Many OEMs sell machines to hospitals at a loss with the intention of making up the difference on a disposable patient-interface piece. Take for example, patient-monitoring equipment. The monitor typically works with a disposable probe kit, a package of calibrated electrodes and sensors in a sterile package. Most systems require a new probe kit for each patient.

Manufacturers count on the revenue stream that comes from these consumables. And because they're profitable, other companies clone, refurbish, and counterfeit consumables which are then sold to hospitals. Obviously this creates tremendous patient-safety issues because patients are potentially treated with inferior, non-certified equipment.

In some cases, users are aware that components are counterfeit and remanufactured. This is more likely to happen in third-world countries where the hospital will try to refurbish the equipment or consumable. In many other cases, products are repackaged and sold as new, and it's difficult to distinguish between the fake and the original.

The problems typically come in three forms:

Remanufacturing treats a device reused beyond its intended operational life. For example, a device may be swabbed and made as sterile as possible, then resold.

Counterfeiting or cloning is an attempt to produce an outright copy. These products may be made without the certification and quality control procedures of the original manufacturer. In many cases, end users and medical practitioners are unable to distinguish counterfeit devices from original devices.

Device tampering modifies equipment so it will take unauthorized consumables. This generally only happens in developing countries, where a supplier will cut a deal with a hospital for cheaper products in return for allowing them to modify the receiving equipment.

Previous attempts to stop counterfeiting include tamper indicators, such as holograms on the packaging. “But a number of counterfeiters contract to have duplicate holograms made in China, for example,” says Benjamin Jun, vice president of technology at Cryptography Research Inc., San Francisco, (www.cryptography.com). “They are fairly easy to copy.” And these techniques assume the healthcare provider will check for signs of tampering on the holograms. Hence, bar codes and holograms only go so far.

One thing manufacturers should realize is counterfeiting is a common problem. “Many companies wrestle with similar problems in consumable protection for devices such as printers and cell phones. These are subsidized devices with high-profit consumables. Companies in these industries apply technical solutions to protect their devices, and many of these technical solutions can be reapplied to medical devices. So, the problems are solvable,” says Jun.

In addition, it isn't surprising that these problems are happening. It's difficult to prepare a device, certify it in a short period, and get it to work properly under all reasonable operating environments. “Engineers don't typically think about how to design ways to stop someone from attempting to refurbish or clone the consumable,” says Jun. The problem leads manufacturers to look to third-party solutions that improve the security of consumables.

Most U.S. manufacturers are concerned with remanufacturing and cloning. One way to combat the problem adds smarts to an integrated chip on the consumable. “The IC and equipment interrogate each other with a challenge-response protocol to ensure a legitimate, new consumable is present, and both parties in the transaction are authentic,” adds Jun. The “smarts” generally involve a cryptographic core and memory to store keys.

The chips in many cases also help meter use of the consumable item itself. And most devices are smart enough to know when they're about to drift out of calibration. What happens in these situations is up to the manufacturer. “In some cases usage will continue, but an ‘uncalibrated’ message will flash on the screen. In a first-world hospital, that's enough to make a healthcare professional stop using the device,” Jun says. In other cases, for patient safety or liability, the transaction stops completely, and the phrase “unauthorized consumable” or “expired item” will flash on the screen.

It makes sense to use the security on high-end surgical kits, for example. They are intended for single use and cost several hundred to thousands of dollars. It makes sense to add a $2 chip to secure it. However, if the product doesn't already have an IC and it is a low-cost component, adding the chip might not make sense.