GB2397153A - Handwritten signature check to allow use of digital certificate - Google Patents
Handwritten signature check to allow use of digital certificate Download PDFInfo
- Publication number
- GB2397153A GB2397153A GB0300617A GB0300617A GB2397153A GB 2397153 A GB2397153 A GB 2397153A GB 0300617 A GB0300617 A GB 0300617A GB 0300617 A GB0300617 A GB 0300617A GB 2397153 A GB2397153 A GB 2397153A
- Authority
- GB
- United Kingdom
- Prior art keywords
- handwritten signature
- handwritten
- signature
- storage
- digital
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/355—Personalisation of cards for use
- G06Q20/3552—Downloading or loading of personalisation data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
- G06Q20/40145—Biometric identity checks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
- G06Q20/40975—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
Abstract
System for enabling digital certificates to be accessed and enabled with an inputted "electronic handwritten signature". The electronic handwritten signature is entered through an electronic device that captures the signature then processes it to determine its validity against a stored electronic handwritten signature and unlocks or allows use of a digital certificate. The digital certificate that is unlocked by the electronic handwritten signature can perform standard digital certificate functions such as digitally sign, digital encrypt (cipher) / decrypt (de-cipher). The handwritten signature entered by the user performs a security protection function as a direct support or replacement of a pin or password that is commonly used to secure digital certificates. The handwritten signature will be used to gain access to the digital certificate as and when required.
Description
1 2397153 I Handwritten Enabled Digital Signatures
4 Technical Field
6 The invention relates to the use of "electronic handwritten signatures" for the enabling 7 of digital certificates and their use for computer security or electronic transactions.
Background
12 Handwritten signatures have been used for centuries to sign documents and conclude 13 transactions for business and personal use. The development of computer systems has 14 also given rise to the use of electronic signatures and digital signatures.
16 Electronic signatures are best described as placing a picture or representation of a 17 user's handwritten signature onto an electronic document or transaction. An electronic 18 signature allows users to operate electronic documents as they are used traditionally in 19 paper by placing a user defined mark upon them; an electronic representation of a physical handwritten signature.
22 Digital signatures (which are derived from a digital certificate) offer far greater 23 security for electronic transactions. They can offer security in the form of pin/ 24 password or from a physical attributes such as a fingerprint. Digital certificates are also used to provide verification of identity to third parties and can offer legally 26 binding transactions and a trust that is internationally recognised. Digital certificates 27 validition can be checked electronically and give an unique electronic identification 28 for people / companies / government or computer systems.
Under traditional methods digital certificates involve a user entering a pin code/ 31 password for access and thus creating a digital signature. While this provides strong 32 authentication it also inherently introduces a user trust problem; users can't see or can 33 only see the text field of a digital signature. Users tend to trust electronic signatures 34 more than digital signatures even though they are less secure because they recognise them. \
l Essential Technical Features 3 The invention essentially works the way people have traditionally worked by utilising 4 a person's handwritten signature which can be displayed electronically while utilising the digital certificate technology for electronic security.
7 The invention uses an inputted handwritten signature to gain access to a digital 8 certificate that can then be used for electronic security or digital signature 9 applications.
11 The inputted handwritten signature can be captured from an integrated system such as 12 a handheld computer with an electronic pen enabled screen or as an external device 13 capable of capturing a handwritten signature.
The Invention stores the inputted handwritten signature and the digital signature 16 within an integrated system or on a specialized storage device for digital signatures 17 such as smart cards. Storage is protected and can employ cryptographic techniques 18 such as one-way hash or public key cryptography to improve the security of the stored 19 digital certificate or handwritten signature.
21 The invention can be configured so part or all of the digital certificate X509 fields and 22 or keys are protected by the handwritten signature provided.
24 The user can enrol when presented by an enrolment process that captures the handwritten signature and stores it securely on the Invention. The enrolment process 26 can also create a digital certificate if desired or can secure an existing digital 27 certificate or secure blank media for adding certificates.
29 The invention can store the handwritten signature as a picture type file or as a mathematical representation dependent on the application. A mathematical 31 representation can also include speed, timing and distance measurements to derive an 32 algorithm for the comparison of handwritten signatures.
34 The invention could also use a one-way irreversible cryptographic algorithm for the storage of handwritten signature data onto an integrated system or specialised digital 36 certificate storage device such as smart cards. Verification of the inputted handwritten 37 signature with the stored handwritten signature is done within the Invention and 38 successfully match between the signatures allows the use of the digital certificate.
Fig 1: Shows Enrolling New User 41 Fig 2: Use handwritten signature to access Digital Certificate 42 Fig 3: Shows the overview of the invention.
2 Example
3 The user of the invention requests a digital certificate operation to place a digital 4 signature on a contract document. A request is made to the Invention that prompts the user to enter their handwritten signature. Once the handwritten signature is entered the 6 Invention compares this to the previously stored handwritten signature stored and 7 either allows or rejects the operation. If the operation is allowed the digital certificates 8 will sign the document and an optional electronic signature can be displayed on the 9 signed document if desired by the application or user. l
Claims (12)
1 Claims 3 1. A system for utilising electronic handwritten signatures and
digital 4 signatures and allowing the use of digital certificates with the input of a handwritten signature, the Invention comprises of a logic system (2) and 6 storage (3), the handwritten signature can be displayed electronically if 7 required by the application while the digital certificates allows for greater 8 electronic security.
lo
2. The invention could form part of a larger system for the delivery of digital 11 certificates using electronic handwritten signatures as an enabler or security 12 control, the Invention could also be an external standalone device that 13 communicates via Communications Connections (7).
3. The logic system (3) processes the functional logic of the Invention and 16 deals with requests and responds to actions in a defined way, the logic 17 system (3) comprises of a Handwritten Signature Capture Unit (4), 18 Handwritten Signature Processor Unit (5), Handwritten Signature 19 Verification (6) and Communication Connections (7).
21
4. The Storage (3) stores the data required for the successfully operation of the 22 logic unit (2); the Storage (3) comprises of Communications Connections 23 (8), Digital Certificate Storage (10) and Handwritten Signature Storage (9), 24 the Storage stores the digital certificate which is stored in the Digital Certificate Storage (10) and an electronic version of a handwritten signature 26 in the handwritten signature storage (9).
28
5. The Storage (3) could be an external device such as a smart card or other 29 secure device that is designed for the storage of digital certificates and other information.
32
6. The captured handwritten signature from the Handwritten Signature Capture 33 Unit (4) can be integral or external to the invention; but will form part of its 34 operation; it is possible that the Handwritten Signature Capture Unit (4) can be part of another system such as a handheld computer that is enabled with 36 an electronic pen type input device.
38
7. The Handwritten Signature Capture Unit (4) captures an inputted 39 handwritten signature and passes it to the Handwritten Signature Processor unit (5) that encodes and processes the captured handwritten signature to an 41 acceptable format for the Handwritten Signature Verification (6).
43
8. The Communication Connections (7) allows the Invention to communicate 44 with external applications or systems that require access the data in Storage (3). The Communications Connections (7) will also communicate with the 46 Communications Connections (8) for the access of Digital Certificate 47 Storage (10) and Handwritten Signature Storage (9).
49
9. The Invention creates an encoded electronic signature at enrolment stage (Figl) which is processed by the Handwritten Signature Processor Unit (5). 1 1
2 Claims Cont.
10. The Handwritten Signature Verification (6) stores it in the Handwritten 6 Storage (9). The enrolment process contains Enrol User Process (ll), 7 Capture Handwritten Signature (12), Encode captured handwritten signature 8 (13) and store captured handwritten signatures (14).
11. "Use handwritten signature to access Digital Certificates" (14) details a 11 digital certificates request; this contains Request use of a digital certificate 12 (15), Send request for handwritten signature to user (16), Collect Good 13 Quality Handwritten signature (17), Encode input signature and compare 14 signatures (18), disallow/allow use of the digital certificate (19) and display electronic version of inputted handwritten signature (20).
17
12. The handwritten signature compare (18) can be done using the Handwritten 18 Signature Processor unit (6) and Handwritten Signature Verification (6) of 19 the logic system (2); this disallow/allows use of the digital signature (19) and display electronic version of inputted handwritten signature (20).
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0300617A GB2397153A (en) | 2003-01-11 | 2003-01-11 | Handwritten signature check to allow use of digital certificate |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0300617A GB2397153A (en) | 2003-01-11 | 2003-01-11 | Handwritten signature check to allow use of digital certificate |
Publications (2)
Publication Number | Publication Date |
---|---|
GB0300617D0 GB0300617D0 (en) | 2003-02-12 |
GB2397153A true GB2397153A (en) | 2004-07-14 |
Family
ID=9950978
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
GB0300617A Withdrawn GB2397153A (en) | 2003-01-11 | 2003-01-11 | Handwritten signature check to allow use of digital certificate |
Country Status (1)
Country | Link |
---|---|
GB (1) | GB2397153A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110083301A (en) * | 2019-04-29 | 2019-08-02 | 珠海纳金科技有限公司 | A kind of handwritten signature unlocking system and method |
EP4206961A1 (en) | 2021-12-31 | 2023-07-05 | Lietuvos ir Vokietijos UAB "LIREMA" | Method of signing a digital document combining a handwritten signature and electronic signing technology |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0859488A2 (en) * | 1997-02-18 | 1998-08-19 | Arcanvs | Method and apparatus for authenticating electronic documents |
US5987153A (en) * | 1996-04-29 | 1999-11-16 | Quintet, Inc. | Automated verification and prevention of spoofing for biometric data |
WO2002017114A1 (en) * | 2000-08-25 | 2002-02-28 | The Toneguzzo Group Pty Limited | Biometric authentication |
WO2002073877A2 (en) * | 2001-03-09 | 2002-09-19 | Pascal Brandys | System and method of user and data verification |
-
2003
- 2003-01-11 GB GB0300617A patent/GB2397153A/en not_active Withdrawn
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5987153A (en) * | 1996-04-29 | 1999-11-16 | Quintet, Inc. | Automated verification and prevention of spoofing for biometric data |
EP0859488A2 (en) * | 1997-02-18 | 1998-08-19 | Arcanvs | Method and apparatus for authenticating electronic documents |
WO2002017114A1 (en) * | 2000-08-25 | 2002-02-28 | The Toneguzzo Group Pty Limited | Biometric authentication |
WO2002073877A2 (en) * | 2001-03-09 | 2002-09-19 | Pascal Brandys | System and method of user and data verification |
US20020186838A1 (en) * | 2001-03-09 | 2002-12-12 | Pascal Brandys | System and method of user and data verification |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110083301A (en) * | 2019-04-29 | 2019-08-02 | 珠海纳金科技有限公司 | A kind of handwritten signature unlocking system and method |
EP4206961A1 (en) | 2021-12-31 | 2023-07-05 | Lietuvos ir Vokietijos UAB "LIREMA" | Method of signing a digital document combining a handwritten signature and electronic signing technology |
Also Published As
Publication number | Publication date |
---|---|
GB0300617D0 (en) | 2003-02-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3631664B1 (en) | Secure biometric authentication using electronic identity | |
US7024562B1 (en) | Method for carrying out secure digital signature and a system therefor | |
Feng et al. | Private key generation from on‐line handwritten signatures | |
US7165718B2 (en) | Identification of an individual using a multiple purpose card | |
EP2648163B1 (en) | A personalized biometric identification and non-repudiation system | |
KR100486062B1 (en) | Biometric certificates | |
US4993068A (en) | Unforgeable personal identification system | |
US6845453B2 (en) | Multiple factor-based user identification and authentication | |
US20030012374A1 (en) | Electronic signing of documents | |
CN101321069A (en) | Mobile phone biological identity certification production and authentication method, and its authentication system | |
US20030115475A1 (en) | Biometrically enhanced digital certificates and system and method for making and using | |
US20020186838A1 (en) | System and method of user and data verification | |
WO2002039653A3 (en) | Self-authentication of value documents using digital signatures | |
WO1999012144A1 (en) | Digital signature generating server and digital signature generating method | |
JPH1188321A (en) | Digital signature generation server | |
KR20220061919A (en) | Method and server for providing service of disital signature based on face recognition | |
US20070106903A1 (en) | Multiple Factor-Based User Identification and Authentication | |
EP1280098A1 (en) | Electronic signing of documents | |
EP2194513A1 (en) | Electronic certification and authentication system | |
WO2003009217A1 (en) | Electronic signing of documents | |
GB2397153A (en) | Handwritten signature check to allow use of digital certificate | |
Karanikolas | Digital signature legality in different jurisdictions: legally binding issues | |
CN115221498A (en) | Digital asset management terminal device and digital asset management method | |
Siwik et al. | Server-side encrypting and digital signature platform with biometric authorization | |
Pettersson et al. | Ensuring integrity with fingerprint verification |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WAP | Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1) |