Identity Testing

Identity Testing – Proving Materials Are What They Claim to Be Before Use

This topic is part of the SG Systems Global regulatory & operations glossary.

Updated October 2025 • Incoming Materials & Release Readiness • See also: Goods Receipt, Component Release, CoA, AQL, HPLC, Barcode Validation

Identity Testing is the act of confirming that each received lot of a material—raw ingredient, component, container/closure, label, or packaging—truly is the specific substance or item defined in the specification. It is distinct from assay, purity, or performance testing: identity asks a binary question (“is it what it claims?”) using methods with discriminatory power against plausible substitutes or mix-ups. In regulated manufacturing, identity testing is a cornerstone of Incoming Inspection and is typically required before a lot moves from quarantine to Component Release. Identity evidence often combines analytical results (e.g., spectroscopy, chromatography), encoded data checks (e.g., GS1/GTIN, UDI), and documentation parity (CoA alignment, correct artwork) captured with attributable audit trails.

“Assay tells you how much; identity tells you what. If identity is wrong, everything downstream is an illusion—even a perfect assay cannot save a misidentified lot.”

TL;DR: Identity Testing confirms, for each lot, that materials and components match their specification and cannot be confused with alternatives. Methods range from quick spectroscopic fingerprints to HPLC and barcode/label verification, with results tied to quarantine/release status, CoA, and genealogy under Part 11 controls.

1) What It Is

Identity Testing translates a material’s definition into verifiable attributes that differentiate it from look-alikes, near neighbors, and intentional or accidental substitutions. For chemical ingredients, identity may be established by spectroscopic fingerprint (FTIR, Raman, NIR) matched to a validated library, or by chromatographic profile via HPLC where co-elution and impurities must be distinguished. For botanicals, microscopy and chemical markers can be augmented with DNA barcoding; for packaging, identity may hinge on resin type, dimensions, or standardized barcode content/format against the approved artwork and master data. In all cases, sampling is purposeful: take the right number of containers and units to achieve the method’s discrimination across the lot, and record traceable chain-of-custody from the sampling event through result approval.

2) Regulatory Anchors & Applicability

For drugs and biologics, 21 CFR 210/211 require that each lot of components, containers, and closures be sampled, tested, and approved or rejected—including identity testing of every lot of each component at minimum. Dietary supplements under 21 CFR 111 likewise require identity testing of each lot of each dietary ingredient, permitting qualified alternatives only under stringent supplier qualification and verification. In human food (21 CFR 117), identity controls are risk-based within preventive controls/HACCP programs to prevent economically motivated adulteration, allergen mislabeling, or substitution. For medical devices, Part 820 (purchasing and acceptance activities) requires verification that incoming product meets requirements—identity included—prior to release to production. When results are electronic, the controls of 21 CFR Part 11 (and EU Annex 11) apply: validation, user identity, electronic signatures with meaning, and secure, computer-generated audit trails.

3) Methods & How to Choose Them

  • Spectroscopy (FTIR, Raman, NIR). Rapid, non-destructive “fingerprint” methods ideal for differentiating common excipients and APIs. Build validated libraries and set match thresholds; verify instrument calibration status.
  • Chromatography (e.g., HPLC). High specificity when interferences exist; retention time and peak pattern against a standard, optionally with spectral detectors (PDA) for added confirmation.
  • Wet chemistry / functional ID. Color reactions, titrations, melting point, viscosity—useful when simple and discriminative; document acceptance criteria.
  • Microscopy / DNA barcoding (botanicals). Detects substitution or adulteration; combine with chemical markers for robust identity.
  • Packaging & label identity. Resin identification, dimensional checks, burst/peel tests, and verification of encoded data via Barcode Validation against approved masters.
  • System identity via data checks. For serialized or standardized items, confirm UDI/GTIN syntax and parity to master data (GS1/GTIN), and tie to EPCIS event history where used.

Method selection should be risk-based: choose the simplest method that reliably discriminates the material from credible substitutes or neighbors, validated for intended use, rugged across environmental conditions, and practical at the pace of receiving. Where a single method is insufficient, combine orthogonal tests (e.g., Raman + HPLC) to achieve unambiguous identity.

4) Sampling & Statistical Considerations

Identity sampling targets the risk of container-to-container variability and substitution. For drugs, each incoming lot typically requires sampling from a defined number of containers distributed across the lot; for packaging/labels, unit-level sampling is often designed using AQL for attribute defects. Composite sampling can be efficient for homogeneous powders or liquids, while unit sampling is preferred when the risk is localized or when visual/label errors are plausible. Always record the sampling plan, container IDs, quantities, and chain-of-custody data as part of the electronic record; link the plan to controlled specifications in Document Control.

5) Execution Controls & Data Integrity

Strong execution begins at Goods Receipt: enforce quarantine status, verify seal condition and transport criteria per GDP, and trigger inspection tasks. Devices must display current calibration and log attributable readings. Use gravimetric checks where sampling requires precise aliquots. Link each result to the lot, purchase order, container IDs, analyst, and date/time; capture photos for labels and packaging. Protect data with Part 11-compliant signatures, audit trails, and validated backup/restore; retain per Data Retention & Archival. Nonconforming results route to Deviation/NC with containment and, if systemic, to CAPA; any method or spec update proceeds under Change Control.

6) Special Cases: Allergens, Labels & High-Risk Materials

For High-Risk Allergens, identity controls extend beyond the ingredient name to the verification of allergen presence/absence and correct labeling claims; misidentification can create immediate consumer risk. For printed labels and cartons, treat artwork version, variable data, and symbology as identity attributes—verify against controlled masters and enforce scan-back validation to prevent mismatches. High-value actives and botanicals may require orthogonal identity methods or tighter sampling to mitigate substitution/adulteration risk.

7) Common Failure Modes & How to Avoid Them

  • Assuming CoA = identity. Supplier CoAs are necessary but insufficient. Fix: perform in-house identity per regulation; adopt periodic verification if using reduced testing.
  • Sampling too few containers. Localized variability goes undetected. Fix: risk-based container sampling with documented rationale.
  • Unvalidated libraries / thresholds. Spectral mis-matches or false acceptances. Fix: validate libraries, set evidence-based match criteria, re-qualify after changes.
  • Label/version mismatches. Artwork or GTIN drift. Fix: tie inspection to controlled masters via Document Control and enforce Barcode Validation.
  • Data integrity gaps. Handwritten notes, backdating, shared logins. Fix: electronic capture with unique users, Part 11 signatures, and trails.
  • Instrument status unknown. Out-of-calibration readings. Fix: visible calibration status interlocks; maintain GAMP 5-aligned qualification (IQ/OQ/PQ as applicable).

8) Metrics That Demonstrate Control

  • Right-First-Time identity pass rate and dock-to-disposition cycle time.
  • Container coverage vs plan and verification frequency for supplier CoA reliance.
  • Label/GTIN mismatch prevention (blocked attempts, scan-back catches) and quarantine bypass attempts stopped.
  • Nonconformances per 1,000 lots, and downstream impact (holds in eBMR, scrapped batches avoided).
  • Audit/inspection retrieval time for full record: sampling, results, trails, approvals.

9) How This Fits with V5

V5 by SG Systems Global embeds Identity Testing into an end-to-end receiving and quality flow. In V5 WMS, Goods Receipt assigns quarantine and launches inspection tasks; Directed Picking and Dynamic Lot Allocation exclude unreleased lots from use. In the lab/QA layer, devices capture attributable data; methods and match thresholds are controlled under Document Control. Results post to lot history with Part 11 e-signatures and secured audit trails. If identity fails, V5 opens Deviation/NC, blocks availability, and supports escalation to CAPA. On release, evidence flows to eBMR genealogy, feeding CoA generation and inspection readiness. Label/GTIN verification integrates with GS1 masters and supports EPCIS event capture for end-to-end traceability.

10) FAQ

Q1. Do we have to identity test every lot?
In drugs and supplements, yes—each lot requires identity confirmation. In foods and devices, the requirement is risk-based but still expected for high-risk materials and labels.

Q2. Can spectral libraries replace HPLC?
Sometimes. If spectroscopy has proven specificity and validated thresholds for the material and expected interferences, it may suffice. Otherwise, add orthogonal methods such as HPLC.

Q3. How many containers must we sample?
Enough to manage risk of variability and substitution; follow your SOP and regulatory expectations. For many APIs/excipients, multiple containers across the lot are sampled; for labels, use AQL-based attribute plans.

Q4. Can we rely on supplier CoAs?
Not for identity in drug and supplement components—perform in-house ID. Reduced testing or skip-lot strategies require qualification, monitoring, and Change Control.

Q5. How do we control label identity?
Verify artwork version, variable data, and encoding via Barcode Validation; reconcile GTIN/UDI to masters; treat mismatches as nonconformances.

Q6. What records are required?
Sampling plan and execution, raw data and spectra/chromatograms, instrument status, analyst signatures, dispositions, and protected audit trails, retained per Data Retention & Archival.

Related Reading
• Receiving & Status: Goods Receipt | Incoming Inspection | Component Release
• Methods & Controls: HPLC | Gravimetric Weighing | Barcode Validation | GS1 / GTIN
• Quality System Backbone: Deviation / NC | CAPA | Document Control | Audit Trail (GxP) | Data Retention & Archival
• Regulatory Context: 21 CFR 210 | 211 | 111 | 117 | 820 | Part 11 | Annex 11



Related Business Terms and Concepts