**4. The NFC-Enabled Anti-Counterfeiting System—NAS**

One of the solutions to answer the growing concerns on product counterfeiting in different supply chain systems of wine industry is the *NFC-enabled Anti-Counterfeiting System (NAS)*. The NAS in [51] was developed and implemented back in 2014, aiming at providing an innovative and fully functional alternative, based on *Near-field communication technology* and cloud-based microservices architecture with centralized storage structure, solely hosted by any winemaker, to help improve the worsening situation of product counterfeiting especially for the wine industry. NAS with centralized data architectures, which are predominantly based on typical and familiar cloud-based client–server architecture style, is demonstrated in Figure 7.

**Figure 7.** The System Architecture of NFC-Enabled Anti-Counterfeiting System (NAS). Source: Neo C. K. Yiu.

The whole NAS solution consists of five main components: (1) the back-end system with web-based database managemen<sup>t</sup> user interface for wine data managemen<sup>t</sup> performed by winemakers, for which managemen<sup>t</sup> of data columns of specific wine products which are in their custody can be performed by winemakers; (2) an NFC-enabled mobile application, *ScanWINE*, for tag-reading purpose of wine products at retailer points for wine consumers or supply chain participants of the supply chain before accepting these wine products; (3) another NFC-enabled mobile application, *TagWINE*, performing tag writing purpose for wine at wine bottling stage by winemakers; (4) the NFC tags packaged on wine bottlenecks for those purposes and actions; and (5) any NFC-enabled smartphones or tablets of supply chain participants and wine consumers along the supply chain.

There are four major categories of data to be processed along the supply chain with NAS: (1) nodal transaction history data, (2) supply chain data, (3) wine pedigree data which is processed with its dedicated controllers based on their predefined schema and data models, and (4) unsuccessful validation data returned from any unsuccessful validation at the stage of accepting wine products. As wine products being processed and handled by different nodes along the supply chain with data updated by scanning NFC tags of the wine products using tag-reading *ScanWINE* with the state of wine record to be updated accordingly to the database. These categories of data are updated along the supply chain until the point of purchase at which wine consumers use tag-reading *ScanWINE* to scan NFC tags and retrieve data such as the wine pedigree data and transaction data for real-time validation to determine if a wine product is counterfeit or not.

A unique identifier is assigned to each wine product and is written into the NFC tag. Such tag-attached wine products are then shipped from winemakers to different nodes along the supply chain. During the transportation process of these wine products along the supply chain, each involved node could scan the NFC tags and adds the aforementioned four categories of data into these NFC tags, respectively. In this way, the next node can check whether or not the wine products have already passed through the legitimate supply chain. If any inconsistency is found at any node, such wine products may be considered as counterfeits and should be returned to winemakers. However, once the wine product reached post-purchase stage and circulated in any customer-to-customer markets, its authenticity is no longer guaranteed, as anyone who has an NFC reader can interfere and clone tags' data. Therefore, it is important to develop anti-counterfeiting systems that could work even when the data stored in tags is cloned in post-purchase supply chain with attacks detected and prevented on any potential adversary changes.
