Authors - Haitham Al Habsi, Norliza Mohamed, Suriani Mohd Sam, Hazilah Mad Kaidi, Norulhusna Ahmad Abstract - RFID-enabled IoT systems have transformed supply chain traceability, yet their authentication mechanisms remain critically exposed. Common threats include tag cloning, replay attacks, rogue reader exploitation, and centralized database breaches. This paper examines authentication weaknesses through a five-layer IoT architectural model, identifying four root causes: weak encryption, static identifiers, absent mutual authentication, and over-reliance on centralized trust. These weaknesses are mapped across physical, connectivity, middleware, analytics, and application layers to illustrate how failures propagate systemically rather than in isolation. In response, a blockchain assisted authentication framework is proposed, combining lightweight cryptographic primitives, immutable audit logging, and smart contract-driven access control to eliminate single points of failure. Comparative analysis confirms that decentralized architectures substantially reduce replay and cloning risks while remaining compatible with existing RFID infrastructure. The findings offer a practical analytical foundation for building resilient, adaptive authentication in next-generation IoT anti-counterfeit deployments.
