Pharma RFID: A Reality Check from GSK’s Geoff Power. Is FDA Missing the Point?

Last month, a major industry summit on RFID was held in Prague, at which Geoff Power, director of packaging security, made a concise presentation detailing exactly what pharma RFID is not.  Buyer beware. First, he said, RFID is a data carrier, not a security solution. Second, the technology can't be called robust yet, since tags fail. Third, it's not secure, since Los Alamos' National Laboratory Vulnerability Assessment Team has shown that data can be altered.  "Starting with zero knowledge," researcher Dr. Roger Johnston wrote, "it took two weeks and less than $20 in parts to demonstrate five different defeats."  More powerfully, he stated, "FDA misses the point: RFID is NOT security." Going down his list, pharma RFID also is not:
  • proven
  • affordable (at 20 cents per tag)
  • cost effective, since there is not yet a business case on counterfeiting
  • appropriate for many global markets, since regions where counterfeiting is most rampant, lack the technical infrastructure required
  • accessible to end users
Power outlined the European Federation of Pharmaceutical Industries and Associations (EFPIA) solution now being scoped out for drug supply chain surety. For the manufacturer,, this would involve serialized unique package numbering (in the form of a 2-D barcode), which would be read at the end of the line, and transferred to a common database.  At te pharmacy, this code would be scanned at the point of dispensing, where a database would allow authentication and check for recall/expiry status. RFID has great potential and there's no doubt about it, and it can help in security efforts, but it's more of a supply chain management than a security tool, experts say. Stay tuned for more coverage. -AMS