How the Anonymous Artist Banksy Authenticates His or Her Work

Interesting scheme:

It all starts off with a fairly bog standard gallery style certificate. Details of the work, the authenticating agency, a bit of embossing and a large impressive signature at the bottom. Exactly the sort of things that can be easily copied by someone on a mission to create the perfect fake.

That torn-in-half banknote though? Never mind signatures, embossing or wax seals. The Di Faced Tenner is doing all the authentication heavy lifting here.

The tear is what uniquely separates the private key, the half of the note kept secret under lock and key at Pest Control, with the public key. The public key is the half of the note attached to the authentication certificate which gets passed on with the print, and allows its authenticity to be easily verified.

We have no idea what has been written on Pest Control's private half of the note. Which means it can't be easily recreated, and that empowers Pest Control to keep the authoritative list of who currently owns each authenticated Banksy work.

Posted on April 10, 2019 at 5:44 AM • 21 Comments


meApril 10, 2019 6:55 AM

do i have understood this well?
1-he wrtite two random numbers
2-he attach one of them on the paint and keep the other for himself
3-when you receive the paint you call him and ask "i have number 12345 is this real?" and he say "yes!" (but i don't get what the private part of the key/number is used for)

i understand that:
-if someone sells the paint he should inform the author.
this because otherwise if the "public" number goes public anyone can just attach it on the fake paint and anyone calling "i have 12345 is real?" will get a yes.

but if the author is informed and get a call he can know who has it now and verify directly with the actual owner if he intend to sell it, otherwise he knows that the "public" number has leaked.

to me it seems that this works not because of public/private key (as in computer security) but more because:
-anyone will want to verify before buy to avoid wasting money on a fake. so they will call the author and give the number
-the author will contact the owner because he knows who is the actual owner and ask for a confirmation "do you still have the paing? are you going to seel this to x?"
-the number is just a way to hide the actual owner so that only the author can contact him.

Denton ScratchApril 10, 2019 8:21 AM


I think I agree; I don't see how public and private keys come into the picture (and BTW I found the article a bit breathless).

The way I read it, you have a torn half banknote, with an ID# on it, stapled to a certificate; the tear should match that on the half banknote with the same ID# that is held by PC. This is like the 'broken ring' recognition token from fairytales.

You could verify a match using photos, I suppose; but at the price Banksy's change hands for, I think I'd prefer a physical inspection. So you'd have to send PC your certificate.

So the security is provided by the difficulty of faking the tear in the half banknote on the certificate, so it matches the tear in PC's half banknote. The forger would need a way of copying a tear precisely - but I guess that's just a hard technical challenge.

I think that as a prospective buyer, I wouldn't be convinced by this scheme. Perhaps I've totally got the wrong end of the stick, but I can't see how this is secure enough for high-value transactions.

I don't see why PC have to phone the current owner to check he's really selling. If the two halves of the tear match, it's a real Banksy (or rather, the certificate checks out), and that's all a buyer needs to know. And art collectors often don't like to be recorded in catalogues of owners, complete with contact details.

Of course, there is a market for stolen art. A certificate that attests that it's a Banksy is quite sufficient to justify a purchase, provided the buyer doesn't care if it's stolen; the buyer doesn't need additional proof that the seller is actually the owner. In fact I can imagine circumstances where that would be the opposite of what the buyer wants.

Incidentally, having an unforgeable certificate of authenticity would seem to make it unnecessary to establish a provenance chain. If you can prove it's a real Botticelli, who cares who owned it between (say) 1622 and 1856?

not banskyApril 10, 2019 9:04 AM

I think the authentication is not in the tear, but in the currency's serial number.

When you tear the bill in half, each half has the same serial number. The cost (and legal risk) to making a counterfeit "tenner" is very high. If you could do that, faking a Bansky is not what you'd do with it.

Having the "private keys" - or collection of halves of bills - in a single central location seems like a flaw to me. If I were Bansky, I'd be more inclined to anonymously post a photo of the previous private half with the newest half. The series of photos would be a chain, assuring that no fakes slipped into the lineup. Kinda like a blockchain.

You run the risk of a faker doing a photoshop with a new, fake work - but that would cause a fork in the chain, and like BTC, the longest chain would become the valid chain. Any fakes would stand out badly after 1 or 2 new Bansky's get released and authenticated.

SethApril 10, 2019 9:49 AM

@not banksy, that would be a clever scheme but I don't think it's being done here. "The authentication certificate has stapled to it half a ‘Di faced tenner’, a £10 note faked by Banksy with Lady Diana’s face on it." So the note on the certificate is an imitation, rather than a real bank note. Probably helps keep the costs of creating certificates down, and I'd doubt it has many of the security features of a real bank note. The only security I see is the difficulty in matching the tear exactly (which I'd imagine is sufficient for most prints).

Other than that, the rest of it seems to be aimed at reassuring buyers they're getting a genuine print (or that they can prove they have a genuine print). It seems like this would also provide a handy way for the artist to track how the works are being sold, and for how much.

JonApril 10, 2019 10:24 AM

@ Denton Scratch:

Not always fantasy, although still fiction - broken coins show up in James Clavell's 'Noble House' (and, I think, 'Tai-Pan'). Minor difference is that both halves are kept very secret.

Note that the handwritten serial number is also torn in half. Presumably the full number is on the other half. The point about bill serial numbers is cute also.

And, of course, this does nothing against an insider attack, where someone at PC who knows how to make them runs off a few dozen of his own.


ThunderbirdApril 10, 2019 11:47 AM

This article doesn't describe the scheme in sufficient detail for me to see where it is any more secure than the identical scheme that doesn't involve the mystical fake banknotes. It says the company calls Joe Schmoe, known owner, and says "are you transferring ownership?" If s/he/it says "yes," then they change the list. If not, they don't.

Presumably the fake note could be used in case of a dispute, but if settling the dispute involves potentially revealing the note (e.g., sending a photo), it seems the magical secret can be lost at that point. Maybe they send a new certificate in the mail to address this?

Note that the absence of this kind of problem is why public-key-based signatures are useful and cool.

Overall, like other Banksy items, it is "art," not "engineering," and perhaps the author didn't recognize the difference.

MKApril 10, 2019 11:47 AM

I recall a similar scheme (matching irregularities) used to authenticate copies of the Magna Carta.

justinacolmenaApril 10, 2019 11:53 AM

"How the Anonymous Artist Banksy Authenticates His or Her Work"

It's more or less expected of artists to "sign" their work in some trademark fashion or another.


I don't like that. Pseudonymous, if you must. "Banksy" is a name or self-appellation of sorts, even if it is not the "real" or "birth certificate" name.

His or her.

The disjunction of gender in the third person is a legal risk of misattributing the aforementioned art to a third party. I don't like that, either.

The judicious newspaper editor always retains an attorney.

Sed Contra April 10, 2019 1:23 PM

One now hopes one has hard-to-spoof-proof that one has overpaid for a piece of amusing but shallow gimmickry.

DaveApril 11, 2019 2:02 AM

Since the problem was copying, doesn't this just add an extra step to the process? You buy a Banksy, buy the auth. certificate, and then run off 100,000 of them to go with the copied artwork. Since you have the original and only you know what's happened with it, none of the buyers can tell whether their one is real or not. Or at least it's real with probability 1/100000.

Wilhelm TellApril 11, 2019 3:29 AM

There are at least two more points of attention:

  1. Third party verification. You can always take both ends of the note and go to Bank [of England] and ask for the value of the torn note (to replace the torn note with a new one). They verify that both ends are from the one and same note before changing.
  2. Whole collection. The rights for the whole collection can easily be sold by selling the "private parts" of the keys. -- But how can you do that in zero-trust environment, if the buyer does not trust the seller (who has access to the private end of the note).

I would go further and split the note into three. Anyone having two (of the three) parts of the note can get verification from the bank (because you get refund of the notes value if you posses more than 50% of the original note).

3. When you sell the collection, you keep one of the three parts to authenticate the new owner of the collection.

Sed Contra April 11, 2019 4:31 AM

Picasso’s handling of the authentication problem, and the value problem, in at least one case was gracious and elegant: he responded to a request for a drawing worth the amount of the accompanying cheque by returning the cheque uncashed with a drawing on rhe back.

1&1~=UmmApril 11, 2019 7:50 PM

Whilst the torn note is a "physical authenticator" that would be hard to forge, it could be done.

The question that is not being answered is 'what the hand written number on the fake tenner realy is?

Something tells me it's not a random number but just looks like it's random.

So just for argument's sake the whole number could be made as follows,

1, Turn the name of the picture, it's print number and the serial number (if unique to each fake tenner) off the tenner and form an 'input' string.

2, XOR the string with a 'secret'.

3, Take the resulting XORed string and put it through a one way function like a crypto hash to make the 'output'.

4, then encode the hash by a syandard method to what looks like a random string and write that 'output string' across the fake tenner.

5, Tear the fake tenner in half and staple one half to the certificate,

6, type on the other half either the input string or the secret but not both then put it in the vault.

Thus a third party does not know the original text string or the XOR string used to 'whiten it' before hashing. Even with more than half the hash output the third party can not find the rest of the hash 'output string'. If the authenticity was challenged Pest Control present a court or independent adjudicator with the input string and XOR whitening string and provides the adjudicator/judge with the method. The adudicator can then produce the outpit string and verify that the half Pest Control supply has the correct leading digits of the output string. If they match and the two halves of the fake tener match up the adjudicator can then check the string written on the 'owners' certificate, if they match it's valid.

The hash function being essentially not just one way but spreads via the avalanch principle any single bit change across the entire output has bound the two halves of the fake tenner together in a way Pest Control can not repudiate if it is genuine.

Whilst not being fully secure as a process it does make the job of a third party forger near impossible.

justinacolmenaApril 13, 2019 11:36 AM

Banksy? Do I have that name confused with an artist of a totally different genre?

There's an Establishment outlaw fellow, goes by “Banksy,” has an old Treasury printing press somewhere out back in the woods near Fairbanks, been in operation at least 30–40 years.

Every once in a great while, he comes out of woods with a whole planeload of Confederate cash, a $50 tip for the waitress here and there, and then a bunch of federal agents and secret service folks come around, and they play games, this bill's real, that one's fake, but we'll honor it because the lady had no idea when she accepted it, but we've got to arrest that other guy over there because he's a bit scruffy.

There's a large Korean immigrant community there. Banksy has got to have connections with North Korea's Kim regime, but they don't really want to get caught on North Korean soil with that operation.

TomApril 13, 2019 3:59 PM


Thank you for the description of how such a scheme could work.

“the entire output has bound the two halves of the fake tenner together in a way Pest Control can not repudiate if it is genuine.”

That’s a significant feature! Both artist and purchaser are protected.

It would completely remove the judgment-call nature of such authentication work. (See the Andy Warhol Foundation imbroglio for an example of how such procedures can go awry.)

PeterApril 15, 2019 3:35 AM

Seth wrote:

Probably helps keep the costs of creating certificates down

Saving 10 GBP isn't a big deal when your works sell for six or seven digit numbers. There's a simpler explanation. Banksy claims (whether it's true or not is another question) in a "documentary" that he made up a big batch of his Lady Di tenners and started handing them out at a festival, but he stopped when he saw that people were going into the refreshment tent and buying beer with them, and the staff weren't noticing that they weren't real tenners. However true that story is, the "documentary" shows a large number of the notes. The simple explanation, then, is that he already had the notes left over from a previous project and thought it would be fun to use them in his authentication certificates.

@justinacolmena, you've definitely got the wrong person. The Banksy this is about is from Bristol, England, and is best known for his graffiti.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.