Why Pharma's Anti-Tampering Strategies Don't Work

As the head of the Vulnerability Assessment Team at the famed Los Alamos National Laboratories, Roger Johnston has seen every tampering and anti-tampering scheme imaginable, with tamperers taking aim at products as large as freighter cargo and as small as pill bottles.

The news is not good for industry. Johnston’s team did some tampering of its own with over 200 products, including many drug products, and was able to defeat them all, using fairly low-tech methods, in less than an hour.

In this PharmaManufacturing.com exclusive, Q & A, Johnston says the drug industry has its work cut out for it in tamper-proofing its precious products, and RFID, covert tags, and expensive programs aren’t the answer. What’s more, FDA needs to do a lot more than it is right now.

Johnston also details one strategy, the CNT ("Call In the Numeric Token") technique, that he believes firms need to be using.PM: You say existing tamper-evident packaging, in all industries, isn't effective. Why not?RJ: To a considerable extent, tamper detection is an unsolved problem. Tamper detection is a field that is over 7000 years old, yet it is very poorly understood and has not received the research and development attention it deserves. In my view, manufacturers who use tamper-evident packaging do it primarily as a compliance measure (as with OTC pharmaceuticals), as a show of good faith to consumers, and/or as a cost-effective way to reduce jury awards should product tampering occur. Effective tamper detection doesn't really seem to be the goal, or else we would see far better designs for tamper-evident packaging.PM: Just how effective are most drug manufacturers' anti-tampering safeguards?RJ: Most or all tamper-evident packaging for pharmaceuticals can be quickly defeated by almost anyone who has just a little bit of skill with his or her hands, or at least some patience and resourcefulness. (Tamper-evident packaging is "defeated" when the package, bottle, or container has been opened, then reclosed, without the unauthorized access being detected by the end-user, typically the consumer.) About the best we can say at this point is that defeating thousands of drug containers would be boring to do, but not difficult or particularly time-consuming.PM: What are the most common failings of anti-tampering strategies for pharmaceuticals? Why can they be defeated so quickly?RJ:

1. The designs are unimaginative.
   
   
2. The designs (understandably) must be very inexpensive.
   
   
3. The designs (understandably) cannot appreciably get in the way of the consumer being able to open the container without a lot of fumbling around.
   
   
4. The designs have not, in most cases, been subject to a serious vulnerability assessment(VA) by qualified personnel (or even by someone just trying to be resourceful). In the rare cases when a VA is undertaken, it is usually done by packaging (not security) personnel within the company -- sometimes the very people who developed the tamper-evident packaging -- and/or is done under the assumption that potential tamperers are stupid. This is not conducive to producing a good tamper-indicating seal.
   
   
5. The notification to the consumer that tamper-evident packaging is in place is often written right on the seal. When the seal is removed by a tamperer, the consumer may not think to look for signs of tampering. Packaging and bottles need much more blatant indicators that are not removed when the seal is removed, and not hidden in tiny lettering somewhere on the package or bottle. Manufacturers understandably do not want their product linked with tampering in the minds of their customers, but unless the tamper-indicating features are more openly flagged on the product, effective tamper-detection by consumers is unlikely.
   
   
6. While it's not so much a problem for pharmaceuticals, food manufacturers like to talk about having a "freshness seal." The use of such euphemisms is not helpful.
   
   
7. The FDA, which must approve OTC tamper-evident packaging, does not appear to have a sophisticated definition for tamper-evident packaging, nor a meaningful standard for evaluating it. (On the other hand, it is not at all clear what such a standard should look like.)
   
   
8. Product tampering with drugs, fortunately, has not been a large-scale recent problem, so there is very little incentive to try to deal effectively with the threat.
   
   
9. A tamperer does not need to remove the seal to tamper with most containers. The bottles or containers themselves need better tamper-detection capabilities.
   
   
10. Over-reliance on adhesives creates a lot of the vulnerabilities.

PM: What strategies are the most effective for drug products? Can you point to a few examples of drug tamper-proofing done right? RJ: We've never seen an example of what we would consider effective tamper-detection for a drug product. (The term "tamper-proof" is most unfortunate. It implies invincibility, which is unlikely, and impossible to prove. Moreover, a seal that can't be tampered with cannot leave behind any evidence that tampering has occurred!)With drugs, it isn't necessarily essential to have the tamper-evident packaging stand up to high-tech, sophisticated, "James Bond" attacks. It just needs to be challenging for an average person with some degree of resourcefulness to defeat it -- which is not currently the case.PM: Explain the CNT ("Call In the Numeric Token") technique. Will consumers readily cooperate?RJ: CNT is an informal, imperfect but relatively painless authenticity check that works down to the consumer level. Counterfeits are spotted because each bottle within a lot has its own unique (non-serialized, unpredictable, 2-3 byte) ID number, and duplicate or fake numbers are spotted immediately as consumers, pharmacists, wholesalers, repackagers, etc. call in using the phone or the Internet.Consumers who are prescribed drugs that would create enormous problems if they were fake—e.g., growth hormone or insulin—might be frequent users of a CNT system (perhaps with the encouragement of their physician), while consumers with less critical medicines might not. It would be entirely up to each individual. One attractive feature of the CNT technique is that it is consumer-oriented and is really for the benefit of the public more than just the pharmaceutical manufacturers. Consumers can choose to ignore CNT completely if they want; unlike proposed track and trace methods, nobody needs to be coerced into doing anything they don't necessarily want to do.The CNT method might well be largely ignored by consumers until such time as there is public panic about specific fake or adulterated drugs. Then the average person would have some ability to check on the reliability of their pharmaceuticals. This will make people feel less helpless, and make them more aware of counterfeiting issues. It will also — in a time of public panic — make it look like pharmaceutical manufacturers are taking an active role in dealing with the problem.CNT's ability to detect fakes gets better the more people that participate, but the more people that participate, the more likely there is a serious (or perceived) problem. Thus, the response is commensurate with the degree of the problem.PM: What are some potential low-tech anti-tampering or anti-counterfeiting technologies that drug manufacturers need to look into more? Why?RJ: More innovative designs are needed. Rather than trying to retrofit existing containers with tamper-detection or anti-counterfeiting features, the containers need to be redesigned from scratch with security in mind, and with thinking more carefully about what we can ask the customer (consumer, pharmacist, or merchant) to do if he/she is truly concerned about counterfeiting and tampering issues.PM: How about high-tech strategies that need more consideration?RJ: There are a lot of interesting new high-tech materials that might be produced at low cost, and that could still be read using low-tech methods (sight, touch, or smell). Anti-counterfeiting or anti-counterfeiting techniques that require high-tech readers are not going to be practical unless those high-tech readers are cheap, small, and very easy for at least a pharmacists' assistant to use.PM: Where does RFID fit into the anti-tampering, anti-counterfeiting mix? Is it being over- or under-hyped?RJ: RFIDs are a great method for doing inventory, and they may be able to bring down the cost of track and trace methods for monitoring the pedigree of pharmaceuticals. They are not, however, security devices. They do not improve the tamper-detection capability of seals, they actually decrease it. They are not effective as anti-counterfeiting tags. This is because RFIDs are cheap and easy to "lift" and counterfeit (as we've demonstrated at Los Alamos), and it is also easy to spoof an RFID reader without counterfeiting the RFIDs. (To "lift" an RFID tag means to remove it from one object or container and place it on another without being detected.)Are they being over-hyped? For inventory, I would say no--although there are many practical problems associated with their widespread use that users will have to deal with at great cost and frustration. For security, yes they are being over-hyped because they provide no significant security. For track & trace, I would say they are being over-hyped only because people seem to think the RFID is the security part of the track & trace. It is not. The security comes from closing the loop with the manufacturer and providing data about where the drugs have been and who holds them now. The RFID just makes that process potentially cost-effective.PM: What should FDA be doing to discourage tampering and counterfeiting?RJ: Four things:

1. I believe the FDA (or DHS or NIH) needs to be funding or otherwise supporting research and development on better tamper-indicating and anti-counterfeiting techniques and technologies.
   
   
2. For anti-counterfeiting, I believe that the FDA's current love affair with RFIDs needs to be redirected towards the true issue: effective track and trace. RFID is just a tool for making track and trace feasible; it is not the essence of the anti-counterfeiting approach. Track and trace also needs to occur all the way down to the consumer, perhaps using something like a CNT technique; otherwise, counterfeiters will just shift their level of operation, and consumers will continue to get dangerous counterfeits.
   
   
3. I think the FDA needs to forget about covert tags and fancy taggants. Secrecy is not a viable long-term security strategy, especially for consumer products that are released in enormous quantities to the public. Besides, pharmaceuticals already contain an almost “unspoofable” tag: their trace contaminants. More effort should be devoted to developing inexpensive, rapid, easy-to-use analytical methods (perhaps even for field use) to uniquely identify drugs.
   
   
4. Criminal penalties for making or dealing in fake drugs are not severe enough.

Click the "Download Now" button below to download Johnston's recent PowerPoint presentation on improving tamper detection systems.