Reflections after TAF Connect 2026, by Vishal Shukla
Picture a distributor in India who handles 50 FMCG brands. Each brand uses a different anti-counterfeiting platform. Different apps. Different SDKs. Different data formats. Different scanning hardware.
This distributor is supposed to be the front line of product authentication. But to actually verify what’s coming through his warehouse, he’d need to juggle 15+ different systems. So he doesn’t. He stamps the paperwork and moves on.
Now picture a contamination getting discovered at a food manufacturer’s lab. Retained samples from a batch shipped two weeks ago come back flagged. That batch split across 50 distributors and 500 retail outlets in four states. The manufacturer knows which batch is affected. But they can’t tell you where those units are right now. Because each leg of the supply chain runs on a different system. Nobody’s data talks to anyone else’s.
The recall takes 11 days instead of 11 hours. This is the gap FSMA 204’s 24-hour traceback mandate is designed to close in US food supply chains.
This isn’t hypothetical for me. We built the backend for the Food Traceability Platform in Europe that connects 770+ enterprises from farm to retail counter. When the data flows through shared standards and one connected system, a batch trace that used to take days takes minutes. The technology works. The gap is always at the boundaries between systems.
I kept thinking about scenarios like these at TAF Connect 2026 in Mumbai last month. The ASPA-CRISIL report launched at the conference puts India’s counterfeiting losses at Rs 26 lakh crore. 89% of consumers have encountered counterfeit products. Less than 1% of QR codes on products ever get scanned.
The exhibition floor was full of impressive tech. Holograms. Serialization. Non-clonable QR. Blockchain. But the numbers tell a different story. The tech is there. The results aren’t.
Why?
The picture is straightforward. Today, every handoff is a wall. Tomorrow, a shared standards layer makes those walls disappear.
Supply chain interoperability: proprietary silos vs shared GS1 standards
Why Supply Chain Systems Don’t Interoperate
Every system works. No two systems talk.
That’s the pattern I kept seeing across every panel. Pharma, agriculture, FMCG, policy. Each solution provider has built something that works well inside its own walls. The problem starts at the walls.
A product moves from manufacturer to distributor to retailer. At every handoff, it crosses from one platform’s world into another. Visibility drops. The chain of custody that’s supposed to be unbroken is, in practice, full of gaps.
And counterfeiting doesn’t break through systems. It slips through the gaps between them.
Counterfeiting doesn’t break through systems. It slips through the gaps between them. Every proprietary platform is, by design, a gap.
This isn’t because anyone is doing something wrong. It’s how the incentives are set up. If you’re building a traceability platform, it makes commercial sense to create your own data format, your own verification app, your own ecosystem. The harder it is for a customer to leave, the safer your revenue.
But zoom out and look at what this creates. N brands times M supply chain partners times P platforms equals an integration nightmare. The people who bear the cost aren’t the vendors. It’s the distributors, the customs officers, the retailers, the consumers. The ones who actually need to verify stuff.
Three Regulations Making Interoperability Mandatory
Here’s where it gets real. Three regulatory mandates are converging. And all three push in the same direction: open, standards-based data sharing.
EU Digital Product Passport. Starting 2027, products entering the EU will need interoperable traceability data. Structured in open standards like GS1 Digital Link and EPCIS. Not locked into any single vendor’s ecosystem. Eight harmonised interoperability standards are being finalized right now. The GS1 DPP Provisional Standard specifies exactly what implementations must conform to at the data model level. The real work is building the EPCIS data layer that backs the passport. For textile exporters specifically, the interoperability pain is already here in audit cycles and certificate uploads, before DPP enforcement adds new categories on top.
GS1 Sunrise 2027. The global transition from 1D barcodes to 2D QR codes at retail POS. Every scanner manufacturer is shipping firmware updates. Retailers will be able to scan QR codes carrying GS1 Digital Link URIs. The question stops being “can we scan 2D codes?” and starts being “what do we do with the data?” For Indian exporters in particular, readiness goes well beyond the label change — the harder problem is the event data infrastructure behind the QR code.
India’s pharma QR mandate. Already live. And likely just the beginning. FSSAI is heading in the same direction for food.
Interoperability is moving from optional to mandatory. That changes the math for everyone.
What TCP/IP Teaches Us About Supply Chain Standards
I’ve been in software for 15+ years, so I think about this in technology terms. And there’s a direct parallel that’s hard to ignore.
In the early days of computer networking, every vendor ran proprietary protocols. IBM had SNA. Novell had IPX. Apple had AppleTalk. Massive businesses. And each one’s moat was the same: switching costs. Sound familiar?
Then TCP/IP won. One shared protocol for data interchange.
Did all the networking companies die? No. But the ones who survived did something specific. They moved up the stack. Cisco stopped competing on wire protocols and started competing on routing intelligence, network management, security. The transport layer became shared infrastructure. The intelligence layer became the new battleground.
The total market didn’t shrink. It expanded by orders of magnitude.
GS1 standards are doing the same thing for supply chains right now. GTIN for product identification. GLN for locations. EPCIS for events. Digital Link for making it all web-resolvable. This is the TCP/IP moment for traceability.
The question for solution providers isn’t whether this shift will happen. It’s whether you’ll lead it or get dragged along.
From Vendor Lock-In to Insight: Where Value Moves
Here’s what I find most interesting. Under the current setup, a proprietary platform that covers one brand’s internal supply chain sees maybe 10% of all the events that matter. It can tell you what happened inside its own walls.
An interoperable system that connects manufacturer to distributor to retailer sees 100%. It can tell you where every unit of a batch is right now. It can spot a serial number showing up at a location with no corresponding shipping event. It can detect that a batch has more receiving events than the number of units that were actually produced. These are counterfeiting signals that no single-vendor system can catch. Because no single vendor sees the full picture.
That’s the shift. Competition moves from “how deeply am I embedded in this brand’s operations” to “how much intelligence can I extract from connected data.”
Think of it this way:
Today, the value proposition is: “It’s hard to leave us.” That’s the lock-in moat.
Tomorrow, the value proposition is: “Nobody else can show you what we can show you.” That’s the insight moat.
The lock-in moat is defensive. The insight moat is compounding. It gets stronger as more partners connect. That is exactly the opposite of a closed ecosystem.
The second one is actually harder to compete with. Because it gets stronger as more supply chain partners connect. Network effects work in your favor instead of against the ecosystem.
How to Build a Business on Open Supply Chain Standards
I know what the skeptic is thinking. “Fine, sounds good in theory. How do I actually make money if my data format is open and my customer can switch?”
Fair question. Here’s how I see it playing out.
Standardize the base, own the intelligence. Red Hat built a $34 billion business (IBM acquisition price) on top of open-source Linux. The operating system was free. The enterprise features, support, and managed services were not. Same model applies here. EPCIS events and GS1 identifiers are the open layer. Analytics, anomaly detection, automated alerting, compliance reporting: that’s where you charge.
Be the first to see the full chain. The solution providers who embrace interoperability first get access to the richest cross-organizational datasets. Better data means better models. Better models mean better insight. Better insight means stickier customers. Not because they can’t leave, but because they don’t want to.
Grow the pie. Right now, the cost of proprietary integrations prices out most mid-market companies from serious traceability. A mid-market food company in Gujarat isn’t going to sign up for a complex proprietary platform. But a standards-based system that plugs into their existing GS1 setup? That’s a conversation they’ll have. The addressable market gets dramatically bigger.
Let regulation do the selling. EU DPP, GS1 Sunrise, pharma serialization. These are baseline requirements. Brands need to comply. Being the provider that’s already interoperable, already GS1-native, already ahead of the mandate: that’s a sales conversation that starts with “we’re ready, are you?”
What I Took Away from TAF Connect
Bijoy Peter from GS1 India told me something at the conference that stuck. He’s spent the last five to six years just getting companies to adopt basic GS1 identifiers. GTINs. GLNs. The foundation layer. Not the fancy stuff. Just the basics.
The standards exist. The implementations exist. What’s missing is the willingness to use them as actual shared infrastructure instead of a compliance checkbox.
The solution providers who will lead this next phase won’t be the ones with the longest feature list. They’ll be the ones who figure out how to build the best intelligence on top of shared data. The ones who solve the adoption problem, get the incentive design right, and make interoperability work commercially.
We don’t have a technology problem. We have a business model problem. And the fix isn’t more tech. It’s better incentive design for everyone in the chain.
We don’t have a technology problem. We have a business model problem. More holograms and blockchain won’t fix misaligned incentives.
The moat isn’t lock-in anymore. The moat is insight.
I’m curious to hear from people who live this every day.
If you’re a solution provider: does this framing match what you’re seeing? What’s the practical barrier I might be underestimating?
If you’re a brand or distributor: what would actually make you push for interoperable systems?
If you’ve seen another industry go through a similar standards-driven shift: what surprised you about how it played out?
The conversations at TAF Connect were some of the most honest I’ve had in this space. Let’s keep that going.
