There are many security labelling technologies being used in different market verticals, in different parts of the world. Some commonly known technologies include nano-fingerprinting, bubble tags, holographic tags. Bar-code, QR-code and RF-ID tags are primarily tracking technologies but their overloaded use is often seen in security deployments.
Common element that is widely missing in all these is the ability to protect against insider threat. Spending on new security labels with more overt/covert features with focus on outsider threat is a direction-less effort, given that the actual threat model is about insider threat. Outsider threat results in an evident-loss, while insider threat results in a concealed loss.
The world needs security labelling technology, wherein outsiders and insiders are equally challenged to break the security. Further, it is desired that the industry should get a unified labelling technology that has the ability to solve multiple problems under the umbrella of content-security like tampering and counterfeiting. There is much talk about unique credentials, but it needs to be understood that a unique credential provisioned at time of manufacturing does not solve the problem of insider threat.
It is a unique and exciting proposition to view two identical labels auto-acquire unique credentials upon application. While auto-acquisition of unique credentials should occur only upon application of security label on package, it is also a must that verification scans should also occur only when the security label is coupled with the asset, without visually evident tampering
So a desired next generation security label should offer unique combinations in range of millions without much incremental cost impact. Another possible enhancement would be about unification of security and tracking, so that a single label and single reader would satisfy both needs (security and tracking). “Legally admissible evidence” is a highly recommended feature, so that, suspects can be prosecuted successfully in the court-of-law. Such security labels would unfold a plethora of use-cases taking security beyond the typical “what you know”, “what you have” and “who you are”.