There are two fundamental ways that web-based servers can be used to assist anticounterfeiting strategies.
The first approach involves using the server as a data repository system; for example, to see what different anticounterfeiting
features have been deployed (holograms, inks, labels, covert invisible inks etc.) for a given packaging number, to look up
serial numbers (although this has limited efficiency for authentication purposes) or to display what the package should look
like. This information can be used systems such as the Interface Public Member of the World Customs Organization, or the Drug
Validation Portal (1,2), which enable customs to check whether a pharmaceutical shipment is counterfeit.
Fred Jordan. CEO at AlpVision SA.
The second approach entails uses the server to analyse different packaging parameters to assess authenticity automatically.
For instance, solutions are available that can process a picture of a packaging component (e.g., folding box, blister pack,
label, flip-off top or part of a vial) and detect whether it is authentic. Our Krypsos system uses the image to determine
whether the product is protected by one of our other technologies. If so, the information retrieved is displayed for logged
users to see.
Uptake of any technology in the pharma industry takes time and this is also true of web-based servers, which also present
additional challenges in terms of security concerns. Such systems must run software compliant with a number of standards,
including CSV (Computer Software Validation), GAMP 4/5 and FDA 11–21, to cite the most prominent ones. However, based on our
experience, many companies implement a web-based server because of versatility (by offering both a database and authentication)
and ubiquity (works from anywhere in the world).
Before rolling out a new web-based anticounterfeiting system, companies need to consider numerous points. Firstly, does the
system require CSV? If so, price and development times substantially increase. Companies must also ask: What is the purpose
of the server (database and/or authentication)? Is there an actual need for a centralised authentication server? Sometimes,
the major reason for the server to exist is that it avoids software installation on every computer, thus simplifying deployment,
preserving security and enabling audit trails. If there is a need for this kind of server, then what exactly needs to be centralised?
The server logic must precisely match and integrate with many processes of the pharma company (relations with suppliers, production,
QA, orders, etc) and it must at the same time implement new processes (how to authenticate, when, how, by whom, etc). It is
critical to define precisely such processes. This can be done either iteratively by starting with a simple system and evolving
it progressively, or by directly implementing a system matching user requirement specifications derived from the processes.
The second approach is more tuned to CSV developments too.
Overall, I believe that a web-based server strategy is an appropriate approach for companies who require global access to
an authentication platform. It provides for centralised management and worldwide statistics of authentication information,
with the benefit of easy global deployment.
1.Public Member Interface http://ipmpromo.wcoomdpublications.org
2. Drug Validation Portal