Before we start talking about how Codentify system works, I would like to address how it should work and what it’s supposed to do. The major four tobacco companies proclaim Codentify is a technological solution for three main tasks:
1. Product Authentication – Is supposed to enable tobacco consumers, shop-owners, customs and anyone else who holds a cigarette pack in his hands should be able to authenticate that he holds a valid product, which was legally produced, distributed and sold.
2. Track & Trace – Should allow authorized personnel to follow a product throughout the supply chain. So if illicit product is discovered – it would be possible to pinpoint the supply chain’s “weakest links”, in order to fix them as soon as possible.
3. Tax Verification – This might be the trickiest part. The system is supposed to ensure government authorities oversight over tobacco production volume and to prevent tax avoidance issues (i.e. replacing government issued tax-stamps).
So how’s Codentify planning on achieving those three goals? Let’s dive into how this technological solution works, based on my understanding of all of the public info I’ve read about it online as well as through chats with experts.
The Codentify code is a visible 12-digit alpha-numeric code, printed directly to a cigarette pack, and is being generated through the following technical process:
• Tobacco industry’s server called Central Information System (CIS) produces a manufacturer’s security digital key, which is used as a license for a certain local manufacturer to produce millions of packs.
• Sending it to a manufacturer’s server called Manufacturing Central Gateway (MCG), which distributes these keys between code-generators assigned to each production line.
• The code generators perform a patented mathematical formula mixing this key with some production information properties (such as production date, time, place, etc.) into the previously mentioned 12-digit Codentify code printed on the pack.
• Later the manufacturer reports back to Industry/Government the amount of produced packs (while declaring the amount of packs that got wasted in the production process).
Later when a consumer or customs personnel check the printed code he sends the 12-digit code to a server that holds a database of all manufacturer e-keys, and after performing the opposite version of the previously mentioned mathematical formula, it derives the e-key and checks its validity. A consumer is alerted that there’s something fishy about his pack in one of the two following scenarios:
1) The pack’s code was made-up, not authentic Codentify code.
2) The pack’s code was already checked in the system (this is the way to identify a single code that was copied thousands of times by a counterfeiter).
That’s basically it. In one of the Codentify brochures I saw this diagram, describing the main problem of this solution for me:
Before Codentify, the process was way more complicated. But what was the reason for these complications? In two words – Government oversight. The production of tobacco products needed to be verified and regulated not only by the tobacco company, but also by tax regulation authorities. Sure, that complicated things for the major tobacco manufacturers. But as EU tax payers, do we really want to allow any private companies, specifically companies that already use massive lobbying to promote business strategies that contradict the interest of public health, to regulate themselves?
Because in the bottom line, even before digging into technical details of the system, and exposing its flaws – this is the REAL main purpose of this technological solution – allowing the tobacco industry to self-regulate it’s supply chain end-to-end.
In my coming blog posts I will explore the various flaws that I am discovering that thoroughly permeate the codentify system. Through personal connections and hours of research I have gained access to some potentially explosive insider information, so stay tuned!
[…] of the best investigative articles I’ve read on the topic of the Codentify scheme is the article written by Luk Joosens and Anna B […]
LikeLike
[…] production line. This case is probably a “perfect crime”: Each pack, with its genuine Codentify code is produced twice. Statistically speaking, there is almost no way a code would be checked more […]
LikeLike
[…] I have encountered and subsequently started to investigate Codentify, I have been sharing my discoveries and analysis through rather technical posts on micro issues. […]
LikeLike
[…] experts in the anti-tobacco world, I am confident this is the most damning evidence against Codentify’s claims to being a viable tax code and track and trace solution for the […]
LikeLike
[…] discussing the low security standards of the Codentify system when it comes to preventing counterfeiters to get away with copying Codentify codes, today […]
LikeLike
[…] the additional information you’ve submitted (storage of 50 bundles X 10 pack Codentify codes) is NOT MENTIONED in the OFFICIAL site you’ve mentioned yourself (that basically has only […]
LikeLike
[…] as a smoker that bought a Codentify branded product, checking the code definitely doesn’t provide me any way to determine how the product got to […]
LikeLike
[…] Family dental practitioners as well as their employees possess a unique chance to teach youthful people around the risks of tobacco use to dental and all around health. Cosmetic dental practitioners have a diverse range of remedies and methods at hand for treatment afterwards, however the best treatment will be prevention. Visit this website to learn about Codentify. […]
LikeLike
[…] of course a product of the tobacco industry and is itself severely flawed, as I have pointed out in previous posts as well as in interviews with former tobacco employees […]
LikeLike
[…] remind you how Inextos product authentication works via an excerpt from this blog post of mine from May 2015: “Let’s suppose your cigarette tastes funny and you want to confirm they are an authentic […]
LikeLike