General security

Exploring the viability of signature recognition biometrics

Dan Virgillito
July 16, 2019 by
Dan Virgillito

Introduction

Signature recognition is a biometric modality that stores and compares the behavioral patterns which are integral to the process of generating a signature. Some of the factors that are analyzed include the speed, variations in timing and the pressure applied to the pen when an individual composes a signature.

Of all the biometric modalities in existence, signature recognition carries the most potential in terms of adaptability, security and implementation. In addition, the costs involved in the deployment and procurement of this biometric modality are minimal in contrast to the much more complex modalities like retinal and fingerprint recognition.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

In this post, we’ll explore the viability of signature recognition biometrics. By the time you finish reading this article, you’ll have a clear idea of:

  • The potential applications of signature recognition
  • Whether the modality is being actively pursued
  • Whether the behavioral-based biometric really ensures maximum authenticity


Adoption and potential applications of signature recognition

Regarding its adaptation in the marketplace, signature recognition offers a range of benefits over other biometric modalities. For example, it is: 

  • Noninvasive, which raises its probability of being a publicly accepted authentication method
  • Constructive for nearly each of the modern generations of PDAs (personal digital assistants) and computers that use handwriting as an input medium
  • Difficult to forge, as it’s quite challenging for an adversary to mimic the behavioral patterns involved in composing a signature

Because of these advantages, signature recognition has been and can be used in several ways ranging from commercial use to forensic- and government-level applications.

For example, logging into enterprise accounts can be done through a mixture of fingerprint and signature recognition biometrics to achieve a better state of security in this space. The combination of signature recognition and a secret passcode can also be used to give users an advanced level of privacy and protection for their accounts.

Government outfits can also leverage signature recognition to expedite their verification processes. Federal and state-level setups generally deal with large populations and authentication takes a considerable amount of time. This can be reduced through signature recognition, which also minimizes the probability of identity hacks by generating and associating encrypted bit strings with the signatures. 

Another case for the potential use of signature recognition pertains to document authentication in trade surroundings. Even though standard signatures have been used to verify traders’ identities for decades, even specialists on forgeries can commit mistakes while authenticating a signature. In such scenarios, signature recognition’s ability to extract unique data points from behavioral characteristics of the signee would allow those in charge of document authentication to minimize document fraud.

Organizations and government agencies will need to invest in specialized hardware (such as a special writing tablet or a pressure-sensitive pencil) in order to use signature recognition. Fortunately, the hardware used in this biometric modality isn’t as expensive as the hardware required for other biometric systems like iris detection. 

Signature recognition development: Companies leading from the front

The first signature recognition mechanism was introduced in 1965. By the mid-70s, interest in the dynamic characteristics of this biometric modality surged with the acquisition of better signature databases through the development of touch-sensitive devices. Today’s top signature recognition companies have taken things a step further, introducing applications and processes that no one had before imagined.

Israel-based Sign’Buy, for instance, has built a signature recognition technology that allows users to compose signature movements, a process that the firm refers to as finger signature. It’s fully integrated with AMEX (SafeKey), Mastercard (SecureCode) and VISA (VBV) systems, allowing merchants and card issuers to deliver a better customer experience.

Customers simply need to sign on the touchscreen of their own devices, and the Sign’Buy signature recognition process delivers confirmation to the issuer, which is then sent to the merchant website. Deployment involves minor modifications in the process of the issuer, with no changes required in the merchant’s or acquirer’s systems. Sign’Buy’s core offering aims to become the leading signature recognition solution for several platforms, including IoT access control, banking and web-based systems.

Another example is the Germany-based signotec GmbH. Its SignoSign software and signature pads enable customer service reps and branch managers at financial institutions to provide their customers with claim documents, which can be signed electronically for quicker processing. This process meets all of the standard conditions for legally binding digital signature. The quality of such signatures is acknowledged today by all the leading insurers and financial service firms and is therefore utilized on a day-to-day basis.

Do signature recognition biometrics ensure maximum authentication?

In the signature recognition biometric process, variables such as the acceleration, wave, speed and velocity are as important as the signature’s dynamic/static shape. Neural network tech can also be integrated into these components, enabling the biometric to identify even the slightest of variations in the approach taken by a signee. With neural networks, the database that houses the verification and enrollment templates can also be updated in real time.

In terms of practical use, the process of signature recognition involves the use of a specialized writing device and a pen, which is connected to a centralized server for data processing. For data capture during enrollment, the person has to compose his/her signature multiple times on the device. Unfortunately, there’s more than one constraint to this data acquisition phase.

First, the signature needs to be of a specific length. It shouldn’t be too short or too long. For example, in the case of a long signature, a large quantity of behavioral data will be captured. Hence, it can be challenging for a signature recognition device to classify any unique or consistent data points. In terms of short signatures, not enough behavioral data will be collected, thus resulting in a higher FAR (False Acceptance Rate).

With that said, no single biometric technology is expected to fulfill all of the requirements in terms of accuracy of all applications (e.g., access control, electronic authentication, digital rights management and so on). In other words, no biometric modality is optimal, though a range of them (including signature recognition) can be termed as “admissible.”

Final verdict

Signature recognition continues to be an interesting area of biometric R&D from the scientific and information security points of view. The majority of the components that make a signature identifiable can be derived from the behavioral biometric. Although significant efforts are needed to solve the issue of false acceptance rate or inconsistent data points, the use of signature recognition biometrics can deliver scale gain, process optimization and cost reduction.

Read more on Biometric Technology:

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

 

Sources

  1. Biometrics, Depart of Homeland Security
  2. Mohan Mandaogade, Saurabh, Vishal Mhaske, "Handwritten Signature Verification And Recognition Using ANN," Advancement in Electronics & Telecommunication Engineering
  3. Syed Faraz Ali Zaidi, Shahzaan Mohammed, "Biometric Handwritten Signature Recognition"
  4. Signature Recognition, Rosistem
  5. Top Signature Recognition Companies, VentureRadar
  6. Sameera Khan, Avinash Dhole, "A Review on Offline Signature Recognition and Verification Techniques," International Journal of Advanced Research in Computer and Communication Engineering
Dan Virgillito
Dan Virgillito

Dan Virgillito is a blogger and content strategist with experience in cyber security, social media and tech news.