Most authentication technologies share a hidden assumption: that the attacker cannot perfectly copy the security feature. In modern supply chains, that assumption no longer holds.
Can your authentication technology be copied?
Not in theory. Not by a nation-state with unlimited resources. Just — in practice, by a determined adversary with access to the same manufacturing tools your suppliers use. Can the security layer on your product, part, or component be replicated closely enough to fool the people responsible for catching fakes?
For most technologies currently in use, the honest answer is yes.
This is not a knock on the engineers who built them. Barcodes, RFID, holograms, QR codes, and NFC chips are genuinely useful tools — and most counterfeiting happens at a level of sophistication that doesn't require defeating them. But as the global counterfeit economy has grown into a $2-$4 trillion annual problem — larger by some estimates than the illegal drug trade — the adversaries have grown more capable, too. And the industries bearing the cost have grown less tolerant of "good enough."
What we built at DUST Identity is a response to a simple observation: every authentication technology ever invented has one thing in common. Somewhere in its chain of trust, a human made a decision that could be reversed.
Until now.
The Problem with Every Technology You're Already Using
Let's be direct about the vulnerability in each major authentication approach.
Barcodes and QR Codes
A barcode is a number. A QR code is a slightly more complex number. Either can be printed by anyone with access to a label printer and the code itself. The code carries no information about the physical object it's attached to — only about the record it points to. This means a counterfeit product with a copied or reissued code looks identical to the real thing at every scan point in the supply chain.
Metrc's own blog recently published a post on why print quality matters for scannable QR codes — a real operational challenge. But print quality is a downstream problem. The upstream problem is that a perfect QR code can be printed on a perfect fake.
Holograms
Holograms were considered cutting-edge in the 1980s. Today, high-quality holographic printing is available to any manufacturer with access to modern production equipment. The counterfeit hologram industry is enormous — the very industries that use holograms most heavily (pharmaceuticals, luxury goods, government documents) have the most robust gray markets for fake ones. A hologram signals "we tried." It does not signal "this is unforgeable."
RFID
Radio Frequency Identification is a genuine leap forward in tracking capability. RFID enables real-time inventory visibility, automated scanning at distance, and logistical efficiency that barcodes cannot match. But an RFID tag is an electronic record. Electronic records can be cloned. The chip stores data; that data can be read, copied, and written to a blank chip. In industries where RFID cloning attacks have been documented — access control systems, payment cards, automotive key fobs — the attack surface is well understood.
Additionally, RFID is vulnerable to interference from metal and liquids, limiting its use on exactly the kind of high-value components — circuit boards, aerospace parts, medical devices — where authentication matters most.
NFC Chips
Near-Field Communication chips have enabled a new generation of connected product experiences. Tap a tag on a luxury handbag and see its provenance on your phone. Advanced NFC implementations include cryptographic signatures that make simple cloning attacks harder. But the security of an NFC chip depends on the integrity of the chip itself and the key management infrastructure behind it. Sophisticated adversaries — including state actors targeting defense supply chains — have demonstrated the ability to extract cryptographic keys from physical chips. And a chip that can be removed from one product can, in principle, be transplanted to another.
DNA Markers
Applied DNA Sciences and a small number of competitors have pioneered the use of synthetic DNA as a product marker. It is a creative approach with genuine security properties. But DNA marking requires specific detection equipment, adds cost, is not invisible to competitors, and — at the molecular level — the presence of DNA sequences is discoverable. A sophisticated forger who knows a DNA-based authentication system is in use can attempt to replicate or contaminate the marker.
What All of These Have in Common
Every technology listed above works by creating a code — a piece of information — and associating it with a product. The security relies on controlling access to that information: keeping the code secret, making it hard to read without the right equipment, or making it expensive to replicate at scale.
But controlling information is fundamentally different from controlling physics.
Information can be copied. Data breaches happen. Keys get stolen. Printing equipment gets reverse-engineered. Supply chains are complex, and complexity creates opportunity for bad actors at every handoff.
What cannot be copied is a pattern generated by pure randomness in the physical world — a pattern that wasn't designed, wasn't programmed, and cannot be reproduced because the same physical event can never happen twice.
This is where diamonds come in.
Why We Started in a Quantum Physics Lab
DUST Identity was born in MIT's Quantum Photonics Laboratory, where our co-founders — including Professor Dirk Englund, who leads the lab today — were studying a peculiar property of diamonds at the nanoscale.
Diamonds, even tiny, inexpensive ones, contain what physicists call nitrogen-vacancy centers: atomic-scale defects in the crystal lattice where a nitrogen atom has replaced a carbon atom adjacent to a vacancy. These defects give diamonds their characteristic ability to absorb and re-emit light in highly specific ways — a property that quantum computing researchers have been studying as the foundation for quantum memory and quantum communication.
But our founders noticed something more immediately useful for the physical world: when you take a population of engineered nanodiamonds and apply them to a surface, the pattern they form is governed by the same randomness that governs all quantum events. The position, orientation, and spacing of thousands of individual crystals is unique to that specific application event. It cannot be predicted. It cannot be reverse-engineered. And it cannot be recreated — not by us, not by our customers, and not by adversaries.
DARPA recognized the implication immediately. If you could read that pattern and bind it to a digital record, you would have created the first truly unclonable physical identity layer for any object in the world.
That is what we built.
How DUST Works — In Plain Terms
The DUST solution has three components that work together as a system.
The Tag - A coating of engineered nano diamonds — invisible to the naked eye, smaller than the width of a human hair — is applied to any surface during the manufacturing process. The application can happen in a conformal coating step on a circuit board, as part of a luxury product's finish, or as a discrete marking on a component of any size. The pattern that forms is random, unique, and permanent. It cannot be scraped off without destroying the surface beneath it. It cannot be duplicated because the same random event cannot be reproduced.
The Scanner - A proprietary optical scanner reads the quantum signature of the nanodiamond pattern. It measures the position and orientation of the crystals and generates a cryptographic hash — a digital fingerprint — that represents that unique physical pattern. This hash is recorded at manufacture and becomes the object's permanent identity. For field verification, the system also supports mobile scanning through a loupe attachment on standard iOS and Android devices, allowing authentication anywhere in the supply chain.
The DUST Identity Cloud Engine- Every time an object is scanned — at a supply chain handoff, at a customs checkpoint, at a receiving dock, or at final verification — the scanner generates a new hash and compares it to the original. If the patterns match, provenance is confirmed. If the surface has been tampered with, replaced, or replicated, the pattern will not match. The discrepancy is flagged instantly.
Where This Matters Most
We have deployed DUST Identity technology across industries that share one characteristic: the cost of authentication failure is not just financial. It is operational, reputational, or lives-at-stake.
Defense and Aerospace. Counterfeit electronic components in defense systems are a documented national security threat. Our partnership with Parker Aerospace and Lockheed Martin brought DUST technology to the F-35 program — creating a digital thread that allows every critical component to be authenticated across its entire lifecycle, from manufacture to installation to maintenance.
Luxury and Consumer Goods. The fake luxury goods market is estimated at over $1.7 trillion annually. DUST's discrete, invisible markers allow luxury brands to offer customers verifiable proof of authenticity without altering the product's design. We bring the same authentication rigor used in fighter jet programs to handbags, sneakers, and spirits.
Energy and Critical Infrastructure. As battery supply chains for electric vehicles and aircraft become strategically important, the risk of counterfeit or substituted components grows. Our partnership with Mobius Energy addresses this directly — giving electric aircraft manufacturers a verifiable provenance record for every battery cell.
Sports and Collectibles. The memorabilia market is plagued by fraudulent authentication. DUST's solution gives teams, leagues, and collectors an unclonable, permanent record of an item's game-use and provenance — turning every authenticated object into a trusted asset.
The Question That Changed How We Think About Trust
Early in the company's life, one of our advisors asked a question that has stayed with us: "If the fingerprint at installation matches the fingerprint at manufacture, what exactly have you proven?"
The answer is everything.
You have proven that this specific object — not a copy, not a replica, not a substitution — is the same object that left a trusted manufacturer's hands. You have proven that no one replaced it, altered it, or swapped it anywhere in its journey. You have given every person in the supply chain the ability to verify something that was previously taken on faith.
That is what we mean by Physical Trust. It is not a feature. It is a different philosophical foundation for how we authenticate the things that matter.
Every industry that depends on supply chain integrity is, right now, making an assumption. They are assuming that the part in the machine is the part they ordered. That the product on the shelf is the product that was manufactured. That the component in the aircraft is the component that was certified.
DUST Identity exists to turn that assumption into a fact.
What Comes Next
In the posts that follow, we will go deeper on each of the industries where physical trust is most urgently needed — and most urgently absent. We will look at the policy and regulatory landscape that is driving demand for traceability and authentication at a global scale. We will share case studies from our partnerships with some of the world's most demanding organizations.
And we will keep asking the uncomfortable question: Can your authentication technology be copied?
If the answer is anything but an unequivocal no, you already know what to do.
