**7. Conclusions**

Based on the growing concern in product counterfeiting of supply chain industry, the contributions of this research are to determine if anti-counterfeiting and traceability solutions currently adopted in supply chain industry could benefit from a certain degree of decentralization, via a series of security analyses: functional analyses performed against NAS. The possible opportunities and a list of fundamental system requirements of a decentralized version on NAS are also identified. Further statistical analyses on the research references of this research were also performed and demonstrated in Appendix A, where 86% of the research references of this research were published between 2012 and 2021, in which 44% were actually published within the past 5 years, and 20% of research references were actually published by IEEE.

A thorough explanation of blockchain technology is covered in this exploratory research so as to rationalize why the decentralized solutions should be developed with existing Blockchain 2.0 implementations, and why blockchain technology should be utilized to decentralize current solutions. There are mainly two categories of threats identified in these centralized solutions: *physical NFC tag threats* and *system threats*. These indicate the fact that tag-cloning, tag-disabling, tag's data modification, man-in-the-middle relay attack, spoofing attack on product data, and denial-of-service are among the most probable and risky threats to NAS as well as other existing anti-counterfeiting and traceability systems built with any software system component and wireless tag component.

The discussion of research results indicated some potential opportunities, which are exactly the potential advantages of decentralizing the existing supply chain anticounterfeiting solutions where it has been maintained merely by product producers or in the case of NAS—the winemakers. The opportunities, such as (1) the improved data integrity with a decentralized product record managemen<sup>t</sup> with state transitions on product records only accepted if its respective transaction is validated and the block is mined on the blockchain network; (2) the strengthen security considerations on data of product records processed with multilayered validations in place; and (3) the high availability on system components and data of product records enabled by the decentralized system components, including the blockchain network to prevent from possible system downtime and unavailability.

There are also potential concerns on actual development of the decentralized solutions: (1) the manageable system integration model on whether it could promote adoptions among the industry participants; (2) degree of decentralization which could be contradicting the performance and throughput of processing product records; (3) the limited scalability attributed by the extra decentralized processes and multilayered validations on processing product data; (4) the security vulnerabilities attributed by lack of proper key managemen<sup>t</sup> and rotation mechanism; and (5) the privacy concern on true identities of targeted entities being exposed, which could be mapped basing on a public address of repetitive uses, by other malicious entities running instances of the decentralized solutions, and even nodes on the same blockchain network. A fundamental set of system requirements for the *Decentralized NFC-Enabled Anti-Counterfeiting System (dNAS)*, which is proposed to decentralize NAS of centralized architecture, is therefore defined, according to the potential concerns discussed. The system requirements defined will clarify the actual development and implementation of dNAS to take place in a separate research where the proposed system use cases, architecture and implementation will be elaborated with explanation on why the proposed decentralized solution could combat product counterfeiting in supply chain industry.

**Funding:** This research received no external funding.

**Data Availability Statement:** Not Applicable, the study does not report any data.

**Conflicts of Interest:** The author declares no conflict of interest.
