@ Ashwani Kumar,
"hologram is an authentication tool. If anyone says that holograms are not secure, its wrong."
No a hologram unless it is an intrinsic part of the device is a "security token" all it authenticates is itself nothing more.
The difference and the obvious failing of "security tokens" is,
If I steal a real of the holograms you or others produce and attach them to my counterfit goods then the token authenticats it's self and will pass all tests it is subjected to. The goods however are just as fake as ever they where.
The next issue with security tokens is cost of production. The manufacturer of the goods they wish to put the token on for reasons of cost effectivness is not going to want to spend more than a fraction of a percent of the retail price less infact than on the throw away shipping packageing.
So the token has to be cheap to mass produce which indicates the process involved is going to be available to others likewise the materials that go to make the tokens. Therefore to a sophisticated counterfitting organisation the only obstical is the design and hidden features of the token.
And this is where the security tokens purpose splits into two different functions,
1, The design should be such that it is recognisable to the unassisted human as being the "genuine item".
2, The hidden features are their so that an aided detective can check if the token is possibly genuine or good counterfit copy.
From the counterfitters perspective they allready know the limitations of the technology and finding out the other hidden features is usually just a matter of making a sales enquiry.
Therefore hidden features are just security by obscurity and doomed to fail.
Therefore the only sensible option is that used by those who produce curency tokens (ie print money) to include a unique identifier with each token that is self authenticating by a hidden key. The obvious one is a serial number that contains a cryptographic checksum. Unfortunatly this is very difficult to do with numbers that are short enough to be read on a reasonable sized token.
The less obviouse approach is a serial number that when subjected to a mathmatical transform produces a small binary number, the bits of which are used to turn on and off other hidden features.
But in reality this is the limit of the abilities of the "off line" use of low cost printed security tokens such as holograms, they have reached their evolutionary dead end and have been out evolved by technology.
They do have a limited lifetime left as online tokens (think mobile phone top up cards, print at home tickets etc) the serial number is made up of a (semi) secure pattern, which is stored in an online database. The first person to use the number gets the service, subsiquent attempts are blocked.
All of this evolutionary behaviour has been played out by Microsoft and other large vendors and in all cases low cost off line tokens end up being circumvented by counterfiters and thus rendered usless from the revenue protection point of view.
The cost of running the online tokens is bourn by the product manufacturer and as Microsoft has found it is both expensive and unreliable and has significant issues down the line.
Which effectivly brings the industry back to "dongles" which are tokens that the prodct needs inplace to work.
Unfortunatly these are expensive to produce, and counterfiters find ways around them such as replacing the checking code in the product with a deliberatly weakened version then providing their own counterfit tokens.
After a little thought you get to realise that in mass produced items security tokens only function to give consumer confidence not effective revenue protection.
Which is why the online product model is so seductive to intelectual property (IP) owners.
However the thing to be protected has to be "active" not "passive" IP. A passive IP system like a film or song can always be recorded no matter what watermarking is included. An active IP system like a wordprocessor however is a more difficult prospect but ultimatly is counterfitable, however the effort involved would be more profitably used to develop a compeating product.
With passive IP the next step in the process is to stop people copying the original which is what DRM is all about but as has been shown it fails in the offline mode and is only partialy succesfull in the online mode.
The next stage is watermarking and tracing back to the counterfitters. Unfortunatly this is not going to work for passive IP due to redundancy and the human brains ability to work around noise.
Tracing back watermarked systems is very expensive when done by humans so automated processess are used these unfortunatly don't work very well as a binary file is just a collection of bits and changing just a few (content dithering) or all of them (encryption) will defeat the automatic systems.
Eventualy the IP holders will realise that they are in an arms race they can not win but quite a few will go down in flames fueled by the highly volatile snake oil token / watermark / DRM vendors will be happy to foist off on them...
The solution to the issue of revenue protection is "online" only systems of "active" IP of high complexity. We are starting to see this with things like Second Life and multiuser online games.
For "pasive" IP online systems will give a limited revenue protection but probably the cost is not justiffied (think of what Sky has gone through and still failed).
The obvious answer is just to accept that it is a buyers market and you cannot "hog tie" it into a premium price controled market. But this requires new less profitable business models but it is the way the market is going to go.
As for security tokens such as holograms they will still carry on but only on tangable goods. Either as "off line" for customer confidence in mass market items or "online" audit trail serial numbers for high value items such as drugs or spares for aircraft. But in the latter case they will increasingly be replaced by active devices such as RFiDs...