There has been a wave in the global pharmaceutical industry over the past several years, driven by the need for battling the scourge of spurious medicines, which take thousands of lives each year. This wave has led to the evolution of technology to help regulators ensure that only genuine medicines are distributed within or imported into any market, and to empower patients to verify that the medicines they are taking are indeed what they claim to be. Serialization is one of the most widely adopted technologies in this new wave, and in this article we present an overview of this technology and its applications.

What does “Serialization” mean?
The concept of serialization is very simple – allocate a unique identifier (UID) to each package of medicine at the primary (blister pack, aluminium foil, bottle, etc.), secondary (monocarton, multicarton) or tertiary (shipper pack) levels. Often, relationships are created across levels, creating a parent-child hierarchy which is stored in a database and accessible at any time. This facilitates tracking and tracing of these medicines as they move through domestic or global supply chains, with authentication/verification/registration at each point in the supply chain.

Why is it needed?
Allocation of a UID to each package prevents a counterfeiter from infiltrating the supply chain with spurious drugs, which would of course either not have the identifier or have a fake identifier that would not pass verification. This not only gives regulators the assurance that every medicine being sold to consumers within their jurisdictions is safe and from a verified source, but also empowers consumers to check for themselves using multiple channels like SMS, web interface, mobile application or a call centre.

Are there any standards or regulations around it?
Countries around the world have passed regulations requiring serialization on all drugs being distributed within their markets:

• In India, the Directorate General of Foreign Trade passed a regulation in 2011 requiring all drug exporters to implement serialization and track-and-trace on primary, secondary and tertiary levels of packaging. This regulation has already been implemented on the tertiary level in 2011, the secondary level in 2013, and is slated to be in effect on the primary level in 2015. Track-and-trace and government reporting requirements are expected to follow in the coming years.
• In the United States, the Drug Supply Chain Security Act (DSCSA) was signed into law by President Obama in November 2013, setting in motion a process that within ten years will see product identification, tracing and verification as well as detection and response processes for prescription drugs in the U.S. supply chain (Source: fda.gov).
• The European Union passed the Falsified Medicines Directive in 2011 requiring, among other things, authenticity features on outer packaging of medicines. This directive is in the process of being transposed into national law by EU member states, and will be implemented in the coming years.
• Other countries with similar regulations in or about to be in effect include Brazil, China, South Korea, Turkey and Saudi Arabia.
• While many of these regulations require GS1standards of barcoding to be used for serialization, some have adopted proprietary standards. This can have the effect of requiring a drug exporter to comply with different standards with potential for implementation complexity on manufacturing lines. Simplicity and reliability of the technology used for compliance is therefore essential.

How is it implemented?
Serialization implementation has a few components:
Format of the UID
The UID is a number or alphanumeric string of varying length (for example, GS1 standards call for it to be up to 21 characters long). It can be sequential (e.g. 0001, 0002, 0003, etc.), but for extra security, we recommend random alphanumeric strings with no pattern that can be used by a counterfeiter to replicate the system.

Representation of the UID
The UID can be represented as human readable text that is printed directly on the package or on a scratch-off label that is affixed to the package. It can also be encoded into a 1-D or 2-D barcode that is printed on the package and read by a scanner or a mobile phone app. Other representations such as RFID are also possible depending on the particular implementation for which serialisation is required.

Printing of the UID
The UID is printed directly on the package (as human readable text or as a barcode) using a commercial printer, usually a continuous inkjet, thermal inkjet or laser printer. The particular printer of choice depends on resolution requirements, printing speeds, cost, space available and other factors. There needs to be a secure system for generation of the UID, transmission to the printer, printing on the package and feedback in order to create parent-child hierarchies and record rejections.

Verification of the UID
The UID can be verified using an SMS gateway, a mobile app, a website, a call centre, social media or other methods depending on availability and cost. In developing countries, PharmaSecure recommends SMS as the most widespread and inexpensive mode available.

Tracing of the UID through the supply chain
Each time the coded package passes a point in the supply chain, such as a wholesaler, a distributor, a shipping port, a retailer etc., the code on the particular package can be registered using one of the above-mentioned means. These events, taken together, constitute a complete record (Tracking) of the movement of the drug package, which can be stored and provided to regulators or other stakeholders, and investigated(Tracing) in cases of any reported issues.

What is the future of serialization?
The next few years will be quite exciting for drug manufacturers and exporters needing to comply with the regulations of various countries. There will be a need for a comprehensive solution that can be easily implemented, meet quality requirements (e.g. GMP, 21 CFR Part 11), and have the flexibility to be modified as global regulations evolve. Since there are many components of these implementations, it is difficult for any one provider to try to go it alone, and complementary alliances will be beneficial for the entire industry. One example of that is for a serialization software provider to partner with a hardware provider to offer a one-stop shop kind of solution, or with a physical security solution provider (e.g. holograms) to offer a strong solution with aspects of digital and physical security. ASPA provides a great platform for such engagement and we at PharmaSecure look forward to working closely with other members in order to tackle the global drug counterfeiting problem together.