Proof of authenticity is the verifiable ability to prove a product is genuine, from source to shelf and into a buyer’s hands. Blockchain helps by anchoring item identities, custody events, and verification proofs to tamper-evident records, so fakes can’t easily hijack serial numbers or paperwork. In short: you capture trustworthy data at every handoff, bind it to each physical item, and make it instantly checkable by anyone who needs to know.
Quick steps: pick a standard (e.g., GS1 EPCIS for events), bind a physical tag (QR/NFC/secure chip), issue cryptographic credentials to parties, record custody events on a permissioned ledger, give consumers a simple scan-to-verify path, and add exception workflows for returns and recalls. Done well, you get faster investigations, fewer brand-damaging incidents, and better buyer trust.
Disclaimer: This article offers general information about anti-counterfeiting and security architecture. It is not legal, regulatory, or medical advice—consult qualified professionals for your situation.
1. Model provenance with GS1 EPCIS events to make authenticity auditable
A durable proof of authenticity starts with a shared language for “what happened” to the item. GS1 EPCIS (Electronic Product Code Information Services) and its Core Business Vocabulary give you that language: standardized event types (What/When/Where/Why/How) to record commissioning, packing, shipping, receiving, and transformation steps. When you apply EPCIS consistently, every participant—factory, 3PL, distributor, retailer, and even service centers—can publish interoperable event data. A blockchain or similar append-only store notarizes these event streams, so you can prove that the product seen at point of sale matches the one commissioned at the factory, with no gaps that invite fakes. The outcome is traceability that stands up to scrutiny because it’s structured, consistent, and easily validated across systems.
Why it matters
- A proof is only as strong as the data model. EPCIS gives you portable semantics across brands and partners.
- Standardized events reduce integration costs and misinterpretations, essential for cross-border supply chains.
- When bound to item-level IDs, the event stream becomes a verifiable narrative: who handled the product, when, and under what business step.
How to do it
- Scope: Identify which EPCIS events you need (ObjectEvent for item moves, AggregationEvent for case/pallet relations, TransformationEvent for rework).
- Serial granularity: Decide where you need item-level vs. lot-level tracking.
- Publish/subscribe: Stand up EPCIS capture APIs and subscriptions so partners can push/pull events.
- Notarization: Periodically anchor event hashes on-chain to make tampering evident.
Numbers & guardrails
- Target >99.5% event-to-item linkage for saleable items (missed events create exploitable gaps).
- Keep latency under seconds to minutes between capture and notarization for near-real-time detection.
- Aim for <0.1% unresolvable event discrepancies after reconciliation windows.
Tie-back: With EPCIS you turn authenticity into an auditable storyline that counterfeiters struggle to fake at scale.
2. Bind each physical item to a cryptographic identity the blockchain can trust
If the physical-digital link is weak, counterfeiters simply copy labels. Binding the physical item to a cryptographic identity raises the bar. Options include tamper-evident QR labels with randomized per-item URLs, NFC tags with unique keys, and secure elements (SEs) or PUF (physically unclonable function) chips that sign challenges. The private key never leaves the tag, and the verifier checks signatures against a registry anchored on-chain. Combined with EPCIS events, the result is not just “we saw a serial number,” but “this specific chip just proved it’s the one commissioned.” This makes mass copying expensive because attackers must clone secrets, not just graphics.
Quick comparison (choose one per product tier)
| Carrier | When to use / Pros / Trade-offs |
|---|---|
| QR (GS1 Digital Link) | Low-cost, ubiquitous cameras; good for consumer scan-to-verify. Vulnerable to photocopying unless combined with per-scan risk analytics or covert features. |
| NFC | Tap-to-verify UX; can store keys and sign challenges. Slightly higher unit cost and requires NFC-enabled devices. |
| SE/PUF | Highest assurance via challenge–response. Best for high-value goods; cost and integration complexity are higher. |
Mini-checklist
- Generate per-item keys at commissioning; never reuse across batches.
- Store public keys/hashes on-chain or in a registry referenced from the chain.
- Randomize QR payloads; rotate risk rules to flag repeated scans or suspicious geos.
- Protect tags physically (void labels, inlay placement, or potting).
Numbers & guardrails
- Typical QR label costs can be under US$0.01 per item; NFC tags often range US$0.05–US$0.30; SE/PUF integrations can exceed US$0.50—budget per SKU.
- Strive for <1 false reject per 10,000 scans for consumer verification while catching obvious copies.
Tie-back: Strong binding transforms “looks legit” into cryptographic proof that counterfeiters struggle to replicate.
3. Use GS1 Digital Link and 2D codes to bridge packaging and blockchain
Even the best ledger is useless if nobody can read the identity. GS1 Digital Link encodes standard identifiers (e.g., GTIN, serial, lot, expiry) in a URL-like structure that scanners and apps understand. A single 2D code can serve retail POS, logistics, and consumer verification from the same symbol—no extra stickers. Your resolver routes a scan to the right experience (e.g., warranty registration if already sold, authenticity check if in-market, education content for prospects). Pair the link to on-chain records so a consumer scan triggers real-time verification and risk scoring. This lowers operational friction: one symbol, many contexts, standardized across partners and devices.
How to do it
- Encode GTIN + serial with GS1 Digital Link and include a resolver path.
- Add verifier endpoints that check chain-of-custody and tag cryptographic proofs.
- Implement context rules (POS vs. consumer vs. regulator) for the same scan.
- Cache-safe: sign responses and enforce TLS pinning in your app to deter fake resolvers.
Numbers & guardrails
- Keep scan response <300 ms for good UX; cache non-sensitive assets; sign sensitive responses.
- Detect >90% of cloned-code attempts via anomaly patterns (duplicate scans across distant geos, time-of-day spikes).
- Design fallback UX when offline—show last-known provenance and permit delayed verification.
Tie-back: GS1 Digital Link makes your proof readable by humans and machines across the entire journey.
4. Govern with a permissioned ledger and auditable membership
Authenticity networks mix competitors, suppliers, and regulators—so governance matters as much as code. A permissioned blockchain (e.g., Hyperledger Fabric or similar) lets you set explicit roles: who can publish events, who can notarize batches, who can view confidential channels. Membership Service Providers (MSPs) issue cryptographic identities to organizations and nodes, enforcing who can endorse transactions and who can read which data. Clear onboarding, revocation, and audit logs turn the ledger from “tech” into a trust framework the ecosystem can live with. This also curbs data-leak fears that stall adoption, because sensitive details can be shared on a need-to-know basis with proofs anchored to a common root.
Mini-checklist
- Charter: Define decision rights, dispute processes, and update cadence.
- Identity: Bind node certs to legal entities; rotate keys on schedule.
- Privacy: Use channels/collections for bilateral data and anchor proofs to a shared chain.
- Audit: Keep immutable membership logs and change histories.
Numbers & guardrails
- Target node uptime >99.9% across endorsers/orderers to avoid verification delays.
- Design for throughput of tens of events/second per consortium as a baseline; burst higher during commissioning.
- Review memberships quarterly; remove dormant or non-compliant participants.
Tie-back: Strong governance keeps the authenticity network credible and sustainable for all parties.
5. Issue verifiable credentials to people, orgs, and devices
Authenticity fails if anyone can claim to be a factory, inspector, or customs officer. Verifiable Credentials (VCs) let trusted issuers (e.g., brands, auditors, regulators) sign attestations about organizations, roles, and even devices. Decentralized Identifiers (DIDs) give each party a portable, cryptographically verifiable identity without central lock-in. In practice, you issue a “Factory A is certified to commission serials for SKU123” credential, and validators check the signature and revocation list before accepting any event or tag registration. VCs also work for post-sale flows—retailers, repair centers, and recyclers can prove they’re authorized to handle returns and reintroduce items back into the legitimate stream.
How to do it
- Establish trusted issuers (brand, certification bodies) with DID documents and policies.
- Use VCs for role assignment (commissioner, shipper, verifier) and device trust (line printers, NFC encoders).
- Check status lists or revocation registries during verification.
- Store only hashes/pointers on-chain; keep PII off-chain per privacy laws.
Numbers & guardrails
- Keep VC verification <150 ms (local caching of issuer keys).
- Plan credential rotations in sync with HR/vendor changes; stale roles are a security risk.
- Maintain >95% automated acceptance; route edge cases to manual review.
Tie-back: With DIDs and VCs, you know who made each claim—no blind trust in API keys or emails.
6. Tokenize item identities to prevent serial-number hijacking
Static serial numbers are easy to copy; tokenizing items on-chain adds structure and rules. Think of a non-fungible token (NFT-like record) that represents the item identity, not a collectible. Mint at commissioning; attach attributes like GTIN, serial, lot, and links to EPCIS events. Mark tokens non-transferable except under explicit “business steps” (ship, receive, return). Immutability helps detect anomalies fast—if two locations claim the same token, one is suspect. Tokens also enable receipts for consumer ownership (opt-in), which can reduce fraudulent warranty claims and streamline resale: the token’s history speaks for itself.
Mini-checklist
- Schema: Define mandatory attributes (GTIN, serial, lot, expiry) and hash pointers to event bundles.
- Controls: Only certain roles can “move” tokens; movements require matching EPCIS data.
- Revocation: Burn tokens for destroyed items; mark “recalled” or “stolen” states.
Numbers & guardrails
- Keep mint cost negligible (permissioned chains or batched anchoring) to support millions of items.
- Detect duplicate-claim rate trends; sudden spikes suggest serial harvesting.
- Enforce single-current-location invariant (exactly one active custody holder per token).
Tie-back: Item tokens make serials governable—not just labels, but stateful identities resistant to copy-paste attacks.
7. Balance on-chain proofs with off-chain data, hashing, and encryption
Not every detail belongs on-chain. Sensitive business data (supplier quotes, formulas, exact volumes) should stay off-chain, while hashes and commitments go on-chain for integrity. Use content-addressed storage (e.g., IPFS/S3 with object hashing) and sign payloads at source. When you must prove facts without exposing them—like a minimum cocoa content or a temperature range—apply zero-knowledge proofs (ZKPs) or selective disclosure from verifiable credentials. This privacy-by-design lets partners verify authenticity and keep competitive secrets.
How to do it
- Hash-at-source for every event/payload; anchor batch hashes on-chain.
- Encrypt sensitive data end-to-end; share keys via policy-based KMS.
- ZKP/SD for claims (“was within 2–8 °C / 35.6–46.4 °F”) without revealing full telemetry.
- Build data retention and redaction policies into workflows.
Numbers & guardrails
- Hashing adds microseconds per payload; batch anchoring can keep on-chain ops <1% of total costs.
- Target >99.9% hash-match rate during audits; mismatches require immediate investigation.
- Aim for telemetry completeness >98% on cold-chain SKUs to avoid unverifiable gaps.
Tie-back: A smart split—proofs on-chain, details off-chain—delivers verifiability without oversharing.
8. Record chain-of-custody transfers and anchor to public ledgers
Counterfeiters exploit opacity in handoffs. By recording chain-of-custody (CoC) on a shared ledger—and periodically anchoring digests to a public blockchain—you create tamper-evidence that’s hard to dispute. Each transfer references item tokens and EPCIS events, signed by the sender and receiver’s credentials. Periodic public anchoring (e.g., hourly or daily) makes deep rewrites prohibitively expensive while keeping costs manageable. Investigators can compare a suspect item’s claimed path with the on-chain CoC; discrepancies point straight to the weak link.
How to do it
- Dual signatures on transfers (sender and receiver) with timestamps and location claims.
- Batch anchor Merkle roots of recent blocks to a public chain; store the anchor tx ID.
- Replay detection: Reject events that reuse nonces or stale anchors.
Numbers & guardrails
- Keep anchor cadence relative to risk; high-risk SKUs anchor more frequently.
- Maintain clock sync (e.g., NTP) across nodes; tolerate ± a few seconds skew to reduce false alarms.
- Investigations should retrieve full CoC in <1 minute per item from indexed stores.
Tie-back: CoC plus public anchoring turns your ledger into a watchdog—quiet until something doesn’t add up.
9. Handle exceptions: returns, recalls, gray markets, and warranties
Real supply chains are messy: returns arrive without receipts, recalls require rapid triage, and gray-market diversions blur legal lines. Treat exceptions as first-class citizens in your authenticity design. A returned item should pass cryptographic tag checks, token state verification (e.g., “sold to consumer” vs. “in warranty”), and anomaly scoring (e.g., scanned in a region where it was never sold). Recalls flip token states to “do not sell,” push warnings to verifiers, and guide consumers to safe disposal. Gray market signals include repeated scans far from authorized channels; investigations can focus where the chain-of-custody narrative diverges from expected routes.
Mini-checklist
- Return intake: Verify cryptographic tag, token state, last-known location, and time since sale.
- Recall mode: Broadcast revocation lists and blocklist tokens at POS verifiers.
- Warranty: Store purchase attestations (VCs) to cut fake-claim friction.
- Diversion: Alert on region-mismatch scans and wholesale-repack aggregation anomalies.
Numbers & guardrails
- Aim to auto-approve >80% legitimate returns with cryptographic and CoC proof; route the rest.
- For recalls, propagate blocklists <10 minutes to all verifiers.
- Keep false-positive diversion alerts <5% by tuning thresholds and combining signals.
Tie-back: Exception-ready systems keep authenticity controls effective when processes leave the happy path.
10. Give consumers a simple scan-to-verify experience (and fight fake sites)
A proof of authenticity that doesn’t reach the buyer won’t reduce harm. The scan experience must be frictionless, trustworthy, and resilient to phishing by counterfeiters who mimic your pages. Minimal steps: scan a 2D code or tap NFC, show a green/red status with why, and offer useful next actions (register warranty, report a suspicion, learn safe disposal). Use domain-bound links (GS1 Digital Link under your brand), device attestation for your app, and optional offline verification via signed info on the tag. Analytics from consumer scans also help you spot hot spots of counterfeiting or diversion and work with authorities to act.
How to do it
- One tap/scan to status; no logins for basic checks.
- Signed responses and HSTS/TLS pinning in apps to prevent man-in-the-middle attacks.
- Report flow that captures photos, location, and proof payload for investigators.
- Accessibility: readable contrast, multi-language, and plain-language explanations.
Numbers & guardrails
- Keep first meaningful response <2 seconds over mobile networks.
- Achieve >60% completion for the “report a suspicion” flow by keeping it under 60 seconds.
- Track repeat scans per code; spikes are a top signal of clones.
Tie-back: A clear consumer UX turns blockchain from back-end plumbing into visible brand protection.
11. Align with standards and regulators to stand up in court
Authenticity systems often end up in disputes, insurance claims, or courtrooms. Aligning with ISO 12931 (performance criteria for authentication solutions) and sector rules (e.g., pharmaceutical serialization regimes, customs cooperation frameworks) increases defensibility. Combine standards-driven process controls with the cryptographic assurances from your ledger. When authorities ask, you produce the VC-backed identities, EPCIS event history, CoC transfers, and public anchors that together form a robust evidentiary package. This also makes collaboration with marketplaces, customs, and health regulators smoother because your signals map to widely recognized criteria.
Mini-checklist
- Map system controls to ISO 12931 clauses; keep an evidence file linking features to criteria.
- Share read-only proofs with regulators—no PII, just integrity claims and revocation feeds.
- Establish MoUs with marketplaces and logistics partners for faster takedowns and seizures.
Numbers & guardrails
- Maintain evidence retrieval <5 minutes for any item under investigation.
- Keep revocation list freshness (credentials, tokens) under 10 minutes network-wide.
- Record a chain-of-custody completeness rate >99% for regulated SKUs.
Tie-back: Standards alignment makes your technical proof legible to auditors, marketplaces, and courts.
12. Plan for scale, cost, and sustainability from day one
Blockchain-backed authenticity must pencil out at millions of items. That means efficient unit economics (cheap carriers, batched notarization), elastic infrastructure, and thoughtful environmental impact. Use permissioned chains or L2-style batching to keep on-chain costs tiny; choose label tech that matches product value; and compress telemetry before hashing. Operationally, aim for automation everywhere: commissioning, encoding, event publishing, and anchor scheduling. Finally, consider the broader sustainability picture—better tracing can reduce waste from recalls and returns, while modern 2D codes can consolidate labels and support smarter recycling instructions.
How to do it
- Tiers: Use QR for mass SKUs; NFC/SE for premium.
- Batching: Aggregate event hashes; anchor by time or events count.
- Elasticity: Auto-scale capture APIs; queue during peaks.
- Observability: Monitor per-scan latency, tag failure rates, and duplicate-scan hotspots.
Numbers & guardrails
- Keep end-to-end per-item cost (label + infra + chain) aligned to <1% of retail price for mass goods.
- Design capacity for >10,000 verifications/minute during campaigns or recalls.
- Track CO₂ proxies (compute/anchor frequency); reduce via batching and efficient consensus.
Tie-back: Scale and sustainability ensure authenticity becomes a habit, not a pilot.
Conclusion
Proof of authenticity is not a single feature; it’s an ecosystem of data standards, cryptographic bindings, and human-centered verification that work together without getting in buyers’ way. Start by modeling reality with EPCIS and binding each item to a strong identifier. Govern the network with clear roles, use verifiable credentials to secure who can speak, and tokenize items so serials become stateful, not static. Keep sensitive details off-chain while anchoring proofs, and make the consumer scan effortless so trust is obvious at the moment of decision. Treat exceptions—returns, recalls, gray markets—as core flows, and align with recognized standards so your evidence persuades regulators and courts. If you plan for scale and cost control from day one, you’ll not only keep fakes out but also earn durable trust.
Next step: pick one high-risk SKU, deploy QR + EPCIS + basic VC roles, and pilot a scan-to-verify flow that you can roll out brand-wide.
FAQs
1) What’s the difference between proof of authenticity and traceability?
Authenticity proves a specific item is genuine—often through a secure tag and cryptographic verification—while traceability shows the item’s journey through the supply chain. You can have traceability at lot level without item authenticity, but counterfeit prevention benefits from both. In practice, you bind a per-item ID (token/tag) and attach EPCIS events to provide a narrative that’s checkable at any scan point.
2) Can’t counterfeiters just copy a QR code or NFC tag?
They can copy visuals, but strong implementations fight back. A per-item QR with randomized payloads plus anomaly detection will expose clones when the same code appears in multiple places quickly. NFC with secure keys does challenge–response, which photocopies can’t pass. Combining these with chain-of-custody checks and revocation lists sharply reduces successful forgeries.
3) Do we need a public blockchain, or is a permissioned ledger enough?
Most supply chains start with a permissioned ledger for cost, privacy, and governance. To add tamper-evidence beyond the consortium, you periodically anchor digests to a public chain. That hybrid model gives you low operating costs with independent verifiability when needed.
4) How does GS1 EPCIS relate to GS1 Digital Link?
EPCIS structures events (what happened to items), while Digital Link structures identifiers in scannable URLs. You print or encode Digital Link on the item for scan-to-verify UX, and you store EPCIS events as the authoritative history that the scan results reference. Together, they deliver both the “who/what/when” data and the consumer-facing entry point.
5) What about privacy and competitive secrets?
Keep PII and sensitive business data off-chain. Store hashes and commitments on-chain and selectively disclose facts via verifiable credentials or zero-knowledge proofs. This lets partners verify integrity and compliance without seeing confidential details. The design meets privacy-by-default principles while preserving evidentiary strength.
6) Is this overkill for low-cost goods?
Not necessarily. Low-cost goods benefit from QR-based verification and anomaly analytics; NFC/SE is best reserved for higher-value items. You can tier protection: QR + EPCIS for most SKUs, NFC or chips for premium lines. Unit economics should target cents or fractions of a cent per item for mass-market goods.
7) How do verifiable credentials help regulators and marketplaces?
VCs let authorities instantly confirm whether a factory, distributor, or marketplace seller is authorized. When a scan or listing is suspicious, verifiers check the issuer’s signature and revocation list. This reduces time-to-takedown and aligns with standards efforts that encourage traceable, tamper-evident product histories.
8) Will this work for medicines and medical devices?
Yes, with careful compliance and patient safety considerations. The approach supports serialization, cold-chain attestation, and returns triage. Health authorities and global organizations have documented risks from falsified products; robust scan-to-verify and custody proofs help reduce them, though clinical and regulatory controls remain essential.
9) How do we handle gray markets without punishing legitimate resellers?
Use signals, not blunt bans. Region mismatch scans, unexplained wholesaler-to-retailer leaps, or a surge of first scans in unauthorized channels merit investigation. Provide a legitimate reseller registration flow (VC-based) so authorized partners can demonstrate rights and avoid false positives.
10) What KPIs show we’re winning?
Track: duplicate-scan detection rate, time-to-block for recalled SKUs, return auto-approval rate, scan conversion to registration, and investigation cycle time. Over time, aim for higher detection with fewer false positives and faster, well-documented resolutions. When possible, correlate with seizure and takedown data from partners to confirm real-world impact. OECD
11) Could this increase our carbon footprint?
Extra compute exists, but design choices matter. Batch anchoring, efficient consensus, and consolidating labels with 2D codes reduce waste and compute overhead. Some retailers report operational benefits—like better markdowns and less spoilage—when 2D codes carry richer data, which can offset impacts elsewhere.
12) What’s a pragmatic first rollout?
Pick a high-risk, high-visibility SKU. Implement GS1 Digital Link QR, basic EPCIS event capture from commissioning to retail, and verifiable credentials for factories and encoders. Stand up a consumer scan page with signed responses. Measure duplicate scans, report rates, and time-to-investigate. Expand to NFC or SE for premium SKUs after you stabilize processes.
References
- EPCIS & CBV — GS1. Publication date not stated. https://www.gs1.org/standards/epcis
- EPCIS/CBV 2.0 (Overview PDF) — GS1. Publication date not stated. https://www.gs1.org/docs/epcis/epcis_2-0_launch.pdf
- GS1 Digital Link (Standard) — GS1. Publication date not stated. https://www.gs1.org/standards/gs1-digital-link
- Verifiable Credentials Data Model v2.0 — W3C, May 15, 2025. https://www.w3.org/TR/vc-data-model-2.0/
- Decentralized Identifiers (DIDs) v1.1 — W3C, August 3, 2023. https://www.w3.org/TR/did-1.1/
- Blockchain Technology Overview (NIST IR 8202) — NIST, October 2018. https://csrc.nist.gov/pubs/ir/8202/final
- ISO 22739: Blockchain and distributed ledger technologies — Vocabulary — ISO, 2024. https://standards.iteh.ai/catalog/standards/iso/0d118dbc-4895-4a79-9184-f55f71894296/iso-22739-2024
- ISO 12931: Performance criteria for authentication solutions — ISO, 2012. https://www.iso.org/standard/52210.html
- Substandard and falsified medical products (Fact sheet) — World Health Organization, December 3, 2024. https://www.who.int/news-room/fact-sheets/detail/substandard-and-falsified-medical-products
- Mapping Global Trade in Fakes — OECD/EUIPO, May 7, 2025. https://www.oecd.org/en/publications/mapping-global-trade-in-fakes-2025_94d3b29f-en.html
- Membership Service Provider (MSP) — Hyperledger Fabric Docs, publication date not stated. https://hyperledger-fabric.readthedocs.io/en/latest/membership/membership.html
- End of the lines? QR-style codes could replace barcodes — The Guardian, December 30, 2024. https://www.theguardian.com/technology/2024/dec/30/barcodes-could-be-superseded-by-a-more-powerful-alternative-by-the-end-of-2027
