Typical vs MDLE
Typical Authentication
The traditional method for authenticating information is bidirectional. A serial number on a product, or ID number on a personal document is scanned by the user. This data is then transmitted to a database for lookup and verification. Once confirmed, a response is sent back to the user through the same channel. This method poses a significant threat which when exploited, will disrupt operation and could cause financial harm to an organization.
MDLE Authentication
Since MDLE is capable of securing and storing sensitive information into cost effective data carriers, we eliminate the need to maintain an online database for authentication. Instead of sending a pseudo random number to a database for lookup and validation, MDLE sends the entire encrypted payload (sensitive information) to the online MDLE key server. The data is decrypted and returned to the user. If someone hacks the decryption key server, all they will see is billions of keys (meaningless data).
6DCP
MDLE is not vulnerable to the same exploits of traditional serialization systems because MDLE eliminates the target. Not to be confused with a distributed system, i.e. Blockchain, sensitive information otherwise stored in a database is completely decentralized with MDLE.
Example 1:
Driver’s License. Personally identifiable information, image, and even biometric data is encrypted, compressed, and encapsulated into a 2D barcode, RFID, NFC, or any combination thereof directly on the document itself. If an attack were to occur on the Department’s database, no PII data will be exposed. MDLE is perfect for organizations in countries under GDPR laws.
Example 2:
A pharmaceutical company’s serialization system. Sensitive product information is encrypted, compressed, and encapsulated into a 2D barcode, RFID, NFC, or any combination thereof directly on the market package itself. If an attack were to occur on the company’s serialization database, a counterfeiter will have no means to create the next serial numbers. And since MDLE is truly database, no false records can be injected into the supply chain.