Credentialized Authorized Trading
Partner Status under

The Drug Supply Chain Security Act (DSCSA) requires US pharmaceutical supply chain actors to prove that they only interact with trading partners that are “authorized”. Trading partners are “authorized” when they hold state licenses valid at the time of trading.

Proof of electronically authorized status is required in every Saleable Return Verification process where wholesalers and their customers (dispensers such as hospitals, pharmacies and other points-of-dispensing) must be able to verify the validity of drugs and be able to uniformly identify products as legitimate or illegitimate. To check the counterparties’ “authorized” status, pharma companies can use the identity wallet technology.

Spherity is working together with global pharmaceutical manufacturers, wholesalers, distributors, the Healthcare Distribution Alliance and other solution providers to develop a production-grade solution for the Authorized Trading Partner legislation by Autumn 2020. Spherity’s Cloud Identity Wallet enables the exchange and verification of electronic state licenses.


  • Automated and electronic verification of state licenses in Saleable Return Process
  • No change in existing processes or industry standards required
  • Technology can be extended on product level to meet traceability requirements of DSCSA by 2023


  • Trading partner can request and store state licenses from credential issuer
  • Credential issuer signs and issues state licenses directly as Verifiable Credentials
  • Trading partners or service providers can present, request and verify credentials in real-time




Project Scope
DSCSA-Compliant Verification of Authorized Trading Partners


Organization Size
+ 100.000 Employees


Client Testimonial

“Based on our successful collaboration with Spherity, the industry agreed to further investigate the usage of W3C Decentralized Identifiers and Verifiable Credentials technology to electronically verify Authorized Trading Partners in the saleable returns verification process in an industry-wide pilot.”


Dr. Oliver Nuernberg
Chief Product Owner, SAP Life Sciences

Third Party Risk Management (TPRM) enabled by Cloud Identity Wallets

How can we shorten the supplier onboarding effort in Third Party Risk Management from the thirty days that is typical today, to only three days?

Together with members of the Pharmaceutical Supply Chain Initiative (PSCI) and other partners, we built an interoperable blockchain solution for TPRM processes that enables faster onboarding and more efficient compliance data management. Based on this, the participating members of the PSCI save valuable time and money.

Suppliers holding a decentralized digital identity are able to re-use answers from standardized self-assessment questionnaires and can present them as credentials multiple times. On the other end, pharma companies can validate the credentials from suppliers in a reliable, automated way. Both suppliers and pharma companies manage their digital identity and associated credentials in Spherity´s interoperable Cloud Identity Wallet. Suppliers and pharma companies can prove the authenticity of shared compliance data by verifying the holder’s and issuer’s identities on the blockchain.


  • Re-usage of data from self-assessment questionnaires (based on harmonized PSCI templates)
  • Automated verification of answers (credentials)
  • Interoperability with other Identity Wallet providers and verification systems


  • Credentialize compliance data
  • Add files to credentials
  • Store, present and verify TPRM credentials
  • Establish secure communication channels

Stay sphered, join our Newsletter

Electronic Product Information

Medicine’s product leaflets inform patients about the safe usage of a medicine and assist healthcare professionals in prescribing them. Moving from paper to digital product information bringsmultiple benefits:

  • Anti-Counterfeit: unlicensed products cannot have digitally verified e-leaflet
  • Health outcomes: more targeted medication instructions for different patient groups
  • Environment: no production of paper leaflets
  • Financial: no production costs and recalls due to wrong or outdated information

From a regulatory perspective, the European Commission and the European Medicines Agency (EMA) have identified areas where medical product information could be improved to meet the needs of patients and healthcare professionals. These wide-ranging actions include the objective to enhance readability and develop an electronic format for the leaflet.

Spherity works with Pharma companies on a future-proof electronic Product Information System for commercial medicines (ePI) as well as on digital identity for clinical drugs and kits used in clinical trials (ePI-CT).

Equipping each manufacturer, regulator and medicine box in a value chain with our Cloud Identity Wallet allowed us to realize a trusted electronic product information solution. That solution increases patients safety by improved instructions and reduces time-to-market and process costs for involved manufacturers, regulators and healthcare professionals.


  • Mobile application to display content of e-leaflet and verify signatures to prove data provenance
  • Real-time revocation of content and expiration warning via mobile application
  • Cyber-physical link with 2D matrix code to prove product authenticity

One-Button Trusted Release for Medical Products with Verifiable Credentials

The existing regulations in the EU specify that no batch of medicinal product can be released for sale or supply prior to certification by a Qualified Person. Hence, a Qualified Person needs to deal with multiple production documentations to approve a batch for release in a Trusted Release process.

Imagine a digitalized Trusted Release process on a batch with instant access to all the relevant information in verifiable form, rather than dealing with multiple distributed paper documents. Digitized and pre-validated data allows the Qualified Person to dig deeper or double-check any input with a minimum friction of effort.

To trust the presented data, the Qualified Person needs a digital audit trail of all value chain events upstream. All actors, whether they are employees, machines or enterprises, get a digital identity that allows them to issue credentials about production events. At the end of the digital audit trail, the Qualified Person can evaluate whether the batch of a medicinal product or drug can be released for sale or supply.

To have a complete picture of a batch, we create a digital twin of a batch of a medicinal product or drug. This allows every actor in the production process of a given batch to get access to the digital twin and register their events as another verifiable credential to the digital twin. At the end of the production process, the Qualified Person gets access to all the value-chain credentials of the batch, to evaluate them in the Trusted Release process.


  • Infrastructure for one-button trusted release
  • Digital audit trail saves documentation and audit costs
  • No process information from suppliers is disclosed to other suppliers
  • Digital exception-handling and deviation analysis


  • Issue, store and verify production events as Verifiable Credentials
  • Verifiable data chain of production events as audit trail for Qualified Person
  • Access control credentials can also be managed using the same identity wallets

Consider what decentralized identity management
could mean for the visibility and trustworthiness of data
throughout your business processes.