Did you just buy a fake product? Improving Security of Electronics

Bookmark and Share

Did You Just Buy a Fake Product?

Improving the Security of the Electronic Component Supply Chain

How do you know you are receiving authentic products when you purchase them? If you are buying an item at a big department store, you would likely trust the store to give you an authentic item for your money. But, would you have the same confidence shopping at the weekend swap or a flea market? When in doubt, how can you check whether a product is authentic before purchasing it? The SEMI T20 standards suite describes a system of tools that addresses product authentication for the electronic component supply chain.

There is ample evidence that counterfeit and tainted product has infiltrated the electronic component supply chain. The risk of procuring contaminated goods increases when authorized (certified) distribution networks run out of product. This may occur with supply shortfalls or obsolete products. Then, purchasing policy may also force procurement from non-certified distribution networks. For example, the infiltration of the government supply chain was attributed to the government procurement policies where often the lowest bid forced suppliers to seek cheap alternativesi. Before the introduction of the SEMI T20 standards, the semiconductor industry lacked standardized methods to easily validate the integrity of goods from non-certified distributors or suppliers.

Counterfeit and tainted products may be secretly injected anywhere in a chain of distribution. The SEMI T20 standards describe an identification and authentication method that makes infiltration of any distribution network far more difficult. SEMI T20 and its associated subsidiary standards, SEMI T20.1 and SEMI T20.2, cover the practice of product authentication by any party in the trade stream, thereby reducing the presence of illegal counterfeit items in the marketplace. The automated, reliable, and secure technique of product authentication covered by these standards can be practiced consistently at key points in the trade stream, driving unintended counterfeit purchases to a minimum in a way that can be deployed easily and relatively inexpensively in a wide variety of settings.

The standards require the use of a random code, issued by a trusted authentication organization, that customers use to determine whether an item is genuine or not, anywhere in the distribution chain. Although secure serialization systems alone do not prevent the copying or theft of codes, they can be effective at detecting that such fraud has occurred. Thus, secure serialization serves as a deterrent and an early warning system.

According to David Brown, a founding member of the SIA Anti-Counterfeiting Task Force, “Amazing things happen when you empower consumers with tools that detect false description and other frauds. Intel saw counterfeiting attacks drop by over 95% immediately after a robust authentication tool was released publicly to any consumer interested in checking their purchase. The counterfeiting cartels quickly abandon attacking products where anyone might detect their fraud at any time. The bad guys depend on remaining un-detected, so tools that expose the fraud chase them away. The other amazing thing about fraud detection tools is how you only need about 1% of the products being checked to drive the bad guys out of the market.”

SEMI T20 and its associated subsidiary standards describe: (1) the overall system, (2) object labeling, (3) authentication service communication, and (4) authentication service body (ASB) qualifications. “Originally developed for use with semiconductor circuits and devices, these procedures described in the suite of standards can also be extended to cover other electronic components and types of products, such as Photovoltaic modules (yes, the ones you may be considering for your roof)”, says Win Baylies. Solar theft is on the rise as thieves are taking solar panels off roofs. Recently, a Pleasanton school in California was a victim of solar module theft, as well as 10 wineries in the past 16 months in Napa Countyii.

The new authentication procedure detailed in the SEMI T20 standards is useful anywhere you can use your cell phone to access the internet. In this cell phone example, the SEMI T20 standards outline the messages to and from the cell phone. The product of interest you wish to authenticate will have an Authentication Code on it printed by the brand owner. You send the Authentication Code to a website from your cell phone using the camera, the browser, or a text message. If the product is authentic, the website returns information about the specific unit you are about to purchase. If the item is counterfeit, your phone will warn you.

About the Anti-Counterfeiting Task Force and Authors:

The SIA Anti-Counterfeiting Task Force approached SEMI to develop standards that combat the problem of counterfeit goods in the supply chain. The SEMI Traceability Committee accepted this mission. As a result, SEMI formed a parallel Anti-Counterfeiting Task Force reporting to the Traceability Committee that has developed the new SEMI T20 set of standards. Read about the core members of this activity and the authors of this article here.

About the Traceability Standards Technical Committee:

Formed nearly 20 years ago, the Traceability Committee’s charter is to capture user requirements and develop standards to enable full traceability of materials and other factory resources in semiconductor manufacturing. This includes marking and identification techniques, encode/decode methods, inter-company exchange of information, and characteristics of marking/reading sub-systems needed by the industry, from semiconductor, flat panel display, and other materials manufacturing through final product assembly and test.

View the standards:

SEMI T20-1109 Specification for Authentication of Semiconductors and Related Products

For more information about the Traceability Committee or SEMI T20, contact Kevin Nguyen at knguyen@semi.org / 408.943.7997.