Biometrics has resolved the problem of automated identity authentication, however, authorization of documents still remains a challenge. This article sheds light on the applications of signature verification and how it can improve accuracy and efficiency across government as well as business processes.
Signature verification is an age-old technique of identification, identity verification, and authorization, which is still relevant today. Signature verification is distinctive in many ways. Unlike IDs or documents, you do not have to carry them as it is inherent to you. It is not something as exposed as your facial geometry or as your fingerprint, yet it is so secure that it is used for verifying identity in bank checks to authorize presidential orders.
You may have to memorize your signature a little but not the way you remember your passwords or PINs, instead it is a habit that is exhibited on purpose. Unlike other behavioral biometrics such as gait or voice, which you expose when you move or speak, signatures can be used only when required.
So what can this unique identification and authentication method do? What are the use cases and applications where it is already in use or can potentially be used? Let’s dig into the applications of signature verification a little deeper.
Identification and authentication with biometrics has helped individuals as well as organizations to expedite and automate this otherwise sluggish process. Today, highly regulated industries such as banking, financial services, telecom, etc. rely on biometrics to get rid of manual identification and accelerate customer onboarding.
Businesses, in which personal identification/authentication makes an important part of the process, are benefitted the most from this technology. In organizations where personal identification is not a part of the core business processes, this technology is still used for access control, time and attendance, etc.
Personal identification or identity authentication is often a small portion of the overall business process, for example, most banks perform KYC (Know Your Customer) formalities before customer onboarding to understand their customers. However, it is only a small part of what banks actually do. Government, as well as business, have numerous processes involved and authorization of documents and other paper-based instruments is one of them. Signature-based authorization is widely used for this purpose.
Applications of signature in the old age
Signatures carry a lot of value. They have been a handy tool for identity verification on documents and other paper-based instruments. Signatures have a long history with their roots dating to 3000 – 2500 BC. During this time, Sumerians and Egyptians started using pictographs, a mix of pictures and symbols to convey a meaning. Early attempts to script a language date back to 1800 – 1200BC, when Phoenicians invented the planet’s first script. By 1200 BC, Greeks added vowels to the Phoenician script as the original script did not have any. At around 600BC, the Latin alphabet was developed from the Greek alphabet which was used for many centuries throughout the world.
The signature of El Cid (1040 – 1099), a Castilian nobleman and military leader in medieval Spain, is one of the earliest known signatures in human history. A signature is a handwritten name, nickname, a draw, or just a mark that is stylized to be unique to an individual. The distinctiveness of handwriting and styling together render signatures as an individual characteristic, which is hard to imitate by others. A signature on a document implies that the signatory either approves or bears the responsibility for the content of the document. Signatures are used to authenticate or approve documents, transactions, and other paper-based instruments. They can be used to authenticate documents regardless of their value or importance, so from low value to high-value documents and transactions can be authenticated just with signatures. For example, a presidential order, which is a very important document, cannot be executed without the signature of the president.
Modern-day signature recognition
Signature recognition can be called a subset of handwriting recognition. A signature is any handwritten text, which can be used as a means of identity verification or authorization. Generally, people write their name, nickname, or initials as a signature but other text can also be used. A signature can be written in simple handwriting; however, it is often stylized according to personal preference.
When signatures are stylized with handwriting, which is already a unique characteristic, become more distinctive and can be used as an identity authentication tool. When automated using biometric technology, signature recognition is called biometric signature recognition.
Digital signatures vs. electronic signatures
To overcome the problems associated with signing digital documents, a digital signature was developed. To sign digitally, the signer is required to obtain a Digital Signature Certificate (DSC) from a Certifying Authority (CA), which is a trusted third-party entity that issues digital certificates for other parties. CA has to verify the identity and address of the signer before it issues a DSC.
Despite being safe and secure, a digital signature fails to match the simplicity of a hand-written signature. A digital signature is not the same as an electronic signature or biometric signature, as they are popularly referred to.
Regardless of many methods of personal identification and authentication, signatures have maintained their relevance even in today’s digital age. This simple, yet highly efficient method has been used for centuries.
Applications of signature verification systems
Biometric digital signature verification systems can be used in many applications where signature verification is a part of the process such as banks and financial services. In some applications, it can also be potentially used to replace other user identification/identity authentication methods (including other biometric modalities).
Banking and financial services
Banks and financial service institutions still put their trust in signature verification and use it for customer identification, identity verification, and authorization. Many banks and financial institutions depend on customer signatures to authorize high-value transactions. Some of them may not even be using any technological advantage to verify signatures and entirely depend on human skills.
For example, Bank checks are paper-based payment instruments that are entirely dependent on signature verification to authorize payments. Banks traditionally use human skills to make sure that their signature matches their records. However, despite being very careful, errors do take place in which bank employees might fail to identify signatures. In such an incident, a fraudulent transaction may take place.
There have been incidents in which people were able to commit bank check fraud with fake signatures. Manual signature verification primarily focuses on the design of the signatures, but there can be more data behind a sign that human skills can easily miss. Some of this data such as pressure points, speed, etc. is only generated while signing and can only be captured using technological means.
A biometric electronic signature verification system can fix the problems associated with manual signature verification. Since biometric signature verification takes multiple dynamic characteristics into account, these systems cannot be fooled even if someone is able to imitate your fingerprints.
The biometric behavioral data generated while signing is near impossible to fake, given it accounts for multiple dynamic characteristics. Banks and financial service institutions can stop incidents of fraud and manipulation using fake signatures by replacing their existing systems with biometric digital signature verification.
Just like banks and financial services, government services also heavily rely on signatures for personal identification, authentication, and authorization. From lawmakers to government officials and citizens accessing government services have to sign papers to verify their identity or authorize a transaction. All the government services and processes, where signatures are required, can be streamlined with automated signature verification.
Government services are often found to be suffering from inefficiencies mainly due to many formalities and red tapes involved. Before being able to access a government service, documents are manually verified at different levels for their accuracy. Signature verification is often a common element in all these procedures.
If these documents could be processed electronically and identity could be verified with signature verification technology, it would not only save a lot of time for citizens and government officials but also contribute to the growth of the country.
Point of sales
Though newer payment methods such as mobile apps, NFC payments, etc. are emerging, still a very large portion of payments is still done using credit cards. Despite being a cashless and digital transaction method, PoS payments with credit cards are still signed off by signing a paper slip generated by the PoS terminal. It is important to verify these signatures with what is on the card, however, this process is often neglected owing to many reasons.
Generally, customers treat PoS payment slips casually. They sign them as if it is an unimportant formality just to finish the transaction at a point of sale. Customers may not sign them as carefully as they would sign bank checks. We also need to understand that the PoS person is a cashier and not a signature expert. Cashiers at PoS may be under pressure to process queued-up customers faster and may not be paying the due attentiveness required for verifying customer signatures.
In such scenarios, using an automated biometric electronic signature verification system makes complete sense. Instead of taking the customer’s signature on the payment slip, they can be acquired on the biometric digital signature pad and the process of verification can be done automatically, saving businesses and customers from fraudulent transaction attempts.
Online and mobile banking
Many banking and financial services apps have already been using behavioral biometric means which can track user behavior to create a profile and keep the user in an authenticated state. On these apps, biometric electronic signature verification can work as a first authentication barrier, which is traditionally done by PIN, password, fingerprint, or face recognition. Since banks and financial service institutions are already known to value user signatures, transaction authorization on mobile apps can be done using signatures instead of PIN, password, selfie, or fingerprint scan.
Today smartphones, ultraportable computers, and tablets come equipped with a touchscreen. These capacitive touchscreen panels can register a slight touch. These touchscreen devices offer an opportunity to use signature verification as a method of identification, authentication, and authorization.
Not all form factors of computing devices come equipped with required hardware that could potentially be used to set up newer authentication systems such as biometrics. However now when a large portion of banking services behind accessed with mobile devices offer some hope. Today’s mobile devices (smartphones) do not only come equipped with biometric hardware such as fingerprint, face recognition, etc. it also uses several sensors and a touchscreen, which can be used to register behavioral patterns with the use of a capable application. Touchscreens can even be used as a digital pad to input signatures.
Online banking has largely been dependent on password/PIN and OTP (One Time Password) based authentication to verify the identity of customers seeking access to internet-based banking services. These authentication methods are aged but still prevalent, given that a majority of online banking services are accessed from a wide variety of devices such as PCs, portable computers, tablets, smartphones, etc.
With the advent of technology, connectivity, and its reach, the nature of bank fraud has become more complicated than ever. With banks going more and more digital and accessible via the internet, online banking remains highly vulnerable. The sudden eruption of mobile devices and connectivity has given fraudsters new ways to commit online banking fraud. Despite using different authentication barriers, online banking still remains vulnerable. Social engineering, phishing, identity theft, etc. keep online banking on its toes.
Authenticating digital documents and transaction
What if you choose to write your signature on a document in digital form, e.g. a PDF document on your smartphone or tablet? Would not it be waste of time and resources to print it and then sign with a pen and re-scan it, while you could sign it right on the screen with a stylus or just with your finger? What could possibly go wrong by hand signing digital documents? Actually, a lot! If this approach was able to offer a solution, it would have been implemented in the first place. The problem with this method is that it is very easy to imitate signatures and place them anywhere on the same and other documents and there is no way to verify that signature is from the actual signer or that it was placed fraudulently.
However, we often see signatures placed digitally on some documents like invoices, bills, and statements sent by email as PDF documents. These documents are generated electronically in a controlled environment. The user who generated them had privileges to do so with his or her User ID and password, making her liable for the content of the document. A signature image is preloaded in the software system which is automatically placed on the document. These signatures serve as electronic signatures as users who generated them had privileges to do so and the software system should have an audit trail of it. These signature images are placed on digital documents to make them look authentic and win customer confidence, as customers often tend to like signed documents. Even without the signature image, the document will be considered electronically signed if generated in a controlled environment.
Voter registration and identification
However, countries where the literacy rate is low and people cannot sign or write their names can have the issue of population coverage with biometric signature verification.
However, countries that are yet to initiate such a program, can use the opportunity to do it with biometric electronic signature verification. A biometric signature verification system can quickly fetch the voter’s identity from an already established database of identities. Using electronic signature verification for voter identification also solves the problems related to morphological biometrics modalities such as population coverage.
Many of the largest democracies in the world are still on IDs and paper-based techniques to identify voters. However, the use of biometrics for voter registration and identification is an increasing trend. Countries that maintain a biometric database of their citizens have started using biometrics for voter identification or already have the roadmap for the same.
Know your customer (KYC)
During the KYC process, prospective may clients have to sign and submit several documents and this is where a biometric digital signature can make a difference. Instead of making customers sign paper documents, a biometric electronic signature can be captured using a digital pad to perform biometric KYC. This will help businesses to reduce paperwork and process KYC digitally.
This allows businesses such as banks, and financial institutions to ensure that their services are not misused to carry out fraudulent activities such as money laundering, currency manipulation, etc.
KYC or Know Your Customer is the set of initial onboarding formalities in some service types such as banking, finance, telecom, etc. KYC is usually a mandatory process to follow in most regulated industries. KYC makes sure that businesses adequately know their customers and understand their requirements before providing them access to their services.
A signature is a handwritten name, nickname, a draw, or just any text that is stylized to be unique to an individual. The distinctiveness of handwriting and styling render signatures as an individual characteristic, which is hard to imitate by others.
Unless signed in front of a verifier, there is absolutely no way to verify the authenticity of a signature, because paper cannot measure physical features like rhythm, speed, pressure, acceleration, etc. applied while signing. But biometrics has made it possible to measure all these traits which are unique to an individual.
In a world that is increasingly going digital, signatures have preserved their significance very well. Initially rendered unusable for digital authentication, the ability of biometric verification has made them a secure and efficient way to authenticate digital transactions as well as documents.
Many biometrics modalities such as fingerprint, face, voice, iris, etc. have taken over low to high-security applications in a variety of use cases. Amid this phenomenal rise of biometrics during the last couple of decades, biometric signature verification is yet to look beyond a few applications where it is prominently used.
Behavioral biometric modalities such as gait recognition, typing rhythm, voice recognition, etc. are known to lack user consent. Unlike most behavioral biometric modalities, biometric digital signature verification offers an optimum level of user consent, which can be used in security-focused applications.
The government, as well as businesses, can use biometric signature verification to cut waiting times and improve user experience. Biometric signature verification is a solution that can be used for both online and offline use cases, eliminating the need to employ different methods for both purposes. Biometric verification of a signature cannot be imitated even if an imposter is able to imitate the signature itself, it is next to impossible to imitate exact physical characteristics in the tiny time frame of writing signatures.
Once a prominent method of identification, identity verification, and authorization, signature verification has now limited itself to a few specific applications. However, this timeless verification method has a lot of potential, and adding biometric capabilities to signature verification can bring back its glory.