Countering counterfeiters

Counterfeit battery manufacturers, based mostly in Asia, have become highly capable and have sophisticated manufacturing facilities at their disposal. When the original batteries in products such as smartphones, portable dvd players and portable games players reach the end of their working life, their owners can now find replacements on the internet for much less than the price of an approved battery. But the non approved version is likely to be inferior in a number of important ways: * it might lack the appropriate protection circuitry required to ensure safe use and to prevent short circuits, combustion or overvoltage damage. * it might lack the appropriate charging control circuitry, which could either result in damage to the powered device or the battery, or to reduced operating time between charges, giving rise to an unfounded assumption, on the user's part, that the device is power hungry; and * it might perform poorly, either in terms of power quality or power capacity. In both cases, the user will experience inferior device performance, but might attribute it to the device, rather than to the non approved battery. Use of counterfeit batteries can therefore lead to undeserved and unforeseen rises in warranty claims and product replacement costs and can affect the manufacturer's reputation. This highlights the importance to OEMs of implementing effective battery authentication, to ensure that only original, approved batteries will function in a device. Of course, the problem only arises with the use of custom batteries in a particular form factor. Designers could use standard cells and include discrete control and protection circuitry. High quality standard cells are cheap, widely available and are easy to replace when necessary. And there is no counterfeit market in standard cells. But the use of standard cells in high volume portable devices is not always appropriate because the mechanical design normally requires a non standard form factor. In addition, standard cells will often fail to provide the exact power capacity required by the application, forcing the OEM to compromise either on size – designing in a battery pack that is too large – or capacity – an inadequate operating time between charges. A custom battery, while more expensive, optimises power density, power capacity and shape. Shape was once the main way in which an OEM protected its battery against non approved replacements. But the development and tooling costs involved in replicating a particular form factor and terminal layout have fallen to the point where the particular form factor offers only a small deterrent. This approach is not appropriate for low volume applications, where the potential sales revenue from non approved batteries will barely balance the NRE and production costs. Consumer device manufacturers seeking to add a layer of active security to their battery pack have previously used a battery identification scheme. This is straightforward: a small memory chip holds a battery identification number. On power up, the host device challenges the battery identification chip: if the host recognises the number, it permits normal operation. If not, it can provide an alert to the user, disable certain functions or even shut down the device. Unfortunately, the static nature of this security scheme (the battery identification number is the same in all devices sharing the same part number) makes it easy to copy. As a security mechanism, this is rather like locking the front door to your house and leaving the key under a flower pot. OEMs therefore require a battery security mechanism that produces a different data stream every time the host challenges it. This can be implemented using standard ics and proven security algorithms. The basic operation of such a challenge and respond scheme involves the generation of a random data stream by the host (see figure 2). This random data stream is communicated to the battery, which then performs a transform function on the data stream using a secret key held by the battery and the host. The battery then returns the transformed data stream to the host. Meanwhile, the host performs the same transform function on the random data. If the two values match, the battery is authenticated and the host permits it to function normally. The secret key used in the transform operations is a hidden on the host device and the battery pack's security ic. This secret is the source of the device's security, which means the OEM can use a public authentication transform algorithm – such algorithms are proven to be extremely safe from attacks on their integrity. The most secure forms of challenge-and-respond scheme today implement the SHA-1/HMAC algorithm, widely used for authentication of online banking transactions and Virtual Private Networks. Here, the transformation of the host's 'message' to the battery results in a condensed 'message digest'. This security scheme operates in two stages (see Figure 3). First, the host uses its secret key to read a 128bit encrypted ID stored on public memory in the battery's security ic. It then generates a 160bit random challenge and transmits it to the battery's security ic. This uses a 128bit ID, stored as plain text in private memory, to transform the random challenge and produce a message digest. At the same time, the host performs the same transform function on its random challenge, using the decrypted ID it has just acquired from the battery. If the battery's and the host's message digests match, the battery is allowed to operate normally. As before, the security resides in the secret key, which the host holds. The advantage of the SHA-1 algorithm is that it generates a 160bit challenge: this produces 2160 possible results, which is large enough to make counterfeiting impracticable. In fact, the scheme is more vulnerable to human exposure than technical, through the inadvertent or deliberate release of the secret key by staff at the OEM itself. This high security circuit can be implemented in a battery pack using a dedicated security ic – such devices typically cost less than $1.50 in volume. The implementation of such a scheme also entails a small extra production cost, as a special test routine will need to be developed and run in the factory. Consumer electronics OEMs have strong reasons for using custom batteries, which enable smaller, sleeker end products with longer operating time between charges. The size of the reputational and warranty redemption costs that could arise from the widespread use of counterfeit replacement batteries is, in practice, impossible to quantify exactly. What is certain is that secure authentication technology can be applied to battery packs at a cost per unit of less than $1.50. The level of protection afforded to batteries is the same as that applied by banks to the millions of transactions carried out on the internet every day – enough to deter attempts by non approved battery vendors to copy original batteries. Stefan Hald is a field applications engineer for power pack solutions with VARTA Microbattery