WO1999005816A1 - System and method for authenticating signatures - Google Patents
System and method for authenticating signatures Download PDFInfo
- Publication number
- WO1999005816A1 WO1999005816A1 PCT/IL1998/000342 IL9800342W WO9905816A1 WO 1999005816 A1 WO1999005816 A1 WO 1999005816A1 IL 9800342 W IL9800342 W IL 9800342W WO 9905816 A1 WO9905816 A1 WO 9905816A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- signature
- parameters
- digitizer
- record
- comparator
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
- G06V40/30—Writer recognition; Reading and verifying signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Definitions
- the present invention relates to a system and method for authenticating signatures in general and, in particular, to a system and method for authenticating signatures transmitted over digital communication lines.
- a system for authenticating a signature including a digitizer, an electronic pen, a dynamic identification unit for measuring vectors produced during signature by the electronic pen on the digitizer, and a comparator for comparing the vectors produced during signature with a reference signature.
- the system also includes an encryptor for encrypting a signature record and a decoder for decoding the encrypted signature record.
- the reference signature record is stored on an IC (integrated chip) card.
- a method of authenticating a signature including the steps of providing a reference signature record, signing with an electronic pen on a digitizer tablet, calculating parameters from data produced during signing on the digitizer tablet; comparing the parameters produced during signature with a reference signature record; and providing an accept or reject response in accordance with results of the comparison.
- the method also includes the steps of encrypting the calculated parameters with a encryption key, and decrypting the encrypted data before comparing the parameters.
- the method includes the step of transmitting the calculated parameters over a transmission line to a remote location before the step of comparing.
- Fig. 1 is a schematic illustration of a signature authentication system according to one embodiment of the present invention
- Fig. 2 is a schematic illustration of a signature authentication system according to one embodiment of the present invention
- Fig. 3 is a flow chart of a method of providing a reference signature according to the invention
- Fig. 4 is a flow chart of a method of authenticating a signature
- Fig. 5 is a detail of a method of comparing the signature in the method of Fig. 4.
- Fig. 6 is a flow chart of a method of updating a reference signature.
- the present invention relates to a system and method for authenticating signatures, the system and method being suitable also for authenticating signatures transmitted over communication lines.
- the present invention uses signature vector recognition and is based on the use of a digitizer together with software in a dynamic identification unit which calculates parameters based on data produced during signature by the electronic pen on the digitizer tablet. These parameters, which are unique to each person when he signs his own name, are compared with the parameters in a reference signature record, or personal signature profile, which is based on data produced during a number of signatures, to determine whether the signature is authentic (i.e., signature by the authorized signatory) or forged.
- a digitizer refers to any device which converts a location on an X,Y tablet, possibly with the angle of the pen and the pressure on the pen, to a numerical value
- an electronic pen is any device by which a person can write or sign on a digitizer tablet such that parameters of his handwriting can be detected by the digitizer.
- the system can be used to authenticate the handwriting of any predetermined word or words for which a reference record is made. Since the most common words used to identify a person are his signature, the present application refers to signatures, by way of non-limiting example, only.
- Fig. 1 there is shown a schematic illustration of a system for authenticating a signature constructed and operative in accordance with one embodiment of the invention.
- the system includes a digitizer 10 with an associated electronic pen 12 coupled to a computer 14 for authenticating a signature at the time and place of signature.
- Digitizer 10 can be any conventional digitizer, such as a Wacom Digitizer, manufactured by Wacom Co. Ltd., Japan .
- the signatory carries an Integrated Chip (IC) card, or smart card 15 on which is stored a reference signature record, or personal signature profile, for the signatory.
- Computer 14 includes a comparator 17, which compares the signature to be authenticated with the reference signature record stored on IC card 15. If the signature is within predefined tolerances of the reference signature, comparator 17 sends an accept signal to computer 14. If the signature is not within the predefined tolerances of the reference signature, comparator 17 sends a reject signal to computer 14.
- Fig. 2 there is shown a schematic illustration of a system for authenticating a signature constructed and operative in accordance with an alternative embodiment of the invention.
- the system includes a digitizer 10' with an associated electronic pen 12' coupled to a computer 14' having a modem (not shown) for transmitting data from computer 14' to a remote location 16, generally a bank or credit card company in the present example.
- the data is received by a dynamic identification unit 20 arranged to receive the data produced during signature by the electronic pen on the digitizer tablet and calculate therefrom a table of parameters which constitutes a signature record.
- the result is provided to a comparator 22 which compares the signature to be authenticated with a reference signature record, or personal signature profile, stored in its memory 24. If the signature is within predefined tolerances of the reference signature, comparator 22 sends an accept signal to computer 14' . If the signature is not within the predefined tolerances of the reference signature, comparator 22 sends a reject signal to computer 14' .
- a reference signature record or personal signature profile
- a reference signature record must be provided for the bank or credit card company or other body which must accept or reject the signature, as shown in Fig. 2. This is done at the time of opening an account or requesting a credit card.
- the user signs his name on a digitizer tablet coupled to the computer of the credit card company.
- the pen position over the tablet is recorded by the computer to produce vectors, and a mathematical analysis is performed to learn the following parameters at any given time during the signature process: pen position (X,Y coordinates) over the tablet; sequences of drawing: number of letters, relative position, and time to draw; acceleration and deceleration during signature; direction changes.
- the computer can also calculate pen tilt relative to the tablet and pen pressure, if the digitizer used is capable of providing this data.
- the digitizer data of the signature are input 30 to the dynamic identification unit in the computer.
- the dynamic identification unit records 32 the parameters of the signature.
- the recorded parameters are arranged 34 in a table of parameters. This process is repeated 36 a predetermined number of times, for example between 5 and 10, so as to permit the dynamic identification unit to calculate the tolerances 38 associated with the variations in the individual's signature, which is never identical.
- the range of acceptable variations in a personal signature profile will vary from person to person. Once the parameter table and tolerances have been determined, these are stored in the computer memory for later reference as the reference signature record.
- the personal signature profile consists of an array of parameters and logical tolerances or permitted variations, not an "average" signature.
- a personal ID code is also recorded 39 together with the signature vector table.
- This personal ID code serves as an encryption key to provide additional security for signature data transmitted over transmission lines.
- This encryption key can be any string selected by the user which is known only to him and the credit card company. While the password selected by the credit card company, which is used in cash machines, etc. in conventional credit card authentication systems, can be used as the encryption key, it is preferable to select a key which does not appear on the card.
- One example of a suitable encryption key is the user's birthdate.
- the dynamic identification unit will recognize a person's signature even if it is signed upside down (i.e., where the cardholder is in front of a counter) or rotated to any other angle, where the signature is smaller or larger in size, or slightly different in details.
- the purchaser's signature is authenticated as follows, as shown in Fig. 3.
- the customer signs with an electronic pen on a digitizer tablet in the store or on the digitizer tablet coupled to his home computer.
- the record of the signature is received 40 by the credit card company.
- the dynamic identification unit retrieves 42 the reference signature record of the cardholder. It may also retrieve 44 the personal ID code of the cardholder from the company computer if the signature is encrypted with the personal ID code. Generally this is necessary when making purchases other that at point of sale. If the record of the signature was encrypted (described in detail hereinbelow) the record is now decrypted 46. If no recognizable signature record is received 48, the signature is rejected.
- the dynamic identification unit proceeds to identify the signature 50, as shown in detail in Fig. 4.
- the dynamic identification unit traces 52 the vector lines in the signature record and fills a parameter table 54 with the various parameters.
- the parameter table of the signature record is compared 56 with the reference parameter table stored in the computer memory.
- Parameters for comparison are selected, for example, from the characteristics listed above. Any or all may be selected for use by the programmer.
- the comparator can determine whether there is a significant difference in time of writing the signature 58, which could indicate copying rather than an authentic signature. It can determine whether there is a difference in the number of vectors 60, i.e., whether a letter has been added or omitted. It can look for a change in the angle of the pen 62. It can determine whether there is a change in the relative direction of the signature 63. And it can determine whether there are differences in pressure during signing 64. If any of the examined parameters is significantly different, i.e., outside the range of tolerances 66 (Fig. 3) , the signature will be rejected. If the signature record meets all the characteristics of the reference signature record, the signature will be authenticated and accepted. An indication of acceptance is then sent to the point of purchase.
- the Web surfer When making transactions at the point of sale, generally the physical lines are sufficiently secure that no encryption is required, although it can be used, if desired. However, for transactions over the Internet, encryption is recommended to prevent theft of the credit card details.
- the Web surfer will have his own digitizer tablet coupled to his computer. After typing in the credit card number, as in conventional credit card purchases over the net, a signature authentication software driver will pop an input window to the cardholder's screen. The cardholder will type his personal ID code and then sign his name on the digitizer tablet. The vectors produced during signature on the digitizer tablet are calculated and the software encrypts the signature data using the personal ID code as the encryption key, as known.
- the encrypted signature record is sent to the vendor, which may be a site on the Internet.
- the vendor forwards the signature record, as is, to the credit card company for authentication of the signature.
- the encrypted signature record reaches the credit card company, it is authenticated as described above with reference to Figs. 3 and 4.
- the encryption key is also retrieved, permitting the dynamic identification unit to decrypt the signature record and compare it with the reference signature. In accordance with the results of the comparison, the credit card company will notify the vendor that the signature is accepted or rejected.
- the authenticating computer will include means for detecting hacking. For example, if two identical signatures are received, one after another, the computer is preferably programmed to reject the second signature, even if it falls within the personal signature profile. This is because, in real life, no one signs his or her name exactly the same way twice in a row. On the other hand, over time, a person's signature tends to change. Therefore, according to a preferred embodiment of the invention, updating means is provided for changing the personal signature profile or reference signature record, in accordance with perceived, consistent changes in the signature. A flow chart of one example of suitable software for accomplishing this updating is illustrated in Fig. 5.
- the comparator receives the signature for authentication and compares it with the personal signature profile (block 70) . If the result is not close to the edge of the tolerances or permitted variations, the comparator exits the program (block 72) . If the result is close to the edge of the tolerances or permitted variations, an invalid counter is incremented by one (block 74). The counter is checked (block 76) and, if the result is less than a pre-selected number, e.g. 5, the comparator exits the program (block 78) . If the results equals the pre-selected number, the old signature is replaced by the new signature (block 80) , and the Tolerance Table is rebuilt to include the new signature parameters and permitted variations (block 82) . At the same time, the Invalid Counter is cleared.
- the signature authentication is utilized for network access, instead of a password.
- the personal signature profile is provided to the network, in lieu of a personal passwork.
- the user signs a digitizer coupled to his workstation, and the signature is compared with the personal signature profile.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Life Sciences & Earth Sciences (AREA)
- Biodiversity & Conservation Biology (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Human Computer Interaction (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Collating Specific Patterns (AREA)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP98933872A EP1033007A4 (en) | 1997-07-24 | 1998-07-23 | SYSTEM AND METHOD FOR IDENTIFYING SIGNATURES |
JP2000504679A JP2003510668A (ja) | 1997-07-24 | 1998-07-23 | 署名を認証するシステム及び方法 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
IL12138997A IL121389A0 (en) | 1997-07-24 | 1997-07-24 | System and method for authenticating signatures |
IL121389 | 1997-07-24 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1999005816A1 true WO1999005816A1 (en) | 1999-02-04 |
Family
ID=11070430
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IL1998/000342 WO1999005816A1 (en) | 1997-07-24 | 1998-07-23 | System and method for authenticating signatures |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP1033007A4 (ja) |
JP (1) | JP2003510668A (ja) |
IL (1) | IL121389A0 (ja) |
WO (1) | WO1999005816A1 (ja) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1020817A1 (en) * | 1997-10-01 | 2000-07-19 | Cyber SIGN Japan Incorporated | Method and apparatus for authenticating ic card |
US8416463B2 (en) | 2007-03-23 | 2013-04-09 | Anoto Ab | Printing of a position-coding pattern |
CN114463858A (zh) * | 2022-01-12 | 2022-05-10 | 广州市双照电子科技有限公司 | 一种基于深度学习的签字行为识别方法及系统 |
CN114463858B (zh) * | 2022-01-12 | 2024-05-24 | 广州市双照电子科技有限公司 | 一种基于深度学习的签字行为识别方法及系统 |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP7441592B2 (ja) | 2019-09-11 | 2024-03-01 | 株式会社ワコム | タッチコントローラ及びペン入力システム |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5150420A (en) * | 1985-10-21 | 1992-09-22 | Omron Tateisi Electronics Co. | Signature identification system |
US5195133A (en) * | 1991-01-11 | 1993-03-16 | Ncr Corporation | Apparatus and method for producing a digitized transaction record including an encrypted signature |
US5222138A (en) * | 1992-08-06 | 1993-06-22 | Balabon Sam D | Remote signature rendering system & apparatus |
US5434928A (en) * | 1993-12-06 | 1995-07-18 | At&T Global Information Solutions Company | Method for verifying a handwritten signature entered into a digitizer |
US5544255A (en) * | 1994-08-31 | 1996-08-06 | Peripheral Vision Limited | Method and system for the capture, storage, transport and authentication of handwritten signatures |
US5699445A (en) * | 1992-04-10 | 1997-12-16 | Paul W. Martin | Method for recording compressed data |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4724542A (en) * | 1986-01-22 | 1988-02-09 | International Business Machines Corporation | Automatic reference adaptation during dynamic signature verification |
US5347589A (en) * | 1991-10-28 | 1994-09-13 | Meeks Associates, Inc. | System and method for displaying handwriting parameters for handwriting verification |
US5559895A (en) * | 1991-11-08 | 1996-09-24 | Cornell Research Foundation, Inc. | Adaptive method and system for real time verification of dynamic human signatures |
DE4414682A1 (de) * | 1994-04-27 | 1995-11-02 | Siemens Ag | Sicherheitssystem mit Unterschriftsverifikation für kontrollierten und beweisfähig dokumentierten Zugang/Zugriff |
-
1997
- 1997-07-24 IL IL12138997A patent/IL121389A0/xx unknown
-
1998
- 1998-07-23 EP EP98933872A patent/EP1033007A4/en not_active Withdrawn
- 1998-07-23 WO PCT/IL1998/000342 patent/WO1999005816A1/en not_active Application Discontinuation
- 1998-07-23 JP JP2000504679A patent/JP2003510668A/ja active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5150420A (en) * | 1985-10-21 | 1992-09-22 | Omron Tateisi Electronics Co. | Signature identification system |
US5195133A (en) * | 1991-01-11 | 1993-03-16 | Ncr Corporation | Apparatus and method for producing a digitized transaction record including an encrypted signature |
US5297202A (en) * | 1991-01-11 | 1994-03-22 | Ncr Corporation | Apparatus and method for producing a digitized transaction record including an encrypted signature |
US5699445A (en) * | 1992-04-10 | 1997-12-16 | Paul W. Martin | Method for recording compressed data |
US5222138A (en) * | 1992-08-06 | 1993-06-22 | Balabon Sam D | Remote signature rendering system & apparatus |
US5434928A (en) * | 1993-12-06 | 1995-07-18 | At&T Global Information Solutions Company | Method for verifying a handwritten signature entered into a digitizer |
US5544255A (en) * | 1994-08-31 | 1996-08-06 | Peripheral Vision Limited | Method and system for the capture, storage, transport and authentication of handwritten signatures |
Non-Patent Citations (1)
Title |
---|
See also references of EP1033007A4 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1020817A1 (en) * | 1997-10-01 | 2000-07-19 | Cyber SIGN Japan Incorporated | Method and apparatus for authenticating ic card |
EP1020817A4 (en) * | 1997-10-01 | 2002-04-17 | Cyber Sign Japan Inc | METHOD AND APPARATUS FOR AUTHENTICATING AN INTEGRATED CIRCUIT CARD |
US8416463B2 (en) | 2007-03-23 | 2013-04-09 | Anoto Ab | Printing of a position-coding pattern |
CN114463858A (zh) * | 2022-01-12 | 2022-05-10 | 广州市双照电子科技有限公司 | 一种基于深度学习的签字行为识别方法及系统 |
CN114463858B (zh) * | 2022-01-12 | 2024-05-24 | 广州市双照电子科技有限公司 | 一种基于深度学习的签字行为识别方法及系统 |
Also Published As
Publication number | Publication date |
---|---|
EP1033007A4 (en) | 2002-06-12 |
EP1033007A1 (en) | 2000-09-06 |
IL121389A0 (en) | 1998-01-04 |
JP2003510668A (ja) | 2003-03-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7107454B2 (en) | Signature system presenting user signature information | |
US5163098A (en) | System for preventing fraudulent use of credit card | |
US4357529A (en) | Multilevel security apparatus and method | |
US20200143035A1 (en) | Method and System for securing user access, data at rest, and sensitive transactions using biometrics for mobile devices with protected local templates | |
US6594759B1 (en) | Authorization firmware for conducting transactions with an electronic transaction system and methods therefor | |
US6581042B2 (en) | Tokenless biometric electronic check transactions | |
US7721095B2 (en) | Apparatus, system, and method for authenticating personal identity, computer readable medium having personal identity authenticating program recorded thereon, method of registering personal identity authenticating information, method of verifying personal identity authenticating information, and recording medium having personal identity authenticating information recorded thereon | |
AU736113B2 (en) | Personal identification authenticating with fingerprint identification | |
US4993068A (en) | Unforgeable personal identification system | |
US6269348B1 (en) | Tokenless biometric electronic debit and credit transactions | |
JP2814923B2 (ja) | トランザクション処理システム | |
CA2010345C (en) | Multilevel security apparatus and method with personal key | |
KR100768754B1 (ko) | 휴대용 전자식 청구 및 인증 장치와 이를 위한 방법 | |
US20040203594A1 (en) | Method and apparatus for signature validation | |
US20020180584A1 (en) | Bio-metric smart card, bio-metric smart card reader, and method of use | |
US20120032782A1 (en) | System for restricted biometric access for a secure global online and electronic environment | |
US20050055557A1 (en) | Personal authentication system and portable unit and storage medium used therefor | |
KR20010052104A (ko) | 네트워크를 통해 정보를 분배하기 위하여 지문을 이용하는방법 | |
US20030070078A1 (en) | Method and apparatus for adding security to online transactions using ordinary credit cards | |
EP1033007A1 (en) | System and method for authenticating signatures | |
JPH0750665A (ja) | 本人確認装置及びその方法 | |
US20020062441A1 (en) | Authentication apparatus for authentication to permit electronic document or payment by card using personal information of individual, verification apparatus for verifying individual at payment site, and electronic authentication system interconnecting the same | |
WO2000008610A1 (en) | Offline verification of integrated circuit card using hashed revocation list | |
JP2933180B2 (ja) | 暗証符号照合装置 | |
WO2002088931A1 (en) | A bio-metric smart card, bio-metric smart card reader, and method of use |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): JP US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 1998933872 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 09463557 Country of ref document: US |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
WWP | Wipo information: published in national office |
Ref document number: 1998933872 Country of ref document: EP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1998933872 Country of ref document: EP |