A travel mug designed in “Ausin,” Texas, and “mede” in China. Some Urban Decay eyeshadow primer that’s a few shades wrong, inside some slightly off packaging. Those were some of the 20 items purchased from third parties on popular e-commerce sites that proved counterfeit — among 47 assessed — in a 2018 Government Accountability Office report that called for an evaluation of the effectiveness of current intellectual property rights enforcement.
The problem appears to be growing. A 2019 Organisation for Economic Cooperation and Development report shows a pronounced increase, from $200 billion in fake goods, in 2005, to $509 billion in 2016.
More than just devaluing brands, knockoffs can also pose serious health and security threats. The GAO report spotlights counterfeit airbags and pharmaceuticals, a problem exposed further by the pandemic, and even integrated circuits “destined for Department of Defense supply chains.” Lawmakers invoked the GAO report in March, when they proposed legislation that would make e-commerce sites like Amazon, on which third parties operate, liable for counterfeits — a proposal that was introduced with rare bipartisan accord.
Up the I-95 corridor from D.C., in the Boston area, some MIT Research Labs alumni have developed a high-tech countermeasure to such supply chain vulnerabilities. DUST Identity has created a system that uses the quantum properties of low-cost, unclonable diamond dust to track and authenticate parts and components. (DUST stands for Diamond Unclonable Security Tag.)
It sounds like the stuff of Cold War spy fiction, but the benefits are very real.
“We’re providing the ability to trust things,” said DUST Identity co-founder Ophir Gaathon.
DUST has generated interest and investment in a way that mirrors the landscape described in overviews like the GAO report — an intersection of national security and commercial interest, from both consumer safety and brand value perspectives.
“It’s essentially identity management for physical objects.”
Airbus Ventures and Lockheed Martin Ventures both contributed to a $10 million Series A investment round last year, and industries that have both defense and commercial wings — like electronics manufacturers, additive manufacturers and logistics operators — have used DUST. Some automakers and luxury-goods companies have also taken notice, because it can be so difficult to source and trace parts. It could even potentially help boost the integrity of voting machines.
(For obvious reasons, Gaathon did not volunteer specifics about how clients use DUST. Built In reached out to Airbus, Lockheed Martin and SAP for general context about what category of parts might be secured with the system, but they did not return requests.)
Gaathon’s position has granted him a clear view of the supply chain sausage-making process, and it’s not always appetizing.
“Being able to authenticate components or sub-parts that go into assemblies really relies on trusting the vendor,” Gaathon said. “You make an assumption that the vendor will do good by you. Unfortunately, we’ve seen time and again that, either by error, economic incentive or security issues with a nation state actor, you’re not necessarily going to get the components you think you’re supposed to get.”
A Universe of ID Possibilities
For DUST, the answer to this big supply-chain challenge is small — nanoparticle small.
Here’s how it works: A dust of nanoscale diamonds, blended with one of several possible polymers, is applied to a part or component. Thousands of randomly distributed crystals create a distinct fingerprint, which can’t be reverse-engineered or cloned.
That’s because of a pretty remarkable opportunity that diamonds afford: Each identification is informed not only by the position of each crystal, but also the orientation of each crystal in relation to all the others. Added up, that creates a mammoth number of possible distinct fingerprints: more than 10230, according to DUST. Those orientations are made clear because the dust comes from engineered, nitrogen-vacancy diamonds, in which some carbon atoms are replaced with nitrogen ones.
And because we’re dealing with infinitesimal size — it can be applied at 0.0025mm2 — components as tiny as individual circuit resistors can be tagged.
The technology can also be used as supercharged security tape. Even if a thief replaced one of DUST’s anti-tamper stickers from goods, they could hardly replace it with another, with just-so distributed dust. Any tears or tampering would be evident in the dust pattern too. But the polymer blend has a high-stress threshold, which means simple jostling won’t disrupt the tag readability.
“The random nature of how [nanocrystals] fall, roll and tumble creates a fingerprint that is unique in the universe.”
“The random nature of how they fall, roll and tumble creates a fingerprint that is unique in the universe,” Gaathon said. “And that allows us to basically create a physical anchor that will allow us to associate information at different stages across the value chain.”
That means that, once the fingerprint is generated and loaded into the system, anyone along the supply chain with a DUST ID scanner can verify that the contents are the real thing and haven’t been meddled with.
“It’s essentially identity management for physical objects,” Gaathon added.
A Quantum Solution
The roots of DUST’s solution lie in one of the most buzzed-about emergent technologies: quantum computing. A stable, commercially scalable quantum computer will be a genuine watershed — a new class of machine that could usher in breakthroughs in drug discovery, financial modeling, materials science, artificial intelligence and more. But note the will be. Despite real milestones in quantum computing, including Google’s much-publicized “quantum supremacy” claim last year, researchers haven’t mastered a way to stabilize such processors’ highly noisy computational bits, called qubits.
That’s where diamonds come in. The most prominent method of quantum processing uses superconductors — that’s where IBM and Google are focused — but researchers have also found promising results with qubit systems based on, yep, nitrogen-vacancy diamonds. Notably, those don’t require the kind of herculean cooling systems that superconducting systems need.
“Diamonds happen to have very unique physical attributes that are associated with being able to hold qubits for a relatively long time at room temperature,” Gaathon said. “That’s the Holy Grail for quantum computers — the ability to operate not at very cold temperatures where quantum coherence can be longer, but actually operate at room temperature and still have quantum memory.”
Gaathon was exploring this very line of study during his time at the Massachusetts Institute of Technology.
“Dust is dust. It’s diamond dust, but we make it at scale.”
But regardless of method, even the sunniest optimists don’t anticipate quantum computers being commercially viable within even 10 years, and many expect the road to be far longer. That extended, murky timeline in part led Gaathon and some of his colleagues to explore other potential use cases that leveraged the same properties.
“Time horizons for those things are pretty long,” he said. “And we wanted to make sure that there’s a way for us to engage with customers and bring value faster.”
Turns out, the same property in diamonds that allows quantum information to be carried — the NV center — can also in effect create a sensor.
“If you have a system that is stable for a certain time, and you can put it in an unstable state because of external conditions, you’ve built a sensor,” Gaathon said.
Imagine a ball shifting across a shaking table, he said, by way of analogy. The ball movement is a sensor, allowing you to detect if the table is shaking.
“We used a qubit not to create memory, but to detect instabilities in the environment,” namely magnetic field disruptions, he said. “That was sort of like a quantum sensor.”
The commercial potential became clearer for Gaathon and his colleagues — DUST co-founders Jonathan Hodges and Dirk Englund, who currently leads the university’s Quantum Photonics Laboratory — especially as they developed the software and hardware to “talk” to the diamonds, namely a scanner system that leverages that magnetic resonance, and records and verifies nanodiamond distribution and orientation patterns. (DARPA took notice, too, investing $2 million in the project.)
And it all relies on the same kind of “quantum-engineered” diamonds that quantum computing researchers continue to investigate.
So if quantum processing will take us to another planet, computationally, then Gaathon and his crew at MIT “didn’t go to Mars — but we got to orbit,” he said, and that launched their supply-chain-security mission.
Diamond Dust Is Cheaper Than RFID Tags
Diamond nanocrystals, quantum engineering — without context, it all probably seems impossibly expensive. But once Gaathon learned the landscape of supply chains, it was clear that scalability — and therefore cost-effectiveness — would have to be paramount in any viable solution.
To that end, industrial diamond particulate is not exactly the stuff of Cartier watches. “Dust is dust,” Gaathon said. “It’s diamond dust, but we make it at scale.” Deployment for a-million-and-up products costs “fractions of a cent,” according to Gaathon.
He thinks it stacks up better than competing security options, like RFID tags, which are robust in terms of security and easy to operate, but more expensive, or barcode scanning, which is simple and cheap, but far from secure.
The fact that users can pick and choose how much coverage they need along their supply chain helps too. “We can build models that allow for customers to have dust on many devices, or have a limited number that go where they actually need those enhanced security needs today — and then work with that organization to expand how many customers can tap into that new capability,” he said.
In other words, target the big vulnerabilities, then widen adoption as needed. Companies “need to be able to close well-defined gaps,” Gaathon said. “Tackle that first, then expand either upstream or downstream.”
