In its engagement with your manufacturing company, AuthentiGoods will ask you to designate a Primary and Backup Signing Officer.
The Primary and Backup Signing Officer will then schedule a session with an Attestation Officer from the Council of Attestation Officers , who will guide them through enrollment to a PKI identity certificate based credential, including its Privacy PEN for making high-reliability digital signatures.
The resulting key pairs are isolated in the “secure enclave” of their smartphone. Their secure PKI credentials are then used to authenticate to one or more HSMs, which are secure stationary PKI key management devices containing their own signing private keys.
The digital versions of any serial numbered product packaging labels, bills of lading, pallet documentation, or other documents that accompany the manufacturer's goods are digitally signed through the use of the HSM.
The signed files are then used in the printing of QR codes or iQR codes, or embedded in NFC chips; or other devices that carry both the document and its digital signature.
Subsequently, anyone with a smartphone anywhere can verify the genuineness of the individual product, the pallet of products, or the shipping container’s contents by verifying the signature and comparing the digitized document with the physical document, e.g. verifying that serial numbers on their phone’s screen match the serial numbers on the printed documentation.
While it is technically possible for a counterfeiter to copy a QR code containing both a label with serial number and the digital signature of that label, the counterfeiter would have to have access to the goods and the labels themselves prior to doing the counterfeiting. Furthermore, for higher value goods or for full containers of goods, an NFC chip accompanying the actual goods would have to be copied.
For categories of goods that represent even higher value than those using QR, iQR, or RFID chips, further product identification methods are described in the Enhanced Product Identification Methods section of this document.
The process consists of three successive consulting engagements:
In the Assessment and Planning stages, a recommended Identity Quality score for both Signing Officer and Backup Signing Officer will be determined, and they will be enrolled by an Attestation Officer. Implementation will include the installation of HSM-based systems at locations in product shipping areas.