It seems we can hardly go a week without hearing of new counterfeit coins surfacing. It is a problem as old as the hobby it continually undermines. Keeping collectible coins honest is especially troublesome today because counterfeiters have become quite adept at thwarting the security precautions employed by third party graders (TPGs). It is a predicament for collectors and dealers alike as it creates instances of distrust between buyer and seller.
The grading companies attempt to combat fakers’ efforts with a barrage of security precautions. TPGs use features like holograms, micro printing, serial numbers that are searchable on their websites, special composition holders that can be detected and fakes weeded out, and QR codes. Unfortunately, none of these precautions are adequate, and all of them are able to be bypassed, faked, or are a pain in the butt to utilize.
A good security solution needs to have two features; it must be easy to use and nearly impossible to replicate. Enter Near Field Communication (NFC) tags.
NFC tags are paper-thin electronic storage chips that hold small amounts of data. An NFC enabled device (i.e. smartphone or tablet computer) generate a small electromagnetic field that, when it passes close to a tag, acts as the tag’s power source, activating it. The tag then transmits the small amount of data to the device.
It is the same kind of technology employed by security card readers on office buildings — the kind where you wave your ID badge in front of a card reader to unlock the door — only smaller.
Most high-end smartphones and tablets are equipped with NFC technology. A list of NFC capable devices can be found here.
Using NFC as a form of coin security and authentication would be simple. Here is how it could work:
- TPGs insert an NFC tag into the label used in the coin holder (slab). The tag will have been pre-programmed with a unique, randomized, and encrypted identification code.
- The coin enthusiast (user) downloads a free app from the TPG to their NFC equipped device.
- When visiting a coin show/shop, the user turns the app on. If they find a coin that piques their interest, all it takes is a wave of the smartphone or tablet to read the code.
- The app then pops up on the screen and its software takes less than a second to de-crypt the NFC tag’s code and verify that it is authentic.
The key to the TPG’s app would have to be that it never displays the authentication code from the NFC tag. It would simply give the user a yes/no answer about the slab being genuine. That way, if a counterfeiter had downloaded the app in an effort to learn the authentication codes, it would not work.
This is one of many examples of how technology can enhance the collecting experience. For a pursuit that is largely about study and education, numismatics is rather insular. It is unfortunate that our hobby has fallen behind the times, but it’s never too late to turn it all around.
Kendall Bailey writes about numismatics at The Coin Blog.
I like the idea. How open are the TPGs in regards to trying something like this?
Martin Coetzee says
I’m afraid you have not found the solution to the security issue you face. This will be hacked in the same way that bar code readers that read credit card bar codes broke that type of security:
1. You take a “secured” slab and wave your NFC reader over it.
2. The slab issues a code and the NFC reader records the code.
3. You write the code onto an NFC circuit and place it into your counterfeited slab.
4. When someone waves their NFC reader over it it will produce the key that it has had written onto it.
5. The person thinks they have a legit purchase.
The example you use for a security example – office card readers is a very bad example as it is not NFC (it is RFID) and it is trivial to copy an office card and gain access with the counterfeit card.
It would be much more worthwhile employing some of the top security professionals and getting them to create a secure system than just guessing that something is secure. For something to be secure it needs to be developed with security community input and tested heavily by multiple parties and then you might approach something like the security current encryption keys have.
But there is an additional problem – nothing will stay secure just like current encryption schemes. So as the slab ages the “old” technology in the slab will become more and more prone to being cracked and becoming untrustworthy. This is why you see security professionals continuously developing new encryption schemes. As the current ones age more powerful computers can crack them so there is a continuous arms race in place between security researchers and the black hats. This problem is exactly the same as those faced by the coin collecting community and the security researchers that are some of the smartest people on the planet have not cracked it so I don’t think you’re going to crack it over breakfast and croissants. 🙂
Sorry, I know I sound harsh but the area you’re discussing is pretty unforgiving. As you probably know it looks like one of the most secure organisations on earth, the NSA, was hacked recently. It’s a difficult problem which does not seem to have a single-technology solution.
Mark Robinton says
I love the idea and we have already created a secure NFC tag which could be used for this purpose. It does not even require an application on the phone, all the security can be done at a web server level which makes the user experience that much better.
Please reach out to me and and I can share more details on our solution.
joe s says
this sticker idea will be trash in no time
Ed Snible says
For this to be unhackable the TPG’s app should do two things.
It should be able to verify the slab’s serial number and bring up the details on the phone, similar to https://www.ngccoin.com/certlookup/ . The app user should verify the picture matches the coin.
A further improvement is the improvement of switching from a magnetic strip to a chip in your credit card.
However, the simple strategy of displaying the TPG’s picture will work except in cases where the slab has cloned a nearly-identical coin with similar picture (e.g. modern MS70s that all look the same).