Classifications

• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
  • G06F21/31—User authentication
  • G06F21/36—User authentication by graphic or iconic representation
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F18/00—Pattern recognition
  • G06F18/20—Analysing
  • G06F18/24—Classification techniques
  • G06F18/241—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
  • G06F18/2413—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches based on distances to training or reference patterns
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F18/00—Pattern recognition
  • G06F18/20—Analysing
  • G06F18/29—Graphical models, e.g. Bayesian networks
  • G06F18/295—Markov models or related models, e.g. semi-Markov models; Markov random fields; Networks embedding Markov models
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
  • G06V10/00—Arrangements for image or video recognition or understanding
  • G06V10/10—Image acquisition
  • G06V10/17—Image acquisition using hand-held instruments
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
  • G06V10/00—Arrangements for image or video recognition or understanding
  • G06V10/70—Arrangements for image or video recognition or understanding using pattern recognition or machine learning
  • G06V10/82—Arrangements for image or video recognition or understanding using pattern recognition or machine learning using neural networks
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
  • G06V10/00—Arrangements for image or video recognition or understanding
  • G06V10/70—Arrangements for image or video recognition or understanding using pattern recognition or machine learning
  • G06V10/84—Arrangements for image or video recognition or understanding using pattern recognition or machine learning using probabilistic graphical models from image or video features, e.g. Markov models or Bayesian networks
  • G06V10/85—Markov-related models; Markov random fields
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
  • G06V30/00—Character recognition; Recognising digital ink; Document-oriented image-based pattern recognition
  • G06V30/10—Character recognition
  • G06V30/24—Character recognition characterised by the processing or recognition method
  • G06V30/242—Division of the character sequences into groups prior to recognition; Selection of dictionaries
  • G06V30/244—Division of the character sequences into groups prior to recognition; Selection of dictionaries using graphical properties, e.g. alphabet type or font
  • G06V30/2455—Discrimination between machine-print, hand-print and cursive writing
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
  • G06V30/00—Character recognition; Recognising digital ink; Document-oriented image-based pattern recognition
  • G06V30/10—Character recognition
  • G06V30/32—Digital ink
  • G06V30/333—Preprocessing; Feature extraction
  • G06V30/347—Sampling; Contour coding; Stroke extraction
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
  • G06V30/00—Character recognition; Recognising digital ink; Document-oriented image-based pattern recognition
  • G06V30/10—Character recognition
  • G06V30/32—Digital ink
  • G06V30/36—Matching; Classification
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
  • G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
  • G06V40/30—Writer recognition; Reading and verifying signatures
  • G06V40/37—Writer recognition; Reading and verifying signatures based only on signature signals such as velocity or pressure, e.g. dynamic signature recognition
  • G06V40/394—Matching; Classification
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
  • G06V2201/00—Indexing scheme relating to image or video recognition or understanding
  • G06V2201/10—Recognition assisted with metadata

Definitions

• the present invention relates to a method for verifying the identity or identification of a user, using handwritten signatures previously affixed to a digital sensor.
• the handwritten signature one of the few biometrics that the user can modify, has long been used in everyday use by the general public.
• the signature on a paper document carries the value of legal and moral commitment.
• the on-line signature that is to say acquired on a digital platform, has not been introduced into general public use, because it is considered as an unreliable biometrics compared to other biometrics. widely used, such as fingerprint or iris.
• biometric identity verification the recording of the person's reference data is a critical phase on which the performance of the verification system will then be based. Nevertheless, more and more applications on mobile platforms allow the person to affix his signature electronically for the collection of his consent and his authentication in the event of a dispute.
• mobility condition cases where the sensor is not fixed to a support, the user standing or seated, for example holding the sensor in his hand, and / or the sensor being placed on a table or leaning against a wall or a door.
• the acquisition conditions also have an impact on this performance, including reuse of a stylus or finger, type of stylus, screen size, capture technology. This slows down the large-scale use of the signature as biometrics on mobile digital platforms.
• Different strategies are known to improve the performance of identity verification systems based on handwritten signatures, such as the reuse of high-performance sensors, for example graphics tablets, in particular of the Wacom brand, the acquisition of signatures under controlled conditions, extracting several parameters of the dynamics, such as pressure, speed, tilt angles, acceleration, etc., or selecting reference signatures to control intra-class variability of the person.
• US Patent 6,349,148 describes a method and device for authenticating a signature, in which a Hidden Markov Model is trained from training data from authentic signatures and then applied to the data to be authenticated.
• Application FR 2 893 733 describes a method for authenticating a user within an IT infrastructure which may include at least two devices for acquiring sequential data specific to the signatures of users, these acquisition devices having different characteristics. .
• the method uses normalized values of a set of parameters describing the signature, obtained from said sequential data, and the use of a statistical model of the HMM type. trained from normalized reference values, in order to determine an authentication score representative of a possible match between the user to be authenticated and a known user.
• Applications CN 106934362 and US 2018/0247108 relate to methods of authenticating handwritten signatures using an analysis by disjoint segments of the signatures to determine characteristics describing the production of these signatures.
• CN application 106326701 describes a method and a device aiming to authenticate a handwritten signature, the method collecting and analyzing the pencil strokes of a user's signature from aspects such as the horizontal, perpendicular and rotation angles, or the intervals between pencil strokes, in order to acquire a specific writing habit for the user.
• the object of the present invention is precisely to meet this need.
• the subject of the present invention is thus a method for identifying or verifying the identity of a user, using a plurality of previously acquired reference signature vectors, a handwritten signature of the user and at least one additional handwritten information. linked to the user, previously affixed to a digital sensor, in particular a mobile, method in which: a) said handwritten signature of G user and said at least one additional piece of information are merged to generate at least one test signature vector, b) said at least one test signature vector is compared with several of said reference signature vectors, and
• a likelihood score is generated in order to identify or verify the identity of the user.
• the invention makes it possible to improve the performance of identity verification systems using the biometrics of the on-line handwritten signature, through a registration procedure which reinforces the security of the signature of a person by making it less vulnerable to fraud, especially when on the move.
• the invention based on the fact that the signature is one of the rare biometrics that the user can enrich with information, while keeping the identity aspect of the gesture, exploits the addition of handwritten information specific to the person during the process. check-in to enhance security.
• the invention uses, for the enrichment of the signature, additional handwritten information that the user is accustomed to affixing during his legal and moral commitment to various administrative documents, such as his name and first name, the date and the place, or date and place of birth. This information carries additional information on the identity of the person, which comes in addition to his signature.
• the implementation of the method according to the invention is done at a lower cost, because the sensors necessary for the acquisition of the signature are widely deployed today, in particular on smartphones and tablets, and the processing and storage of data are less. heavier than for other biometrics, such as iris or fingerprint. Thanks to the invention, the security of the signature is increased whatever the type of signature considered, by enriching it so as to pass it from the “high risk” category to the “low risk” category, even for so-called “problematic” populations for this behavioral biometry, characterized by simple and / or highly variable handwritten signatures, and therefore very easy to imitate.
• Verifying the identity of a user corresponds to determining whether the proclaimed identity is indeed correct, and the identification of a user corresponds to determining whether the user belongs to a group of known users, for example attached to an online service or sales site. These actions can be grouped under the general term authentication.
• Additional user information is preferably the user's initials, last name, first name, date of birth, and / or place of birth.
• the additional information is the current date and the place where the signature was affixed to the sensor.
• the reference signature vectors advantageously correspond to the signatures of different users affixed beforehand to a digital sensor, each having been merged with at least additional information linked to the corresponding user.
• the reference signature vectors may correspond to different signatures previously affixed by said user to a digital sensor, each having been merged with at least one additional piece of information related to the 'user.
• a trusted third party can guarantee the identity of the user, for example a bank employee or a notary.
• the same type of complementary information can be used for the generation of reference signature vectors for the same user.
• the handwritten signatures are merged with the complementary information by concatenation to generate the signature vectors.
• the data acquired on the digital sensor being considered as sequential data, or time series, the concatenation can be done by juxtaposing these data in a row vector.
• the signature vector is advantageously a row vector of size equal to the sum of the sizes of the different data.
• the signature vectors advantageously correspond to handwritten signatures of a user merged with his initials, and / or with his surname and first name, and / or with his date of birth, and / or with his place of birth.
• An elastic distance calculation between the test signature vector and the reference signature vectors can be used for their comparison.
• the test signature vector may be associated with a score, in particular a so-called dissimilarity score, which corresponds to the average of the N distances calculated between said test vector and N reference signature vectors.
• the score corresponds to the minimum of these N distances.
• a module can be previously trained to learn said plurality of previously acquired reference signature vectors, said module then being trained to compare said test signature vector with several of said reference signature vectors in order to generate the likelihood score.
• trained module is meant a model with associated training and training algorithms analyzing data, used for classification or regression analysis, or for modeling or characterization of information.
• the trained module can include one or more neural networks, and / or one or more decision trees, for example classification and regression trees ("classification and regression tree, CART" in English), and / or one or more classifiers, for example a support vector machine (SVM support vector machines).
• decision trees for example classification and regression trees ("classification and regression tree, CART" in English)
• classifiers for example a support vector machine (SVM support vector machines).
• the trained module preferably uses a hidden Markov model. This model brings very good robustness.
• the trained module uses models chosen from the following models: Gaussian Mixture models, elastic distance with parameter learning, fuzzy methods, Bayesian networks, hidden control fields or fields Markov random numbers, nearest neighbor k method, grouping techniques, ensemble methods, aggregation or bagging techniques, linear discriminant analysis, discriminant analysis as a function of a nucleus, or genetic algorithms, this list being non-exhaustive .
• One or more parameters can be chosen for the trained module, for example the number of states of the hidden Markov models, the number of layers of neural networks, the number of component densities for the statistical models, the type of functions of the kernel in support vector machines.
• a reference identity for the user can be formed from the reference signature vectors by learning a statistical model, in particular by means of an expectation-maximization algorithm, comprising in particular a number of states determined as a function of the length of said vectors.
• reference signature each state being in particular modeled by one or more Gaussian densities, preferably four Gaussian densities.
• a handwritten signature of the user and at least one additional piece of information are advantageously merged to generate a test signature vector, transmitted to the trained module to be compared with the reference identity of said user in order to generate a likelihood score of the user identity.
• the likelihood score can be in the form of a probability.
• the score can take the form of a numeric value, for example to verify the identity of a user, for example a discrete value, in particular between 0 and 10 or between 0 and 1.
• the score may instead show the degree of dissimilarity between the test signature vector and the reference signature vectors.
• the higher the value the lower the chance that it is indeed the proclaimed user.
• the score is in the form of a letter.
• the likelihood score can be compared to one or more predefined thresholds in order to make a decision on the user's identity or on the validity of his identification.
• the predefined threshold can be between 0.65 and 0.9.
• the predefined threshold advantageously depends on the envisaged application. Such a threshold can be learned on a development basis containing authentic signature vectors and imitations, and then adjusted according to the level of security required by the application. In the event that a very high level of security is required, the predefined threshold can be set at a value between 0.8 and 0.9. In the event that the level of security required is lower, the predefined threshold can be set at 0.65. For low-security use setting the threshold at 0.65, the identity verification system comparing authentic signatures to imitations of the dynamics of these signatures makes it possible to obtain an equal error rate (EER) of 8% on tablets tactile.
• EER error rate
• the likelihood score can be transmitted by any suitable means, for example by being displayed on a screen of an electronic system, printed or by voice synthesis.
• Said likelihood score can be used as an input value in another program and / or can be combined with other information, for example the age and sex of the person.
• the digital sensor is preferably mobile.
• the digital sensor may include a touch screen, sensitive to the finger or to the stylus, used to affix signatures and additional information.
• the digital sensor can be a Smartphone, a graphic or digital tablet connected to a computing unit, or a personal digital assistant (PDA), or a tactile tablet, called a “touch-pad” in English, or an interactive whiteboard.
• PDA personal digital assistant
• the digital sensor used for the prior acquisition of the reference signature vectors may be different from that used for the verification of the identity or the identification of the user.
• Steps a) to c) of the method according to the invention can be performed in the digital sensor.
• at least one of the steps can be performed by a server exchanging data with the digital sensor.
• the digital sensor preferably transmits the handwritten signatures and the additional information to a database for their recording with a view to their use for comparison, in particular through a secure protocol, in particular the SFTP protocol.
• the data can be saved as a file in a database at a local workstation, for example for internal use.
• the data can be recorded on a remote server comprising or having access to a database, in particular by uploading via a transmission channel, such as the Internet or an intranet.
• Said server may be a server of a trusted third party guaranteeing the claimed identity of the user.
• the digital sensor can comprise one or more microprocessors or microcontrollers and ancillary circuits, arranged to execute an application aiming to transmit the handwritten signatures and the additional information to a database for their recording with a view to their use for comparison, and to then receive the likelihood score.
• Another object of the invention is a method of learning signatures for the identification or verification of the identity of users, using at least one module to be trained and a plurality of handwritten signatures. and additional handwritten information related to users previously affixed to a digital sensor, in particular a mobile, method in which:
• the module is trained to learn said signature vector.
• Another subject of the invention is a device for identifying or verifying the identity of a user, using a plurality of previously acquired reference signature vectors, the device being configured for:
• the device according to the invention may include or be linked to a database in which handwritten signatures and additional information, previously transmitted by the digital sensor, are recorded.
• the device may include a module previously trained to learn said plurality of previously acquired reference signature vectors, said module then being trained to compare said test signature vector with several of said reference signature vectors in order to generate the likelihood score.
• the trained module can include one or more neural networks, and / or one or more decision trees, and / or one or more classifiers.
• the device according to the invention may further include a recording module configured to record data in a database of the same computer system and / or of a remote server.
• the device may include an interface allowing the third party wishing to identify or verify the identity of the user to choose the additional information (s) to be merged with the signatures, the operation (s) used to do so, the parameter (s) of the driven module or those of the elastic distance calculation for comparison.
• the device is advantageously an electronic system, preferably comprising at least one microcontroller and a memory, being in particular a personal computer or a calculation server.
• the subject of the invention is a computer program product for implementing the method according to the invention for identifying or verifying the identity of a user, the method using a plurality of previously acquired reference signature vectors, a handwritten signature of the user and at least one additional handwritten information linked to the user, previously affixed to a digital sensor, in particular a mobile one, the computer program product comprising a medium and recorded on this medium readable instructions by a processor so that, when executed:
• a likelihood score is generated in order to identify or verify the identity of the user.
• FIG 1 illustrates steps for identifying or verifying the identity of a user according to the invention
• FIG 2 represents examples of usual signatures classified according to different types
• FIG 3 shows the values of a quality measurement associated with the types of signatures in figure 2
• FIG 4 represents the distribution of the values of a quality measure for different types of signature vectors
• FIG 5] to [Fig 7] represent performance results of the method according to the invention.
• Illustrated in Figure 1 is an example of steps for identifying or verifying the identity of a user according to the invention, using a plurality of reference signature vectors previously acquired by affixing them to a digital sensor.
• the latter advantageously transmits the handwritten signatures and additional information to a database for their registration with a view to their use in the method according to the invention, in particular through a secure protocol, in particular the SFTP protocol.
• a user places his handwritten signature and at least one additional handwritten information on a digital sensor.
• step 12 said handwritten signature of the user and said at least one additional piece of information are merged by concatenation to generate a test signature vector.
• test signature vector thus generated is compared with several of said reference signature vectors, and, in a step 14, on the basis at least of this comparison, a likelihood score is generated in order to '' identify or verify the identity of the user.
• additional information related to users may be the user's initials, last name, first name, date of birth, and / or place of birth.
• the reference signature vectors correspond to the signatures of different users affixed beforehand to a digital sensor, each having been merged with at least one additional piece of information linked to G corresponding user.
• the reference signature vectors correspond to different signatures previously affixed by said user to a digital sensor, each having been merged with at least one additional information related to the user.
• a module is previously trained to learn said plurality of previously acquired reference signature vectors, said module then being trained to compare said test signature vector with several of said reference signature vectors in order to to generate the likelihood score.
• This trained module can be as described above.
• an elastic distance calculation between the test signature vector and the reference signature vectors is used for their comparison.
• the likelihood score is compared to one or more predefined thresholds in order to make a decision on the identity of the user or on the validity of his identification.
• Reference signature vectors are generated by concatenating the signature with the initials (SI), with the surname-first name (SN), with the date of birth (SD), with the place of birth (SL), with the date and place of birth (SDL), with initials, date and place of birth (SIDL), and with first and last name and date and place of birth (NDL).
• a reference identity for the user can thus be formed from these reference signature vectors by learning a statistical model of a previously trained module, for example by means of an expectation-maximization algorithm, comprising a number d 'states determined as a function of the length of said vectors of reference signature, each state being modeled by four Gaussian densities in the example considered.
• G user affixes his handwritten signature on a digital sensor, and the same additional information: initials, surname and first name, date of birth and place of birth, in order to create at least one test signature vector, transmitted in a secured to a server.
• the module is then trained to compare said test signature vector to the user's reference identity to generate a likelihood score.
• the user's identity is accepted or rejected.
• this user affixes his handwritten signature and one or more additional information on a digital sensor, which are then concatenated to create a vector reference signature.
• the latter is then compared, according to the invention, with reference signature vectors corresponding to different users and previously acquired and recorded, in order to verify whether the user is part of the population recorded in a database linked to this site. online.
• An identity verification system as described in application FR 2 893 733 was used to evaluate the efficiency of the process according to the invention.
• This system uses an HMM-type statistical model trained from standardized reference values, and determines an authentication score.
• Figure 2 shows examples of typical signatures for different categories of personal entropy generated based on the 173 people
• Figure 3 shows the personal entropy values associated with them.
• the signatures shown on line (a) of Figure 2 are considered to have high personal entropy, i.e. they are rather short and simple, with the appearance of an initial, and are thus very variable, as visible in Figure 3. These signatures are therefore considered problematic.
• the signatures presented on line (c) of figure 2 are considered to have low personal entropy, i.e. they are rather long and complex, sometimes approaching writing. cursive, being thus considered as rather stable, as visible in figure 3.
• the personal entropy is based on a statistical modeling of a set of vectors, of a single type among the 12 types mentioned above, by exploiting a Hidden Markov Model, trained here on 10 vectors of the same type.
• the number of states in this model depends on the total length of the vectors, and each state is modeled by 4 Gaussian densities.
• Figure 4 shows the distribution of personal entropy values for each type of vector.
• the “initial” type is the one that presents the highest personal entropy values, which shows that this type is the simplest and the most variable, which is confirmed in figure 4.
• Figure 5 and Table 1 represent the results for the high personal entropy category, corresponding to signatures considered problematic.
• EER error rate
• SIDL type vector in, for example, documents with legal value, significantly improves the robustness of the authentication compared to the handwritten signature used alone.
• this type of vector does not provide much in terms of attack discrimination, compared to the SDL type. This can be explained by the fact that in this particular case, the signature of people with high personal entropy is simple and very variable, and therefore very close to their initials.
• Figure 6 and Table 2 represent the results for the low personal entropy category, corresponding to the signatures considered to be the most complex and the most stable.
• Figure 7 and Table 3 show the results for the medium entropy personal category.
• the invention thus makes it possible to achieve good performance in mobility and in uncontrolled conditions, providing error rates comparable to those obtained on graphics tablets under controlled conditions.
• the invention is aimed at applications where digital identity is put to the test.
• the method according to the invention can be used in on-line commerce and sales, in particular in order to reinforce a password by on-line signature when creating a customer account with a commerce site. Any order can subsequently be validated by the handwritten signature online to ensure the identity of the customer.
• Public services could also find an interest in the invention, in particular for tax declarations, payment of fines, health insurance "Ameli” online accounts, issuance of driving licenses, accounts in - retirement and provident insurance line, La Poste's services, such as powers of attorney or on-line parcel tracking. Most of these services are already online, in particular through the “FranceConnect” website, and therefore need to be highly secure.
• the invention can be used in legal and notarial services, including signing digital documents.
• Banking applications can use the methods according to the invention, in particular for signing online or dematerialized contracts.
• the invention may also be useful for online bill payment, for example for electricity, gas, school canteen or extracurricular activities.
• the invention can be used for parental control on platforms connected to the Internet at home or at school.
• the contribution of the invention is all the stronger as more and more applications with large-scale deployment require user recordings made remotely and / or under uncontrolled mobility conditions.

Landscapes

• Engineering & Computer Science (AREA)
• Theoretical Computer Science (AREA)
• Physics & Mathematics (AREA)
• General Physics & Mathematics (AREA)
• Multimedia (AREA)
• Computer Vision & Pattern Recognition (AREA)
• Software Systems (AREA)
• Evolutionary Computation (AREA)
• Artificial Intelligence (AREA)
• Computer Security & Cryptography (AREA)
• General Engineering & Computer Science (AREA)
• Data Mining & Analysis (AREA)
• General Health & Medical Sciences (AREA)
• Medical Informatics (AREA)
• Databases & Information Systems (AREA)
• Computing Systems (AREA)
• Health & Medical Sciences (AREA)
• Life Sciences & Earth Sciences (AREA)
• Evolutionary Biology (AREA)
• Bioinformatics & Computational Biology (AREA)
• Bioinformatics & Cheminformatics (AREA)
• Computer Hardware Design (AREA)
• Human Computer Interaction (AREA)
• Probability & Statistics with Applications (AREA)
• Collating Specific Patterns (AREA)

Applications Claiming Priority (2)

Publications (1)

Family

ID=67742592

Family Applications (1)

Country Status (4)

Family Cites Families (10)

• 2019
  • 2019-03-21 FR FR1902945A patent/FR3094106B1/fr active Active
• 2020
  • 2020-03-10 US US17/440,958 patent/US20220222954A1/en not_active Abandoned
  • 2020-03-10 WO PCT/EP2020/056304 patent/WO2020187640A1/fr active Application Filing
  • 2020-03-10 EP EP20707690.2A patent/EP3942442A1/de active Pending

Also Published As

Similar Documents

Legal Events