IP Fraud Protection

Author: Chris Jensen is a Vice President at New Momentum (Irvine, CA), a company that

provides brand/IP Protection software to the electronics industry.

Email: cjensen@newmo.com

Abstract

Outsourcing and globalization have numerous benefits, but there is a downside—the proliferation

of counterfeits and sales through unauthorized channels. In 2006 U.S. Customs recorded over 15

billion IC imports. With one out of ten IT products containing counterfeits, according to a study

by AGMA and KPMG, 1.5 billion of those imported ICs are likely counterfeit. Unfortunately,

most semiconductor manufacturers don’t realize the extent of their revenue and reputation lost to

counterfeits. This paper demonstrates the impact of counterfeits on electronics companies and

gives solutions for finding the violators as well as a four-step roadmap for recovering revenue lost

to counterfeits.

IP FRAUD PROTECTION

Do You Know What Counterfeits are Costing Your Company?

Outsourcing and globalization have numerous benefits, but they have a significant downside—the

proliferation of counterfeits and sales through unauthorized channels. Semiconductor

manufacturers are losing billions every year to counterfeits and the gray market. In 2006, U.S.

Customs recorded more than 15 billion IC imports‐‐about 500 every second. Results of a study

conducted by AGMA (Association for Abatement of Gray Market and Counterfeits) and KPMG

showed that one out of every ten IT products contains counterfeit semiconductors. That means

1.5 billion of those imported ICs are likely counterfeit…about 50 counterfeits every second

flooding into the US. Do you know how many of those 1.5 billion (and the number is growing all

the time) are yours? Most semiconductor manufacturers don’t realize the extent of their revenue

loss to counterfeits.

And, revenues are not all you are losing. Company and product reputations are being eroded, and

legitimate channel partners lost. Jobs are also being lost. Especially painful in today’s economy,

counterfeits are believed to have cost 750,000 jobs in the US alone. The goal of this paper is to

demonstrate the impact counterfeits have on electronics companies, as well as provide solutions

to stop these unauthorized sales. And most important, this paper will show you why electronic

component manufacturers need to take action now before revenues and reputation are eroded

even further.

Here’s how counterfeits have impacted five semiconductor companies

The Semiconductor Industry Association (SIA) recently formed an Anti‐Counterfeiting Task

Force that conducted a study with these results:

Company A: Over 100 part numbers have been counterfeited in the past 5 years

Company B: 19 cases reported with 97,000 units

Company C: Since June 2006 there have been 4 US Customs seizures of counterfeits of

our products by US Customs; units seized ranged from 6,000 to 60,000

Company D: We estimate that 2‐3% of the purchases of our brand are counterfeit

Company E: A broker website indicated 40,000 of our devices available, but our

company had only made 200 units of that device with the specified date code. If all

40,000 were available, it would result in a $34-million loss.

Can your company afford these kinds of losses? By the way, this is the activity these

companies found without using the advanced technologies discussed later in this paper, which

would give them even greater visibility into counterfeit activity.

Why is now the time to take action?

Once thought to be too complex and sophisticated for counterfeiters, semiconductors, electronics,

and IT (information technology) products are now hot-ticket items in counterfeit manufacturing.

Lost sales, however, only account for a fraction of what companies sacrifice when their

intellectual property (IP) is stolen and their products are illegally produced. Counterfeiters steal

IP backed by million‐dollar investments in research and development, marketing, and

manufacturing. Moreover, illegitimate or substandard chips present the company with additional

costs to repair or replace defective products carrying their brand name.

A number of factors have coalesced to create a business environment in which manufacturing

counterfeit IP is not only lucrative, but also much more attainable than ever before. Counterfeiters

are becoming increasingly tech savvy, and their ability to obtain more advanced manufacturing

machinery and techniques has been one of the most crucial factors in fueling the production of

illegal high tech goods.

During the past decade, billions of dollars in foreign direct investment (FDI) have flowed into a

number of developing countries, such as China, leading to the proliferation of sophisticated

manufacturing processes and capabilities to produce high tech products. Counterfeit components

have long been a problem in the electronics industry, but as of late, companies are finding

themselves increasingly challenged with having to deal with counterfeit semiconductor

components. A second contributing factor is the popularity of e‐commerce. Many counterfeiters

are using the Internet to reach potential buyers. Without regulatory bodies able to police and

govern all product‐listing sites or advertisements sent out over email, the Web has become a

bastion for illegal sales of counterfeit products.

Why is the problem becoming more serious for semiconductor

companies?

Remarking one of the biggest problems

In the SIA study, remarking was the most common method of counterfeiting. Remarking involves

scraping a label off a chip package and printing on a new label. This can involve a different and

higher-priced brand, or a faster chip speed, or a military grade lot number on a commercial chip.

Most of the problem is coming from Shenzhen China, located on the border with Hong Kong.

You can find anything in Shenzhen—original, fake, new, and old components. It’s common to

find shops making fake “Samsung, Motorola,” etc. labels. The Chinese vendors say that making

the labels is easy—they simply select the specific component maker’s label from the program

library and then modify the data. The label quality is excellent.

Other counterfeiting tricks include incorrect die, inferior packaging materials, reproduction of

chip designs, packages without die, different labels on packages, and false RoHS (Restriction on

Hazardous Substances) notifications. Inaccurate notifications of whether a chip has lead can

affect a semiconductor manufacturer in two different, yet significant ways. First, if the chip

contains lead but has a false RoHS notification, the semiconductor manufacturer may have

products restricted from sale in some countries, face a lawsuit, and experience significant bad

publicity. Of greater concern, however, is when a part does not contain lead and the counterfeiter

asserts that it does. Parts without lead have reliability problems when used in applications in outer

space such as satellites or NASA flights.

How can you solve this problem?

There are several key areas you can focus on to reduce your company’s revenue erosion from

counterfeits: legal, operational, and technology (web search, encryption, lock & key).

What can you do through the legal system?

While many big players in the IT industry are making headlines as they break up crime rings,

small to midsize enterprises face a tough fight in their struggle to protect their IP. A number of

internal and external issues challenge companies’ ability to find, identify, and persecute

transgressors. How about encouraging US Customs to make semiconductor counterfeiting a

priority? While it may be easier to spot counterfeit luxury goods, fake semiconductors can result

much more dangerous (even deadly in the case of medical devices) situations.

How about the operational approach?

One important step in reducing counterfeiting is to focus on illegal sales on the gray market.

While some gray market brokers are legitimate, the gray market is an excellent outlet for

counterfeits. AGMA suggests examining companies trying to enter distribution channels and

monitoring contract manufacturers and distributors already in the supply chain. The organization

recommends thoroughly interviewing companies and investigating their background before

allowing them to become resellers or distributors. Once they enter the supply chain, AGMA

advises organizations to establish strict contracts, perform extensive auditing, and maintain close

relationships with its outsourcing partnerships.

Though the listings may be hidden in the deep recesses of the Internet, a couple effective search

words can bring up product listing after product listing of both legitimate and counterfeit goods.

Technology web search

Many companies that have resorted to manually scouring the Web for unauthorized product

listings and counterfeit goods have found this process time-consuming, tedious, and ineffective.

The up‐and‐coming technology is based on the collection and organization of unstructured data.

Unstructured data is information collected from a number of electronic sources that hasn’t been

arranged or organized into an understandable form. In the context of seeking out product listings,

this data can come from a number of sources including market Web sources, XML data sources,

B2B sites, forums, auctions, and emails advertising gray market sales.

Software solutions like this bring a number of benefits to manufacturers. Not only do they

eliminate the significant number of man-hours and resources manual searching required, these

systems can tap into information sources previously out of reach by traditional search methods

and thereby increase the amount of “area” a company can keep a watch on the marketplace. They

also highlight other market activity exceptions, such as new sellers entering the market and an

unexpected amount of selling or buying in a particular geographical region. When looking for an

IP-protection solution, make sure all reports and data collected are accessible through a Web

portal and that the supplier is a Software as a Service (SaaS) supplier. This makes data

immediately without any extensive installation processes and, more important, without the

involvement of other departments that may slow the deployment down.

Case Study

One Tier 1 fabless semiconductor manufacturer has already deployed this kind of system and saw

an immediate return on investment. In the first 30 days, the manufacturer found 500 cases of

unauthorized sales or counterfeit products previously undetected by its traditional monitoring

systems. Over a year’s time, if 6,000 unapproved transactions were prevented, the manufacturer

could save itself millions of dollars in lost revenue.

Collecting data and reports, however, doesn’t necessarily result in a decrease in counterfeiting;

the information needs to be put into action. Often when companies manage to receive timely

data on counterfeits or illegal gray market sales, they simply don’t know what to do with it. The

above manufacturer handled one if its instances of unauthorized sales through an unconventional

route: It tried to turn unauthorized distributors into legitimate ones.

The benefit of this strategy is two‐fold. First, if the distributor agrees to join the manufacturer’s

authorized channels, the manufacturer can then more easily monitor buying and selling activities

and more effectively ensure the products distributed are authentic. Second, in the event the

distributor declines the offer, its managers know the company has been identified as a

counterfeiter or an unauthorized sales channel and will likely stop selling the manufacturer’s

product.

How much revenue can a manufacturer expect to recover?

.

The four steps to recovering revenue

The roadmap to revenue recovery consists of visibility, plan development, plan

implementation, and the measurement of results.

Visibility – Step one on the map is a concentration on visibility. That means visibility into

the counterfeit and gray markets that require seeing who is doing what where and how much.

This search can isolate data that weeds out duplicate offerings, separates the players

(counterfeit, gray, suspect, etc.) and formats this information into meaningful metrics.

Typically, use of the advanced technologies mentioned earlier are combined with a

company’s investigation team or a company that specializes in high tech counterfeit

investigations. The technology is used to drill down not like a Google search or other search

companies, but taking it to the next level, and takes it to a dashboard and beyond to

compilation. When companies are exposed to the extent of their counterfeiting problem, their

eyes are opened.

Visibility depends upon data analysis and consequently cost analysis. This means identifying the

scope of the violations, and the first step is to identify where and with whom your products are

being sold. This translates into identifying counterfeit activity and gray market activity and their

estimated loss to the enterprise. Part of the loss may be unquantifiable as the public perception of

a brand is critical. The accuracy and speed of this information is critical. The technology needs to

find the comprehensive and unstructured market data from websites, email, file transfers as it

incorporates the information from your ERP data, PLM data, transactions history and run it

though data filtering and cleansing. The right market intelligence will help your team focus on

where you will get the highest return on your efforts. You will need to incorporate specific

technology solutions that will allow you to load your products and prices, allow for data analysis,

identify the scope of the violations and be able to report the return on investment (ROI) to

management.

Plan – Step two in revenue recovery is to develop a plan. When investigators work with a client,

they expect them to subscribe to one of the new advanced technologies and thus establish the

means to having visibility and intelligent data structure for creating a plan.

Many organizations underestimate the significance of the proper plan development. The more

time and effort the enterprise places in creating a comprehensive plan, the better the

implementation and results. Like any strong plan, the enterprise will need to set goals and

measure frequently. Its goals need to be realistic and cover a one- to two-year time frame. A

concentration on due-diligence investigations comes next. Tom McWeeney, senior VP of a high

counterfeit investigation agency, Corporate Risk International (CRI), says, “Each company we

investigate for has a different system and we work back and forth with them in a customized

manner.” An enterprise will want to plan every aspect of its program including test purchases and

due diligence. After reviewing the data, they will decide exactly how they will go about

approaching the seller that can lead to a buy. Initial questions that need to be answered include: Is

this a massive problem? Is it long-term? How much does the enterprise want to buy it for? What

quantity will allow it to become evidence if the enterprise decides to take civil/criminal action?

Do they need to purchase at a certain price? Is there a price that will strengthen their role as

evidence in future civil/criminal action? Should they get customs, FBI, Customs and Border

Patrol (CBP), and Immigration & Customs Enforcement (ICE) involved?

How should they maintain the evidence and for what time period? A test purchase can lead to the

need for test purchase engineering examination and in time to either civil action or criminal

action, or both. The enterprise may need to set goals for each of its sellers. The goal does not

always need to be civil or criminal action. An enterprise’s goal may be to make life so difficult

for the counterfeiters that they drop their product and move on to something else.

Implement plan – The third revenue recovery step is an implementation plan that carries out the

conclusions of the planning process. During this activity Tom McWeeney says, “Actionable

intelligence from the technology solution leads to whether to do buys or not.” With the right

information as background, the implementation is ready to begin. In this phase, the enterprise will

need to prioritize targets, follow through on plan, and incorporate the ability to consistently add

new data that could alter the actions that are to be taken. The enterprise should not be afraid to

outsource certain parts of its implementation to corporate risk specialists to the extent that such a

decision makes sense. With a comprehensive plan in place, the manufacturer can start assigning

due-diligence investigations and conduct strategic under cover test purchases in regard to high-

volume targets. This process identifies whether the subject in question is legally registered, has a

history of counterfeiting, or has a questionable general business profile. This step also may

include engineering analysis, civil action, and criminal action. The enterprise may want to do

some of this work with inside capabilities, but outsourcing is a viable alternative. When doing a

test purchase, CRI recommends a wire transfer because it allows the enterprise to have access to

valuable data on the counterfeiter’s financial institution.

This information may be helpful when taking civil and criminal action. Engineering analyses of

test purchases may lead to civil actions (cease and desist letters, lawsuit, etc.). The outsourced

undercover purchase of a product or part may require setting an undercover company. When

engaging in pursuit of criminal action, there may be a liaison with FBI, or CBP and ICE or all

three. Whatever actions are taken need to be coordinated in-house and with outside counsel. In

the long run, purchasing may require re-purchasing to ensure that the counterfeiters have actually

ceased their illegal activity.

Measure results

Step four is measure the results. Revenue recovery happens by intelligent discovery or as a

famous detective once said, “Just the facts Ma’am.” The measurement of the revenue recovery is

an outtake, a result of the process undergone. Part of any revenue recovery program needs to

include a method to consistently measure results. On a weekly basis, for instance, an enterprise

has to determine the value of the product on and off the market. They will want to record the

amount recovered through test purchases and document progress. They will take note of the

criminal and civil actions taken and their results. The enterprise’s management team needs to take

an active role in the revenue recovery process -- continually reviewing results data and

determining changes when needed. Or as Tom McWeeney reminds us, “Not all sales in a gray

market reflect back upon the OEM or legitimate distributor. The price has to be seen in the

context of market price and manufactured price.”

Data value requires close examination, and there are not necessarily experts in each part or

product. Companies need to look for sale prices that are not reasonable. They may do a buy, or

not, depending upon the discount. Is it a price that can lead to profit?

The results have to be presented to enterprise management. At the customer’s request, the

advanced technologies mentioned earlier can implement a monitoring process around an analysis

designed to produce a standard set of outputs that are “meeting” or “boardroom” ready. Armed

with these outputs, an intelligence group can attend high-level or even board-level meetings to

discuss changes in the gray market landscape, new brand, IP, or counterfeiting risks which may

be appearing. These risks can then be reduced with follow-up or ongoing legal action and an

overall strategy for setting priorities based on product families or technology groups. These

reports, which are provided in both a summary and detail level, consist of trending charts across

all product families; by customer assigned product family types showing change in market

activity; by individual part or part family within the product family; by geographical region for

quantity, number of buy/sell offers and number of new companies interested in the customer’s

products. The reports also include top-ten-style rankings of individual companies that trade in the

largest quantities of the customer’s products and that do the most number of transactions,

regardless of total quantity. All of the summaries and analytics above can always “drill” back to

the original open market buy/sell transaction that contributed to the total or summary. This data is

maintained historically and archived so that as patterns of activity or risk emerge in the analytics,

record-by-record research can be done back to the original time period where the pattern started.

An ongoing activity

Protecting brands and intellectual property from fraud is not a once in a lifetime event. It is an

ongoing activity. The steps above make it clear that an enterprise has to first understand its

problem and then it must develop a plan to mitigate the problem and this means getting a

management buy-in. Given the go-ahead, the plan must be implemented. After the findings and

action, the plan should be evaluated for its effectiveness.

But, the first and most critical step is to not underestimate the impact of counterfeits on revenues,

brand and distributor loyalty. A significant obstacle to successfully addressing counterfeiting

problems has been underestimating the problem due to the lack of dialogue and understanding of

the enormity of the problem in the electronics industry. Typically, companies grappling with

counterfeiting shy away from publicizing the problem. This relative silence has led many in the

industry to underestimate the enormity of counterfeiting and the amount of assets at stake. Now is

the time to take a stand against counterfeiting and push forward toward effective solutions to this

problem.