133

The UK is getting a new £1 coin. Its designers, the Royal Mint, claim that unlike current coins, it includes built in technology for high speed authentication and verification everywhere from ATMs to vending machines and point-of-sale.

How does this work? Something like RFID? Does this mean the coins (and therefore their users) can be tracked?

MCW
  • 2,572
  • 1
  • 15
  • 26
Colin Pickard
  • 1,800
  • 2
  • 11
  • 14
  • 4
    Are counterfeit coins actually an issue in the UK? Or is this more a show for the public, along the lines of *'look how safe and stable our currency is'*? The investments needed for coin forgery seem to stand in no relation to the possible gains. I mean it's 1£ after all... – fgysin Nov 12 '15 at 15:14
  • 3
    @fgysin approximately 45 million fakes in circulation, or 3% of the total http://www.theguardian.com/money/blog/2012/apr/02/how-to-spot-fake-one-pound-coin – Colin Pickard Nov 12 '15 at 16:53
  • 1
    This is all over the UK news today, with no one giving any details at all beyond "there's a security feature; it's secret". Hooray for StackExchange for having actual information! – teedyay Feb 27 '17 at 10:11

4 Answers4

99

They are using a system called ISIS which also has some more details available here. It appears to be a form of micro-tagging embedded within the currency itself (based on the comment the same technology has been used in fuels and perfumes).

Basically, a specially manufactured particle is constructed and then mixed as an additive with the coin. This additive can later be detected automatically. Since the composition of the additive is unknown, it can't be reproduced easily but yet machines can read the signature of it.

The tagging technology can be used to tag specific coins (this is done for some high end unique items that are tagged), but it would generally be very expensive to do so. It is far more likely that a standard formulation is used for all coins of a given value. It would also still very likely require that the coin be directly handled to read as it is not a radio based technology.

Mingye Wang
  • 103
  • 4
AJ Henderson
  • 41,816
  • 5
  • 63
  • 110
  • 15
    Interesting - like a chemical 'proof-of-work hash'. – deed02392 Mar 19 '14 at 13:52
  • 7
    [SmartWater](https://en.wikipedia.org/wiki/SmartWater) comes to mind. – Andrew Leach Mar 19 '14 at 16:32
  • 2
    @deed02392 I was just going to comment that! However, this seems more like encrypting passwords with the same pass rather than hashing them; break one to break them all. – Francisco Presencia Mar 20 '14 at 14:45
  • Is it a radioactive material? – Chloe Mar 20 '14 at 23:35
  • @Chloe - I doubt it, that wouldn't be a very good thing for something people handle. There is no reason it should need to be. – AJ Henderson Mar 21 '14 at 01:47
  • 15
    "Since the composition of the additive is unknown" also known as "security through obscurity". Or am I wrong? I know nothing about coins. – Prinzhorn Mar 21 '14 at 07:21
  • 25
    @Prinzhorn "Security though obscurity" is a term used to describe keeping the implementation secret. The equivalent implementation details here are far from secret - they are actually disclosed in a patent application, as describe in Adam Davis' answer. The secret composition of the additive is akin to a *cryptographic hash function* like SHA-1 - everyone can see the *digest* (the coin), verify it (matching the luminescent profile) and check the implementation (at least as far as divulged in the patent) but you cannot forge a matching coin without knowing the *input*. – Colin Pickard Mar 21 '14 at 10:39
  • @ColinPickard thanks for the detailed answer. Following this analogy, what if the secret leaks? In software development the user would just change their input (password) and we'd updated the hash. But this would mean destroy/"update" every single coin. – Prinzhorn Mar 21 '14 at 11:00
  • 7
    @Prinzhorn key management is a hard problem. Similar to leaking your secret cola recipe, your CA root certificate, or the plans on the eve of your invasion. There are some good known ways of reducing the risk, but ultimately you must trust some person or combination of people with the ability to make genuine coins. – Colin Pickard Mar 21 '14 at 11:10
  • Even when there's only one mint producing coins (single building/facility/whatever), there's usually several machines, and probably one or more spare molds (in case one breaks). So losing the key is essentially a related problem to losing one of the molds... – Clockwork-Muse Mar 22 '14 at 11:55
  • 2
    @Clockwork-Muse - which brings up a valid point that really, the complexity of building all the pieces needed to make the coin is part of the key protection itself. You need a highly detailed mold that will match exact details, you need an unknown chemical composition, which if well designed, should be very hard to figure out how it is made even if you had a sample, you have alloys of material that probably follow similar protection. It's all really key management. The information you need to make a genuine coin is protected and split among different individuals. – AJ Henderson Mar 22 '14 at 15:45
76

The Royal Mint indicated that the technology is patented, and having relatively few patents under its name it seems likely that they are tagging their coinage with embedded luminescent particles.

Abstract:

Formation of an authentication element by deposition of a metal layer with embedded particles on a metal substrate, wherein the embedded particles are configured to convert energy from one wavelength to another. The embedded particles may be upconverters, downconverters, or phosphorescent phosphors, which can be detected and measured with analytical equipment when deposited in the metal layer. A metal substrate may include coinage.

Essentially they are embedding inorganic fluorescent compounds into the metal plating on the coin. When a certain spectrum of light is shone on the coin, these particles absorb that energy and emit a different spectrum. So, depending on the particle they embed, the detector may be as simple as a UV LED and a light sensor at a specific wavelength.

By integrating different ratios of different particles they can differentiate between different coins, for instance.

Further, the patent explains that the plating process generally includes many layers of plating. They can add different mixes at each layer, and thus tell how well-used a coin is, by how many of the upper layers are removed. Aging the coin can be useful to determine when to take it out of circulation before these particles are entirely removed.

This technology can also be used in automotive parts, and technology equipment to defeat counterfeiting. For instance if you replace your iPhone screen with a counterfeit part, unless the counterfeiter goes to the trouble of matching the exact luminescent profile, Apple may be able to detect that you broke your phone's warranty, should Apple choose to use such technology to protect themselves from counterfeit products.

The technology doesn't include any sort of serial number or tracking component, so tracking coins through the system is unlikely, but perhaps other techniques they apply to the coins could be used for that purpose.

Adam Davis
  • 1,071
  • 7
  • 11
  • 2
    The patent applicant in the US is [Authentix, Inc](http://www.authentix.com) so there may be more information if you browse through [their patents](http://worldwide.espacenet.com/searchResults?compact=false&ST=advanced&locale=en_EP&DB=EPODOC&PA=AUTHENTIX+INC). – Adam Davis Mar 19 '14 at 18:42
  • 9
    One patent filed in the same timeframe covers the reading mechanism, which flashes light at the tag (the luminscent material is referred to as a tag), then, after the light is off, detects the emissions from the tag. This would not only limit crosstalk between the light source and detector, but with a short window of time directly related to the time the tag takes to convert and emit the energy, tags that don't exactly fit the profile of an authentic tag would be rejected. If you use a material that absorbs and emits at the correct spectrum, it has to have the same conversion time as well. – Adam Davis Mar 19 '14 at 18:50
  • 1
    https://www.google.com/patents/US20130277576 – Adam Davis Mar 19 '14 at 18:50
4

Well, obviously we don't know - security by obscurity is a perfectly good idea so long as it is only one part of a security in depth approach.

But my understanding is that it is chemical - ISIS is a plating system that uses a material that you can cheaply and accurately detect, so your vending machine can taste the coins and figure out if they are good or bad.

I suspect a state security apparatus could use this technology to make a batch of "marked" coins and follow them, which would have some limited applications. However, in a world where everyone has a computer in their pocket there are better ways to follow people.

Graham Hill
  • 15,394
  • 37
  • 62
  • 10
    @Navin: security through obscurity is a bad idea in the common case, because in the common case the duration of the obscurity will limit the usefulness of the technique. However it is not correct that it is never a good idea. For example, to assert that Britain's security during the Second World War would have been improved by immediately informing the Luftwaffe when we had practical RADAR detection of aircraft, to avoid security through the obscurity of our techniques, would be most bizarre ;-) – Steve Jessop Mar 20 '14 at 11:39
  • 6
    @Navin: Security through obscurity IS a good thing. You are confusing it with security that relies on obscurity... which is emphatically not the case in Graham's answer. Since he mentions security in depth, you are clearly attacking a strawman position. Of course obscurity is no substitute for security. – Ben Voigt Mar 20 '14 at 21:34
3

The BBC has a two minute video of talking heads discussing the technology but it doesn't show how it works.

The iSIS technology is a 'special material' that can be added to the existing aRMour technology that electroplates a 25 micron coating on coin blanks.

The mint's PDF submission to the International Association of Currency Affairs explained that there will be low speed 'simple iSIS' detectors at point-of-sale (in shops) as well as 'advanced iSIS' high speed detectors in banks.

The patent Adam Davis linked too seems to be the key. Instead of merely looking at the different ratios of materials as Davis suggests presumably particles' X Y positions could be detected and stored then indexed using a Scale Invariant Feature Transform. In that way if the advanced iSIS had recorded a particular coin's signature, and the coin was being tracked, it could be found again the next time it is scanned. Similar to serial number tracking on notes.

esnible
  • 131
  • 2