Every pharmaceutical manufacturer selling in India has heard the term "serialization" thrown around in the same breath as CDSCO, track-and-trace, and export compliance. Fewer teams can explain, precisely, what the regulation requires versus what their ERP vendor is trying to sell them.
This matters because getting it wrong is expensive twice over: once in penalties for non-compliance, and again in the false confidence that a compliant barcode also means a counterfeit-proof one. It doesn't, automatically. Serialization and authentication solve different problems, and the gap between them is exactly where fake medicines slip through.
What CDSCO serialization actually mandates
India's Central Drugs Standard Control Organisation requires unique product identification on packaging for specific export categories, with barcoding rules tightening progressively across primary, secondary, and tertiary packaging levels. The intent is traceability — knowing which batch, which manufacturing date, and which distribution path a strip of tablets travelled through.
A compliant system needs to generate and print a unique serial number per saleable unit, link it to batch and expiry data, and make that data retrievable at each supply chain checkpoint — manufacturing, distribution, and dispensing.
Serialization tells you where a product has been. It does not, by itself, tell you whether the product in your hand right now is genuine.
— Ratifye Brand Protection DeskHow this compares to US DSCSA
The US Drug Supply Chain Security Act follows a similar unit-level serialization logic but layers in stricter verification obligations — trading partners must be able to verify product identifiers at the package level before further distribution, and the end goal is a fully interoperable electronic system by law.
| Requirement | CDSCO (India) | DSCSA (US) |
|---|---|---|
| Unit-level serialization | Mandatory for export-focused categories | Mandatory nationwide |
| Verification obligation | Traceability-focused | Active verification before resale |
| Interoperable data exchange | Emerging requirement | Core requirement |
| Counterfeit detection | Not inherent — needs added authentication | Not inherent — needs added authentication |
Where serialization needs authentication layered on top
A serial number printed on packaging can be copied. A counterfeiter who obtains one genuine strip can photograph and reprint the exact same barcode across thousands of fake units — and a basic scan will still return "valid" because the number matches a real batch record.
This is the gap Ratifye's ECDSA-based cryptographic signing closes. Each unit gets a signature that can't be cloned even if the visible barcode is copied, so a scan verifies the specific unit, not just whether that serial number exists somewhere in a database.
Get started
Already serialized? Add authentication without touching your packaging line.
Talk to Our Team →What to check before choosing a serialization vendor
- Does the system support GS1 GTIN and SGTIN standards required for CDSCO export compliance?
- Can it add cryptographic authentication without new hardware or packaging redesign?
- What's the actual scan-to-verify latency at pharmacy counters?
- Does it integrate with existing ERP and packaging line systems, or require a rip-and-replace?
For most manufacturers already meeting CDSCO's baseline, the highest-leverage next step isn't more serialization — it's making the existing barcode unclonable.