More than just a link: How a simple 2D matrix code becomes a high-tech weapon against product pirates

The Global Challenge: The GS1 2D Matrix Code as a Tool in the Fight Against Product Counterfeiting

Why is protection against product counterfeiting a critical business and social necessity today?

Protection against counterfeit products has evolved from a niche concern to a key strategic imperative for businesses and an urgent societal challenge. The reasons for this are complex, ranging from massive economic damage to acute threats to consumer health and safety. The scale of the problem is global and systemic. According to reports by the Organisation for Economic Co-operation and Development (OECD) and the European Union Intellectual Property Office (EUIPO), counterfeit and pirated goods accounted for up to 2.3% of global trade in 2021, with an estimated value of USD 467 billion. Within the European Union, these illegal imports reached a share of up to 5.8% of total imports in 2019, equivalent to a value of EUR 119 billion.

The economic consequences are devastating. A study of the German economy estimated the damage caused by product and brand piracy at €54.5 billion, resulting in the loss of approximately 500,000 jobs. According to the German Mechanical and Plant Engineering Association (VDMA), the German mechanical and plant engineering sector alone, a key industry, suffers annual losses of over €7 billion. These figures illustrate that counterfeiting not only affects individual companies but weakens entire economies by devaluing innovations, undermining tax revenues, and distorting fair competition.

Beyond purely economic losses, counterfeits pose a direct and often underestimated danger to consumers. 97% of seized goods are classified as products posing a "serious risk." This affects a wide range of industries, including cosmetics, children's toys, electronics, and automotive parts. A counterfeit brake pad set can cause fatal failure, and an uncertified toy may contain toxic substances. The situation is particularly critical in the pharmaceutical sector. The World Health Organization (WHO) estimates that up to 10% of all medicines worldwide are counterfeit; in developing countries, this proportion is even higher. These counterfeit medicines can contain incorrect active ingredients, no active ingredients at all, or even toxic substances, thus posing a life-threatening danger to patients who depend on effective and safe medications.

The dynamics of the problem have changed dramatically in recent years due to the rise of e-commerce. Online marketplaces and direct mail shipping have significantly lowered the barriers to entry for counterfeiters. This shifts the problem from large container shipments that can be intercepted at customs to countless small packages sent directly to end consumers. This fragmentation is making traditional law enforcement increasingly ineffective and requires new approaches that not only secure the B2B supply chain but also involve the end consumer in the protection process.

Ultimately, the threat goes far beyond the immediate financial damage and erodes a brand's foundation: trust. When a consumer unknowingly purchases a substandard counterfeit product, the negative experience is often attributed to the original brand, which can lead to irreparable damage to the brand's reputation. In safety-critical industries, an accident caused by a counterfeit can result in enormous liability claims against the original manufacturer. A robust anti-counterfeiting strategy is therefore no longer a mere cost center for damage prevention, but a strategic investment in the company's market value, risk management, and long-term viability.

Basics of GS1 2D codes

What exactly is a GS1 2D code and how does it differ from a conventional barcode?

A GS1 2D code is a two-dimensional, matrix-like graphic that stores information both horizontally and vertically. This is the fundamental structural difference from a conventional, one-dimensional (1D) barcode, such as the EAN or UPC code, which encodes data exclusively in a horizontal sequence of bars and spaces of varying widths.

This two-dimensional structure has far-reaching consequences. The most important is a significantly higher data storage capacity in a much smaller space. While a classic 1D barcode typically contains only a single piece of information – the Global Trade Item Number (GTIN) for product identification at the checkout – a GS1 2D code can accommodate a wealth of additional data attributes in addition to the GTIN. These include, for example, the batch or lot number, the expiration date, and a unique serial number for each individual product. This transforms the code from a simple price-retrieval tool into a rich, mobile data carrier that provides detailed information about the specific product.

Another functional advantage is omnidirectional readability. 2D codes can be scanned from any angle (0-360 degrees), significantly improving the efficiency and speed of the scanning process. This is particularly beneficial in automated high-speed environments, such as those common in production or logistics, as precise alignment of the product to the scanner is no longer required.

What are the main types of GS1 2D codes for anti-counterfeiting and what are their specific features and applications?

For anti-counterfeit protection and enhanced product traceability, two main types of 2D codes have become established in the GS1 system: the GS1 DataMatrix and the QR code with GS1 Digital Link. Although both are based on 2D technology, they are optimized for different strategic use cases.

The GS1 DataMatrix is visually recognizable by its L-shaped boundary pattern (the "Finder Pattern") and a uniform matrix of square cells. Its greatest strength lies in its extremely high data density. It can store a large amount of information (up to 2,335 alphanumeric characters) in a very small physical space. This property makes it the ideal solution for marking small objects where packaging space is limited. Typical applications are therefore highly regulated industries such as the pharmaceutical industry (marking individual drug packages), medical technology (marking surgical instruments), or the electronics and automotive industries (marking small components). A key feature is that a GS1 DataMatrix contains a special character sequence at the beginning of the data stream, signaling that the subsequent data is structured according to the global GS1 standards. This distinguishes it from a generic DataMatrix code and ensures interoperability within the supply chain.

The QR code with GS1 Digital Link is easy to identify thanks to its three distinctive squares in the corners. It offers an even higher maximum data capacity than the DataMatrix (up to 4,296 alphanumeric characters), but tends to require slightly more space. Its key feature is the integration of the GS1 Digital Link standard. This standard formats the GS1 identifiers contained in the code (such as the GTIN and serial number) into a standardized web address (URL). When this QR code is scanned with a conventional smartphone camera, a web page opens directly in the user's browser. This makes it the preferred code for all applications that aim to interact directly with the end consumer. At the same time, the same code can be scanned by retail point-of-sale systems to extract data relevant to the sales process, such as the GTIN. This creates a multifunctional code that meets supply chain, marketing, and consumer protection requirements.

The choice between these two code types is therefore more than a technical decision; it is a strategic one. The GS1 DataMatrix is optimized for closed, highly regulated B2B supply chains where the primary focus is on the efficient, machine-readable transmission of standardized data for compliance and traceability purposes. The QR code with GS1 Digital Link, on the other hand, is designed for open, consumer-oriented ecosystems. Its strength lies in bridging the gap between the physical product and the digital world, enabling direct consumer engagement. The choice of code type therefore largely depends on whether a company's anti-counterfeiting strategy is primarily based on controlling the supply chain (a "push" approach) or on engaging and informing the end consumer (a "pull" approach).

QR code with GS1 Digital Link or DataMatrix: The most important differences explained

QR code with GS1 Digital Link or DataMatrix: The most important differences explained – Image: Xpert.Digital

The GS1 DataMatrix and the QR Code with GS1 Digital Link differ in several key features. Visually, the GS1 DataMatrix is characterized by an L-shaped "finder pattern" and a uniform matrix, while the QR Code with GS1 Digital Link has three large squares in the corners. The maximum data capacity of the GS1 DataMatrix is up to 2,335 alphanumeric characters, while the QR Code with GS1 Digital Link can accommodate up to 4,296 characters. In terms of size efficiency, the GS1 DataMatrix is very suitable for very small spaces, whereas the QR Code with GS1 Digital Link requires more space. The primary application areas of the GS1 DataMatrix are in industry, healthcare, and technical components, while the QR Code is primarily used in retail, consumer goods, and marketing. Scanning with smartphones often requires a special app for GS1 DataMatrix, whereas QR codes with GS1 Digital Link are natively recognized by most smartphone cameras. Technologically, GS1 DataMatrix is based on the encoding of GS1 Element Strings, while QR codes encode a GS1 Digital Link URL syntax.

The core principle: Serialization and unique identification

How does the principle of serialization work with GS1 standards to give each individual product a unique identity?

Serialization is the process by which each saleable product unit is assigned a unique, non-repeatable identifier. This represents a fundamental shift from traditional labeling, which typically only identifies products at the batch or product level. In the GS1 system, serialization is based on the combination of two central identification keys: the Global Trade Item Number (GTIN) and a unique serial number (SN).

The GTIN identifies the product type – for example, a specific strength and package size of a medication or a specific model of a smartphone. It is the same for all identical products. The serial number, on the other hand, is a unique identifier that is assigned only once for a specific GTIN. The combination of the GTIN of the product type and the unique serial number results in a so-called serialized GTIN (SGTIN), which is unique for each individual package worldwide.

This SGTIN, often along with other key data such as the batch number and expiration date, is encoded in a GS1 2D code (typically a GS1 DataMatrix in the pharmaceutical sector) and printed directly onto the product packaging. This gives each physical item a unique "digital fingerprint" or "digital passport" that enables individual tracking and authentication throughout its entire product lifecycle. The manufacturer generates these unique numbers and stores them in a secure, central database. This database serves as a reference register of all legitimate products manufactured and placed on the market and forms the basis for subsequent authentication.

What role do GS1 Application Identifiers (AIs) play in encoding counterfeit-proof information?

GS1 Application Identifiers (AIs) are two- to four-digit numeric prefixes that give a fixed meaning and structure to the data elements encoded in a barcode. They act as a kind of standardized "grammar" for the data. An AI unambiguously tells the scanning system what type of information follows and what format this information has (e.g., length, data type such as numeric or alphanumeric). This standardized syntax ensures that every GS1-compliant scanner worldwide can interpret the data stream correctly and without ambiguity, regardless of the scanner or software manufacturer.

Four AIs in particular are of central importance for counterfeit protection, as together they define the unique identity and critical attributes of a product:

How GS1 standards protect against product counterfeiting – the four key AIs

How GS1 standards protect against product counterfeiting – the four key AIs – Image: Xpert.Digital

GS1 standards protect against product counterfeiting through four critical Application Identifiers (AIs). The first, the Global Trade Item Number (GTIN), consists of 14 numeric digits and uniquely identifies the product type, such as item, strength, or package size. It forms the base ID on which serialization is built. The batch or lot number, which contains up to 20 alphanumeric characters, groups products from the same production run and is essential for targeted recalls and tracing quality issues. The expiration date, determined by six numeric digits in the format YYMMDD, ensures product safety by preventing the sale of expired or re-dated counterfeit goods. Finally, the serial number, also up to 20 alphanumeric characters long, enables the unique identification of each individual package and is the basis for item-level authentication.

Concatenating these AIs and their associated data in a single 2D code creates a rich and structured dataset. This dataset forms the basis for all subsequent verification and traceability processes, making the code a powerful tool in the fight against product counterfeiting.

What is the GS1 Digital Link and how does it transform a product code into an interactive gateway to digital services for authentication?

The GS1 Digital Link is a global standard that translates proven GS1 identifiers (such as GTIN and serial number) into the structure of a web address (URL). Instead of being a simple string of data interpreted by specialized scanners, the code now contains a direct link to the internet that any smartphone can understand.

When a consumer scans a QR code containing a GS1 Digital Link with their smartphone camera, the link is automatically recognized and opened in the phone's web browser. This link leads to a server controlled by the brand owner. This server, often referred to as a "resolver," analyzes the information contained in the URL – such as the GTIN and, most importantly, the unique serial number – as well as the context of the scan (e.g., the user's location). Based on this analysis, the resolver can intelligently redirect the user to various online content.

This mechanism is particularly effective for authentication: The resolver checks the serial number contained in the URL in real time against the manufacturer's database, which stores all legitimate serial numbers. If the number is valid and is scanned for the first time, the consumer can be redirected to a web page confirming the product's authenticity. However, if the number is invalid, has already been reported as sold, or has been scanned suspiciously often in different locations (a clear indication of a copied serial number on counterfeits), the resolver can display a warning message and instruct the consumer on how to proceed.

This process transforms static product packaging into a dynamic, interactive communication channel. It enables real-time verification by the consumer themselves while offering the option to provide additional information such as recall details, sustainability certificates, instructions for use, or marketing promotions – all via a single scan.

The introduction of serialization represents a paradigm shift in anti-counterfeiting. Traditional security features such as holograms or special printing inks are probabilistic; their authenticity is determined by an expert-based assessment of the probability that they are genuine. Serialization, on the other hand, is deterministic. A unique serial number is either registered as valid in the manufacturer's official database or not. The answer to the question of authenticity is a clear, data-driven "yes" or "no." This eliminates subjectivity and makes authentication scalable, automatable, and accessible to everyone.

Furthermore, the GS1 Digital Link is changing the economics of anti-counterfeiting measures. While serialization is primarily implemented as a defensive measure to comply with regulations and prevent counterfeiting, thus incurring costs, the Digital Link opens up new revenue streams. The same QR code implemented for security can be used by marketing to direct customers to landing pages with special offers, loyalty programs, or cross-selling opportunities. Investing in serialization infrastructure thus becomes a cross-departmental strategic decision that not only incurs costs but can also generate a measurable return on investment.

AI & XR-3D-Rendering Machine: five times expertise from Xpert.digital in a comprehensive service package, R&D XR, Pr & SEM – Image: Xpert.digital

Xpert.Digital has in-depth knowledge of various industries. This allows us to develop tailor-made strategies that are tailored precisely to the requirements and challenges of your specific market segment. By continually analyzing market trends and following industry developments, we can act with foresight and offer innovative solutions. Through the combination of experience and knowledge, we generate added value and give our customers a decisive competitive advantage.

More about it here:

• Use the 5 -fold competence of xpert.digital in one package – from 500 €/month

How GS1 standards make supply chains more secure and efficient – Image: Xpert.Digital

Focus on the supply chain: Complete traceability and aggregation

How do GS1 2D codes enable seamless track and trace from the manufacturer to the end customer?

GS1 2D codes are the central element that enables seamless item-level traceability, also known as Track & Trace. The system works by scanning the unique identifier (SGTIN) in the 2D code at each critical point in the supply chain, and digitally recording the event. These points are referred to as "Critical Tracking Events" (CTEs). Such events include, for example, production, packaging, shipping from the factory, receipt of goods at the distribution center, transfer of stock, and finally delivery to the end customer, for example, in a pharmacy or retail store.

Each scan collects standardized information that answers four key questions: “What?”, “Where?”, “When?” and “Why?”.

What:

The unique product identifier (SGTIN).

Where:

The location of the event, identified by a Global Location Number (GLN), which uniquely identifies each location (factory, warehouse, etc.).

When:

The exact timestamp of the event.

Why:

The business process that took place (e.g. “shipping”, “receiving”, “commissioning”).

This event data is captured and shared in a standardized format, typically using the GS1 EPCIS (Electronic Product Code Information Services) standard. EPCIS acts as a common language that enables all trading partners to exchange traceability data seamlessly and interoperably. By chronologically linking these individual EPCIS events, a complete, digital history is created for each individual product – a seamless chain of custody. This transparency enables supply chain actors to verify a product's legitimate path at any time and quickly identify anomalies, such as the appearance of a product in an unexpected location. Such anomalies can indicate theft, gray market activity, or the introduction of counterfeits.

What is meant by aggregation and how is the hierarchical relationship between individual products, boxes and pallets technically mapped and shared?

Aggregation is the process of establishing a hierarchical parent-child relationship between different packaging levels in logistics. In practice, this means digitally linking the unique identifiers of individual product units (the "children") to the identifier of the next largest packaging unit (the "parent").

The process typically works as follows: Several serialized individual packages (e.g., medicine boxes, each with a unique SGTIN) are packed into a carton or box. This box is sealed and is assigned its own, globally unique identifier: the Serial Shipping Container Code (SSCC). The SSCC is usually encoded in a GS1-128 barcode on a logistics label on the outside of the box. A digital link is then created in the manufacturer's IT system that assigns the SGTINs of all contained individual packages to the SSCC of the box. This process can be repeated over several stages: Several boxes (each with its own SSCC) are packed onto a pallet, and the entire pallet, in turn, is assigned a higher-level SSCC. This creates a nested, hierarchical data structure that digitally accurately reflects the physical reality of the packaging (e.g., pallet SSCC contains box SSCCs, which in turn contain individual product SGTINs).

This aggregation data is captured using an EPCIS aggregation event and shared with trading partners. The immense advantage of this process lies in the increased efficiency achieved through the principle of inference. A logistics partner receiving a sealed pallet no longer needs to open each crate and scan each individual product to verify its contents. Instead, they simply scan the single SSCC code on the pallet. Thanks to the previously shared EPCIS aggregation data, their system immediately and seamlessly knows which crates and which individual product units are on that pallet. This makes item-level traceability practical and cost-effective in high-volume supply chains. If a crate is removed from the pallet, this is recorded as a "disaggregation event" to maintain data integrity.

Without aggregation, seamless serialization would be virtually impossible to implement in practice. The need to manually scan thousands of individual products with each incoming goods shipment would bring logistics processes to a standstill and incur prohibitive costs. Aggregation is therefore the crucial mechanism for ensuring the scalability of traceability.

It becomes clear that the quality and standardized exchange of digital EPCIS data form the true backbone of an interoperable traceability system. The physical 2D code merely carries the primary identifier. The true value and security of the system arise from the standardized, shared digital event data. Incompatible or proprietary data formats would disrupt the chain of information flow and undermine the entire concept of seamless traceability. This underscores the central importance of global standards such as EPCIS and the need for close cooperation between all trading partners across the ecosystem.

Practical examples: Counterfeit protection in various industries

How is the GS1 DataMatrix specifically used within the framework of the EU Falsified Medicines Directive (FMD) to ensure patient safety?

The EU Falsified Medicines Directive (FMD; 2011/62/EU) requires mandatory security features for prescription medicines to prevent counterfeits from entering the legal supply chain. One of these key features is a unique identifier, which must be encoded in a GS1 DataMatrix code on the medicine packaging. This code contains four mandatory data elements structured by GS1 Application Identifiers:

• The Global Trade Item Number (GTIN) as product code (AI 01)
• A unique, randomized serial number (AI 21)
• The batch number (AI 10)
• The expiration date (AI 17)

The protection mechanism is based on a Europe-wide end-to-end verification system that extends from the manufacturer to the point of sale. The process is clearly defined:

Manufacturer: During production, the pharmaceutical company generates a unique identifier for each individual package, prints the GS1 DataMatrix, and additionally provides the package with an anti-tampering device. The manufacturer uploads the generated data to a central European data system, the hub of the European Medicines Verification Organization (EMVO).

EMVO Hub and national systems: The EMVO Hub forwards the data to the respective national medicines verification system (NMVS) of the country for which the medicine is intended. In Germany, for example, this is the securPharm system.

Pharmacy/Hospital (Point of Dispense): Before the medication is dispensed to the patient, the pharmacist or hospital staff scans the GS1 DataMatrix code on the packaging.

Verification and deactivation: The pharmacy's system connects in real time to the national verification system and verifies the authenticity of the identifier. The NMVS compares the scanned data with the data uploaded by the manufacturer. If the code is valid and listed as "active" in the system, authenticity is confirmed. Immediately after successful verification, the serial number is marked as "decommissioned" in the system and cannot be used a second time. If the scan triggers an alert – because the serial number is unknown, has already been marked as dispensed, or other discrepancies occur – the medication cannot be dispensed and is quarantined for testing.

This closed system ensures that each package is checked for authenticity at the last and most critical point in the supply chain – immediately before dispensing to the patient – significantly increasing patient safety.

What anti-counterfeit solutions do luxury goods and spirits manufacturers use with QR codes to combine authenticity, provenance, and customer experience?

In the luxury goods and spirits industries, where brand value, exclusivity, and provenance play a central role, QR codes (often based on the GS1 Digital Link standard) are used as a strategic tool far beyond mere authentication. They serve as a bridge between the physical product and an exclusive digital brand experience.

Authenticity and provenance: A unique QR code on a bottle of wine, a premium spirits product, or a designer handbag acts as access to a "digital passport" for the product. A smartphone scan takes the customer to a verification page that not only confirms authenticity but also tells the story of the product (provenance). This can include information about the origin of the raw materials (e.g., the grapes from a specific vineyard), details of the manufacturing process, the bottling date, or the product's journey through the supply chain. This verifiable provenance is particularly crucial for the growing and lucrative secondary market (resale), as it eliminates counterfeiting and preserves the product's value.

Enhanced customer experience: Beyond mere verification, the scan becomes a gateway to exclusive content. For example, a wine producer can provide tasting notes from the cellar master for that specific vintage, a fashion brand can offer styling tips or runway videos, and a spirits producer can invite customers to exclusive events or tastings. This creates a direct, personal, and ongoing relationship with the customer, long after the actual purchase, transforming the product into an interactive experience.

Practical examples: Brands like Prada use serialized QR codes that lead to a cloud-based certificate of authenticity and ownership history. In the wine and spirits industry, solution providers like Real Provenance or Prooftag often combine unique QR codes with physical security features like holograms. This allows consumers to verify authenticity, learn more about the specific bottle, and trace the distribution chain, helping brands detect unauthorized gray market activity. Some champagne houses apply QR codes to the cap that reveal the full contents only after opening, thus confirming that the bottle has not been refilled.

How do GS1 standards ensure parts traceability and compliance in highly regulated industries such as automotive and aerospace?

In the automotive and aerospace industries, safety and quality are of the highest priority. Traceability of individual components is not just a matter of counterfeit protection, but a fundamental component of safety and quality management, as well as compliance with strict regulatory requirements such as AS9132 (aviation) or AIAG B-17 (automotive).

The key to implementation here is Direct Part Marking (DPM). Instead of printing a GS1 DataMatrix code on a label, it is permanently applied directly to the surface of the component itself, for example, by laser engraving or dot peening. This ensures that the identifier is inextricably linked to the component and remains legible throughout its entire life cycle, even under extreme operating conditions such as high temperatures or chemical exposure.

The GS1 DataMatrix encodes a unique identifier (UID), which typically includes the manufacturer's ID, part number, and a unique serial number. This system enables:

Complete cradle-to-grave traceability: Every safety-critical component, from the turbine blade in an aircraft engine to the airbag control unit in a car, can be seamlessly tracked throughout its entire service life, from its production from raw materials through assembly in the factory to maintenance and repair processes.

Targeted and efficient recalls: If a specific batch of components is found to be defective, manufacturers can use traceability data to determine exactly which vehicles or aircraft these specific parts were installed in. This enables highly precise recalls limited to only the affected units, instead of having to conduct costly and reputation-damaging mass recalls.

Ensuring compliance and interoperability: Using global GS1 standards ensures that data can be consistently captured and exchanged between the countless suppliers, manufacturers, and maintenance organizations in these complex, global supply chains, which is essential for security and compliance.

The industry-specific examples demonstrate that GS1 2D Code technology represents a flexible, modular system. While the core technology – unique serialization – remains the same, its application is shaped by the primary drivers of each industry: In the pharmaceutical industry, it's patient safety that requires a closed-loop verification system. In the luxury goods industry, it's protecting brand equity that leads to open, experience-oriented consumer solutions. And in aerospace, it's managing the lifecycle of safety-critical assets that necessitates permanent marking that will last for decades.

GS1 2D codes: Cross-industry solutions for greater security and trust

GS1 2D codes: Cross-industry solutions for greater security and trust – Image: Xpert.Digital

GS1 2D codes offer cross-industry solutions for increased security and trust. In the pharmaceutical industry, patient safety and compliance with regulatory requirements such as the FMD are paramount. The GS1 DataMatrix code, which contains data such as the GTIN, serial number, batch, and expiration date, is typically used here. These codes enable end-to-end verification upon dispensing, thus preventing counterfeits from entering the legal supply chain. In the luxury goods and spirits sectors, QR codes with GS1 Digital Link primarily serve to protect brands, enhance the brand experience, and enable traceability of origin. In addition to the GTIN and serial number, they also contain web links and enable easy consumer authentication and storytelling, which strengthens brand trust, promotes customer loyalty, and supports the secondary market. In the automotive and aerospace industries, security, quality, and lifecycle management are crucial. The GS1 DataMatrix code is often used as Direct Part Marking (DPM), which includes the part ID, serial number, and manufacturer ID. This allows for seamless component traceability and targeted recalls through scans during assembly and maintenance.

Independent AI platforms as a strategic alternative for European companies – Image: Xpert.Digital

Ki-Gamechanger: The most flexible AI platform – tailor-made solutions that reduce costs, improve their decisions and increase efficiency

Independent AI platform: Integrates all relevant company data sources

• Fast AI integration: tailor-made AI solutions for companies in hours or days instead of months
• Flexible infrastructure: cloud-based or hosting in your own data center (Germany, Europe, free choice of location)

• Highest data security: Use in law firms is the safe evidence
• Use across a wide variety of company data sources
• Choice of your own or various AI models (DE, EU, USA, CN)

More about it here:

• Independent AI platforms vs. hyperscalers: Which solution is right for you?

Multi-layered counterfeit protection: Shaping digital transformation with GS1 2D codes – Image: Xpert.Digital

Advanced security strategies to increase counterfeit protection

How can security be further enhanced by combining GS1 2D codes with physical features such as holograms?

Combining a digital security feature like the GS1 2D code with a physical security feature like a hologram creates a multi-layered security solution whose protection exceeds the sum of its parts. This approach significantly increases the hurdles for counterfeiters, as they must now overcome two fundamentally different technologies simultaneously.

A key approach is to integrate the QR code directly into a holographic security label. This works on several levels:

Overt and covert features: The hologram itself serves as an overt (visible to the naked eye) security feature, which is very difficult to replicate exactly due to its complex, microscopic structure. Additionally, covert features such as microprinting, nanotext, or UV-fluorescent inks can be integrated into the hologram. These features can only be verified with special tools and represent an additional layer of security.

Two-factor authentication for the product: This combination establishes a form of two-factor authentication. A counterfeiter would not only have to replicate the physically complex hologram, but also guess or duplicate a valid, unique serial number from the manufacturer's digital system. A consumer or verifier can first perform a quick visual inspection of the hologram and then scan the QR code for final digital verification.

Tamper-Evidence: These security labels are often designed to be destroyed upon attempted removal or to leave a permanent pattern (e.g., a "VOID" inscription) on the product surface. This effectively prevents an authentic label from being removed from a genuine product and applied to a counterfeit.

The strength of this hybrid solution lies in its synergy. The physical feature protects the digital one, and vice versa. A QR code alone can be duplicated with a high-quality copier, while the digital data remains identical. However, if this QR code is embedded in a hologram, a simple copy fails due to the hologram's physical complexity. Conversely, the unique serial number in the QR code protects the physical label. Even if a counterfeiter succeeds in perfectly replicating the hologram, scanning the embedded QR code would reveal an invalid or previously used serial number, exposing the counterfeit. For high-value products, this multi-layered approach therefore offers exponentially higher security than a purely digital or purely physical solution.

What added value does combining GS1 standards with blockchain technology offer compared to traditional, centralized databases?

The combination of GS1 standards with blockchain technology addresses fundamental challenges regarding trust, data integrity and transparency in complex supply chains consisting of many independent actors.

In a traditional, centralized model, the manufacturer maintains a database containing all valid serial numbers. Other trading partners must query this central database to verify a product. This model presents two major vulnerabilities: It creates a single point of failure and requires all partners to blindly trust the manufacturer's data integrity and availability.

Blockchain technology offers an alternative approach. It is a decentralized, immutable, and distributed database (distributed ledger). When GS1 standards are deployed on a blockchain, EPCIS traceability events (the "what, where, when, why") are recorded as transactions in this shared, distributed ledger. All authorized partners in the supply chain have access to an identical copy of this ledger.

The specific advantages of this combination are:

Decentralized trust: No single party owns or controls the data. The validity of a transaction is confirmed by the network's cryptographic consensus mechanism. This eliminates the need to trust a central authority and creates a trustworthy environment between partners who otherwise might not necessarily trust each other.

Immutability: Once a transaction (e.g., a shipping event) is recorded in the blockchain, it can virtually never be changed or deleted. This creates a permanent, tamper-proof audit trail, which is invaluable for proving provenance and combating counterfeiting.

Increased transparency and interoperability: All authorized participants see the same "single version of the truth." This reduces data discrepancies, reconciliation effort, and disputes between partners. GS1 standards such as EPCIS provide the necessary standardized data structure to make the information on the blockchain understandable and interoperable for all participants.

It's crucial to understand that blockchain doesn't replace GS1 standards, but rather provides an alternative, potentially more secure, and trustworthy infrastructure for their application. GS1 provides the semantics – the "language" and "grammar" that gives data its meaning (e.g., "This GTIN was dispatched by this GLN at this time"). Blockchain provides a robust technological foundation for recording these standardized statements in a tamper-proof and transparent manner for all parties involved.

Implementation in practice: challenges and solutions

What are the biggest technological hurdles in implementing serialization (e.g. print quality, line speed, data management, system integration)?

The introduction of item-level serialization presents companies with significant technological challenges that extend across the entire production and IT areas.

Print technology and product handling: One of the biggest hurdles is reliably printing unique, high-quality 2D codes at high line speeds. Production lines are often not designed for precise marking. Factors such as conveyor belt vibrations, minimal fluctuations in product positioning, or complex packaging geometries can result in distorted, blurred, or incomplete codes that fail subsequent verification. The choice of print technology (e.g., thermal inkjet, laser, thermal transfer printing) must be carefully matched to the substrate material (e.g., glossy cardboard, dark foils, metal) to ensure the contrast required for scanning. While laser markers offer permanent markings, they often face a trade-off between high speed and optimal print accuracy.

Verification and quality control: Simply printing a code isn't enough; it must also be verified inline immediately after printing to ensure it meets strict quality standards such as ISO/IEC 15415. A code that is readable under ideal factory conditions may fail in a poorly lit warehouse or at a checkout with a different type of scanner. This requires investment in specialized verification systems (verifiers) that evaluate codes based on multiple parameters such as contrast, modulation, axial non-uniformity, and error correction, and assign a quality score. A poor-quality code is not just a technical problem but a financial and regulatory disaster. It leads to scrap, rework, and, in the worst case, the rejection of entire shipments by trading partners, resulting in significant costs and delivery delays.

Data management and IT infrastructure: Serialization generates immense amounts of data. A large pharmaceutical company can easily generate billions of unique serial numbers per year. Managing this data requires a robust and scalable IT infrastructure. This is often mapped out in a multi-tiered model (Level 1 to Level 5): from device control on the production line (L1/L2) to the site management system (L3) and the company-wide enterprise system (L4) to communication with external partners and authorities (L5). Building and maintaining this complex architecture is a significant challenge.

System integration: One of the most difficult and error-prone tasks is integrating new serialization systems into the company's existing IT landscape, especially enterprise resource planning (ERP), warehouse management (WMS), and manufacturing execution systems (MES). Incompatibilities, complex interfaces, and data inconsistencies are common problems that can lead to system failures and corrupted data.

What organizational challenges do companies have to overcome when implementing serialization solutions?

The organizational challenges in implementing a serialization solution are often even greater than the technological ones and are frequently underestimated.

Cross-departmental coordination: Serialization is not an isolated IT or packaging project. It profoundly affects processes in production, logistics, quality assurance, purchasing, sales, and marketing. The greatest risk for project failure is a lack of coordination between these departments. Establishing a cross-functional project team from the outset is therefore essential to ensure that all requirements and dependencies are taken into account.

Training and skills development: All employees who come into contact with the new processes and technologies – from line operators and warehouse workers to quality inspectors and IT administrators – must be comprehensively trained. Companies must specifically develop internal expertise, as the topic is multidisciplinary and combines skills from IT, engineering, automation, and quality assurance.

Collaboration with trading partners: A serialization system only achieves its full potential when data can be seamlessly exchanged with suppliers, logistics service providers, and customers. Early and clear communication is crucial to ensure that partners are technically and procedurally capable of receiving and processing the serialized data.

Change management and implementation strategy: The introduction of serialization represents a fundamental change in business processes. Rather than a "big bang" implementation, a step-by-step approach is strongly recommended. A pilot project initially limited to one product line or location allows the company to gain valuable practical experience, optimize processes, and eliminate teething issues before rolling out the solution company-wide.

What are the cost factors involved in implementing a track and trace system based on GS1 2D codes?

The costs of implementing a track and trace system are significant and comprise a variety of direct and indirect factors. Focusing solely on the initial hardware costs leads to a dangerous miscalculation of the total cost of ownership (TCO).

Hardware costs: These are the most obvious costs and include the purchase of printers (e.g., thermal inkjet, laser), camera systems for scanning and verification on each packaging line, and the necessary server and network infrastructure for data processing and storage.

Software costs: This includes license fees for the serialization software, especially for the higher-level site and enterprise-level (L3/L4) systems. Pricing models vary widely, from monthly subscription fees for cloud-based SaaS solutions (ranging from $50 to $500 per month) to high one-time license costs for on-premises installations, which can start at $75,000 and exceed significantly.

Integration and customization costs: This is often one of the largest and most difficult cost items to calculate. Connecting serialization software to existing enterprise systems such as ERP and WMS requires specialized development work. Depending on the complexity, the costs can range from $5,000 to $15,000 for simple API connections to over $50,000 for complex integrations.

Implementation and training costs: These include the services of the solution provider or external consultants for system configuration, data migration, project management, and staff training. These costs can range from $10,000 to $30,000 or more.

Ongoing operating and maintenance costs: After implementation, ongoing costs arise. These include annual software maintenance fees (often 15-20% of the original license cost), consumables costs (ink, labels), and technical support fees.

Overall, the initial investment costs for a single packaging line in the pharmaceutical industry can range from $5 million to $15 million, depending on its complexity. It's clear that the "soft" costs for software, integration, and services often far exceed the hardware costs and account for the largest portion of the total investment.

GS1 2D code: Key to more transparent and secure product tracking

Finally, what are the key strategic advantages of the GS1 2D matrix code for a comprehensive and future-proof anti-counterfeiting strategy?

The GS1 2D code is far more than just a technical upgrade of the traditional barcode; it is the cornerstone of a comprehensive and future-proof strategy for anti-counterfeiting and digital supply chain transformation. Its key strategic advantages can be summarized in five core areas:

• Unique, deterministic authentication: The code enables the transition from probabilistic, judgment-based security features to deterministic, data-driven verification. Authenticity is determined through a binary database query, providing a significantly higher level of security and reliability.
• Complete supply chain transparency: Through item-level serialization and traceability, companies create unprecedented transparency from raw material to the end consumer. This not only enables effective counterfeit protection, but also optimizes inventory management, enables surgically precise recalls, and strengthens the overall integrity and resilience of the supply chain.
• Global regulatory compliance: GS1 standards form the foundation for meeting complex international regulations such as the EU Falsified Medicines Directive (FMD) and the US Drug Supply Chain Security Act (DSCSA). Implementing a GS1-based solution not only protects companies today but also prepares them for future regulatory requirements worldwide.
• Direct channel to the consumer: The GS1 Digital Link, in particular, transforms the product itself into an interactive medium. Brands can build a direct relationship with the customer, engender trust through transparency, provide valuable information, and sustainably strengthen customer loyalty through personalized experiences – far beyond the moment of purchase.
• Foundation for digital transformation: The global "Sunrise 2027" initiative, which is driving the transition to 2D codes at the point of sale, signals an irreversible change. The introduction of GS1 2D codes is not an isolated project, but a fundamental step toward a digitized, data-driven, and connected global economy. It creates the technological foundation for future innovations in sustainability, the circular economy, and personalized services.

In summary, the implementation of GS1 2D codes fundamentally changes the role of product packaging: from a passive container to an active, connected data hub. Packaging becomes a strategic asset – a data carrier and communication channel that creates measurable added value across the entire value chain, from logistics to marketing to customer service. Companies that actively shape this transformation today not only protect their products from counterfeiting but also lay the foundation for their future success in an increasingly digital world.

☑️ Our business language is English or German

☑️ NEW: Correspondence in your national language!

Konrad Wolfenstein

I would be happy to serve you and my team as a personal advisor.

You can contact me by filling out the contact form or simply call me on +49 89 89 674 804 (Munich) . My email address is: wolfenstein ∂ xpert.digital

I'm looking forward to our joint project.

☑️ SME support in strategy, consulting, planning and implementation

☑️ Creation or realignment of the digital strategy and digitalization

☑️ Expansion and optimization of international sales processes

☑️ Global & Digital B2B trading platforms

☑️ Pioneer Business Development / Marketing / PR / Trade Fairs