure 1: Investing too much or too little in product protection can negatively affect bottom line figures.  An optimal balance can be found without compromising patient safety or brand value.

A central part of plans to fight counterfeit medicines is to introduce new traceability measures, in the form of serialization or track-and trace. The technology solutions available to protect products are discussed in the last section. First, however, it is important to consider the problem in context to arrive at the optimal solution for a given product.

Managing Brand Protection

The strategic approach adopted by a number of businesses combines both technology and business processes to present a system which any potential counterfeiter or diverter has to defeat. This approach was recently described by David Howard, Global Director of Product Protection at Johnson & Johnson, in a paper at the Product Authentication & Security Summit in Fall 2010.

Addressing the issue of counterfeit and diverted products is a complex task, and development of successful brand protection strategies needs participation from a range of internal and external stakeholders. Internal stakeholders include materials management, product validation, quality and audit, regulatory affairs, legal team, regional management and customer service. In addition, close liaison with product and packaging development and supply chain participants (raw material manufacturers, product manufacturers and packaging suppliers) is also needed.


Figure 2:  Different anti-counterfeiting technologies can be deployed for different stakeholders—a layered approach is required for comprehensive product protection

One of the fundamental aspects of this system-based approach is to customize the protection for each product, such that the investment is cost-effective and offers an appropriate level of protection for each target market. This approach requires balancing the risk versus the threat to the brand which requires an assessment of a number of factors:

• Product specific risk: likelihood and severity if a specific product is counterfeited

• Counterfeiter capability: skill, opportunity and financial gain

• Strength of brand protection: How well the current or proposed security features and processes deter activity as well as defeating the capabilities of the adversary.

Understanding the implications of counterfeit and diverted products is key, both at a business level, but also at an individual product level. Thus, this assessment sets the business need for the measures that need to be implemented for each product in a company’s portfolio.

How Is Technology Used To Address The Problem?

Technology is an integral part of a brand protection system. In the case of medications, then three different types of technologies are employed (anti-tamper, serialization and authentication) to provide a layered protection system, and with different technologies intended to interact with the different stakeholders (brand owner, patients, the supply chain and law enforcement).

Anti-tamper, or tamper evident packaging, is the first step in a protection strategy. This can be achieved through careful packaging design with integral features such as perforated openings, or through the addition of tamper evident seals. 



Serialization is a second layer of protection, which relies on the printing of a unique serial number on each package. This number is recorded at manufacture on a database, and the package marked as being dispensed at the Point of Dispense (PoD). Any subsequent packs with the same serial number will be flagged as suspect if the number has already been dispensed.


 The majority of current proposals recommend the printing of a serialization number, the unique product code, expiry date and batch number on the package. This is typically in plain text but could also be implemented using a 2D barcode or an RFID tag. Many survey respondents indicated that RFID tags are less popular due to their cost, challenges with integrating with the supply chain, potential interaction with non-solid dosage forms, and the perception that they are a more complex solution than is warranted.

Track and trace uses the same basis; however, the serial number is recorded at various points within the supply chain, either on a central server, or in the case of RFID, on the product itself. This provides the ability to trace where diverted or counterfeit product enters the supply chain, as well as tracking its location at all times.

Authentication is the third level of protection and takes many forms with a large number of different technologies employed. These technologies can generally be classified as overt, covert or forensic.



Overt features are typically employed to allow patients and medical professionals and others within the supply chain to verify that the package is authentic by eye, or by touch. Typical features would be holograms or Optically Variable Devices (OVDs), watermarks but also packaging materials. These have the same drawbacks as anti-tamper features, in that the person needs to know what a correct package looks like, and the counterfeiter can clearly see what needs to be copied. It is currently estimated that safety measures such as holograms and tamper-proof seals can be replicated by criminals within six to 12 months. As such, overt solutions can not be solely relied upon for protecting patients and must be supplemented by some form of traceability.

Covert features are invisible to the naked eye and are typically employed to enable stakeholders within the supply chain to authenticate items. These features require custom reader designs which can be quite simple or complex depending on the covertness of the feature. Reader development in itself has a number of complexities over and above a standard product development. Typical covert features include taggants, inks, embedded features within holograms, and Laser Surface Authentication (LSA).

Forensic features are employed to enable a brand to determine categorically that a product is authentic, to enable the brand owner to pursue litigation or for a law enforcement agency to prosecute. Typical features included taggants or the combination of specific constituents within a product. These features are normally, but not always, read under laboratory conditions.

In practice a number of techniques (overt, covert and forensic authentication features) can be combined together in a single feature, which may also support either anti-tamper or serialization.


The responsibility of the brand owners to protect themselves and the patients who rely on their products will drive progress. This will be based on successful management of the supply chain and understanding weaknesses that may exist, along with an understanding of how counterfeiting and diversion can be deterred. Deterrence will be based on product specific authentication features, the selection of which will be influenced by the balance of risk versus threat.

Despite a growing awareness of issues around counterfeit drugs, until newer, stricter regulations can take effect, regulations will only provide a minimum standard for compliance. Additionally, as the counterfeiter and diverter will change their tactics over time in response to improved protection of products and acquisition of new skills, the creation of ‘layered’ protection will be crucial to success. Existing technologies (e.g. traceability) in combination with emerging covert authentication technologies will effectively deter and detect counterfeiting.