Counterfeit Replacement Batteries: Low Price, Risky Performance

Fri, 06/21/2013 - 3:38pm
Todd Sweetland, Applications Engineer Manager, Electrochem Solutions, Inc.

Look around at those cell phones, TVs, and other consumer devices, and it's easy to assume that all electronic products have a lifetime as short as two years, or perhaps as much as five years. But that's an incorrect assessment: in medical, industrial, and military applications, you'll find many products with viable, in-use lifetimes of ten, fifteen, and sometimes more years.

Yet while the products themselves may be in active use for many years, their rechargeable battery packs have shorter lifetimes due to the number of charge/discharge cycles they have undergone and unavoidable decline. As a result, there's a large need for aftermarket replacement batteries, and that's where counterfeit replacements become an issue.

Why is this a good opportunity for counterfeits? Several reasons:

  • despite their technical sophistication, it is less difficult to manufacture a functioning battery, albeit substandard, than an IC
  • it's hard for the average user to spot a counterfeit battery (if they even care to look): they put it in their unit, they turn on the device and it works, and everything seems OK
  • if the counterfeit fails after a few months, the user assumes he or she just got a bad one and replaces it (again); they don't have any interest in forensics or failure analysis
  • it's a huge opportunity: a genuine replacement battery pack purchased from the OEM may sell for $100-250, while the counterfeit—usually purchased on-line—is far less.
  • at the same time, the purchaser is a "hero" to management for having gotten such a good deal on replacements.

Aftermarket Battery Issues

When an OEM provides a product, it is shipped along with a battery pack, usually custom designed. Like the tires on a new car, the pack is supplied by a specialty manufacture under a contract with the OEM. Unlike tires, however, that battery pack is marked only with the OEM's name, rather than its actual maker's name. Therefore, when users get a replacement aftermarket battery labeled with the OEMs name, they assume it's up to the same specifications as the original they are replacing, even though it may be counterfeit.

What's wrong with counterfeit battery packs? After all, they work, don't they? The answer is both "yes" and "no." They usually do work—for a while. But their inadequate design and construction often results in reduced performance and even outright failure. Many of the potential problem areas will be aggravated by the rigors common in actual use, including operational temperature cycles, ambient temperature, altitude, and normal shock and vibration.

Among the problems the counterfeit batteries may have are:

  • Substandard cells which don’t accept or hold anticipated charge levels, or last for the specified number of cycles.
  • Mismatch with the charging circuitry, which is usually designed for the specific cell pack
  • Lack of design and test for overcharge and over-discharge situations. In addition, the expected protection against unacceptable current, voltage, and thermal conditions is inadequate or missing; these are often built into the cell pack as part of the OEM requirements, and therefore assumed to be in place as part of the product design.
  • No room in the cell pack to tolerate the normal and expected swelling of cells which occurs over time.
  • The vents for cell gas, a standard feature of all pack designs, are blocked by excessive or sloppy application of cell insulation (usually silicon), are located where they will be blocked when installed in the product, or are non-existent.
  • Marginal quality of welds and solder joints, which will fail in use.
  • Poor quality connectors and interconnections with misaligned contacts, which are likely to short or fail.

The implications are both tangible and intangible. The OEM's product may fail to operate in a critical situation, even though the batteries are new replacements; it may operate erratically; in worst cases, it may put users in danger from leaks and worse. Even in non-critical applications, or where the user says "oh, I guess I just got a bad pack, I'll get another", there is the impact on the reputation of the OEM—the vendor whose name is on that pack

What Can Be Done?

Device OEMs have been dealing with counterfeits of components their BOM for many years, and the problem continues. Their defense involves several tactics: work closely with your supplier, deal only with legitimate, chartered distributors, insist on verification for each step of the supply chain, and even randomly inspect and audit the supply chain.

Unfortunately, none of their tactics are applicable to the aftermarket battery-replacement situation. End users don't have the time, option, or luxury to do any of the things that the OEM can do, other than protect themselves by only ordering replacements directly from the OEM. Instead, the OEM must look to other options ranging from low-tech to much more advanced ones.

The easiest and lowest-cost method is to use specialized labels with certifications and even holographic stickers. There are two drawbacks to this approach: today's technology also allows for counterfeiters to quickly and easily counterfeit these as well as the batteries; also, most users don’t check these items, nor would they recognize a genuine one from a fake. Another possibility is some form of registration. That will help, but again, most users won’t be bothered to do it; it's inconvenient and they don't see a point to doing it.

Therefore, the better approach to the problem is both transparent to the user and electronic, with addition of active electronics. A basic solution is to incorporate a fixed (static) electronic identification code in the battery pack, which the OEM device must see to accept the pack as genuine. Unfortunately, a counterfeiter with even a little know-how will be able to read this code with an oscilloscope, recreate it, and then add it in at a very small cost.

A more advanced technique doesn't use a directly visible coding or identification scheme, but instead hides some of its details. The cyclical redundancy checking (CRC) technique is commonly used to check for data errors in memory arrays and serial data transmissions, via various checksum-generating algorithms. Battery makers, working with the device OEMs, can adapt the CRC technique: the product (acting as a host), queries the battery pack (in the role of responder).  The pack (a peripheral) must return battery information including such as product code, model number, and identification code, along with the CRC value. This challenge/response technique increases the counterfeiter's difficulties, but since it is static, it can be decoded and then re-created on the bogus packs.

The much-more secure approach for securing information adds elements which the CRC approach lacks. It requires a "secret" which the host and peripheral share; a truly random input; and a complex algorithm which generates an output sequence based on a string of input bits and the secret—and this algorithm should be not be workable in reverse to determine the secret by working from the observed output to the inputs. (Note that the algorithm itself does not have to be a secret, and may even be in the public domain in what is called public-key encryption; a version of this technique is used in many automobile keyless entry implementations.)

The preferred public-domain encryption algorithm is the SHA-1/HMAC, part of a family of secure hash algorithms developed by the National Security Agency (NSA) and published in the early 1990s. (Note: there were some questions about the resistance of this group to intense attack, but a recent review based on a "break me if you can" contest sponsored by NIST (National Institute of Standards and Technology) concluded they are actually more secure than originally expected, see " New King of Security Algorithms Crowned".) While there is a small component cost to implementing SHA-1, it does provide significant protection against use of counterfeit packs, so many vendors have added it to their fuel-gauge ICs. {{Author's note to reviewers: if this article runs long, we can just delete the sentence in parentheses; I just thought it was a nice touch.)

Once the SHA-1 or other encryption approach is embedded in the battery pack, it is up to the product OEM to decide what to do with its results. The OEM can program their product to do one of several things, such as allowing limited-time use of the product, while warning the user to get another battery immediately; or enabling operation only until the battery is depleted, but no recharge (batteries are usually shipped with 30-50% of their full charge).

The problem of counterfeit batteries is not trivial nor should it be glossed over, as substandard aftermarket batteries impact product operation and run time, while also damaging the OEM's reputation. Effective solutions are available, but they must be designed into both the battery and end product with as a joint effort between the battery vendor and OEM.


Share this Story

You may login with either your assigned username or your e-mail address.
The password field is case sensitive.