|
If your company manufacturers, supplies, or distributes products of almost any type, style, shape, or for any usage, they may become the objective of fraudulent activities from one or more sources. Therefore, someone at your company should be concerned about how these activities may affect the company's future. This paper/presentation will provide information about where these 'threats' may come from, what products have been compromised in the past, and what steps might be taken to deter these threats. During product security conferences, conversations, and other sources of information, you'll hear about many different types of security features that can be incorporated into monetary and identification documents, packaging, labeling, and other products/systems to help protect against counterfeiting, unauthorized tampering, or to identify 'genuine' products. Many of these features have been around for some time (which means that they may have lost at least some of their effectiveness) while others, or improved versions of some of the more mature features, have been or are being developed. This area is a 'moving target' and re-examination of the threats and counterthreats needs to be an ongoing activity. The 'value' and the capabilities of these features can sometimes be overstated, i.e. that a feature/system can solve all of the security-related problems that you may (or may not) have with your products. A couple of things to always keep in mind is that no feature(s) is universally effective and none of the features, or even combinations of features, is totally 'tamperproof' or counterfeitproof, irrespective of what may be said or claimed. So how do you go about determining if you have a product security problem and what, if any, security features might be used to reduce the threat(s) to your products? This paper will attempt to provide information to help you separate the 'wheat from the chaff' in these considerations. Specifically, information to be discussed in this paper will attempt to assist you and your associates define (1) what products are or may be under threat and how many different ways the product(s) might be compromised, (2) who might attempt to compromise your company's product(s), (3) what product security features may be effective in deterring the perceived threats, (4) how many deterrent features are needed, and should the features be overt, covert, or a combination of the two, (5) how will the candidate features hold up in the 'usage' environment, and (6) who will 'validate' the features and what skill levels, or auxiliary equipment, will be needed? Obviously, the cost effectiveness for adding possible security features to the product(s) needs to be considered, but more than just the cost of the feature, or the value of the product, needs to be factored into these considerations. For example, the effect of any compromise on the company's reputation and legal liabilities. This paper obviously can not provide all of the 'answers' but will attempt to provide you with 'food for thought.'
|
