[go: up one dir, main page]

WO2002029709A1 - Personal authentication system - Google Patents

Personal authentication system Download PDF

Info

Publication number
WO2002029709A1
WO2002029709A1 PCT/GB2001/004466 GB0104466W WO0229709A1 WO 2002029709 A1 WO2002029709 A1 WO 2002029709A1 GB 0104466 W GB0104466 W GB 0104466W WO 0229709 A1 WO0229709 A1 WO 0229709A1
Authority
WO
WIPO (PCT)
Prior art keywords
signature
pressure
information
signatures
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/GB2001/004466
Other languages
French (fr)
Inventor
William John Lloyd
Leslie John Pitts
Grahame Kenneth Blackwell
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SIGNATURE AUTHORISATION SYSTEMS Ltd
Original Assignee
SIGNATURE AUTHORISATION SYSTEMS Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SIGNATURE AUTHORISATION SYSTEMS Ltd filed Critical SIGNATURE AUTHORISATION SYSTEMS Ltd
Priority to AU2001292121A priority Critical patent/AU2001292121A1/en
Priority to GB0310340A priority patent/GB2384902A/en
Publication of WO2002029709A1 publication Critical patent/WO2002029709A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/30Writer recognition; Reading and verifying signatures

Definitions

  • apparatus for establishing personal authentication based on signatures comprises pen means for writing a signature on a surface; means for recording characteristics of the signature in terms of variations in applied force as between said pen means and surface with elapsed time; means for comparing said characteristics with characteristics of a previously-recorded signature and means for notification of an authentication decision based on said comparison.
  • a reduced file is first generated as described above. This file is then checked against multiple files of the same type held as reference data for the claimed signatory. Comparison is both on a one-to-one basis (against each reference) and against cumulative statistical data gleaned from reference files and (possibly) also other authenticating signature inputs prior to this one. It follows that acceptance of this signature may result in statistical reference data being updated in the light of information gathered from this file.
  • the results are shown of taking a large number of signature from a group of eleven subjects and scoring them against the stored signature profile for each subject.
  • High-scoring signatures are represented towards the right-hand end of the chart whereas low-scoring signatures are shown towards the left.
  • the white dots represent genuine signatures of the subject whereas the black dots represent signatures copied by other people from that of the subject and also those people's signatures.
  • the black dots represent the authentic signatures of close family relatives of the subject and also forgeries of the subject's signature carried out by those same close relatives, written at the natural speed of the subject and visually indistinguishable from the subject's genuine signature.

Landscapes

  • Engineering & Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Theoretical Computer Science (AREA)
  • Collating Specific Patterns (AREA)

Abstract

Apparatus for establishing personal authentication based on signatures comprises pen means for writing a signature on a surface; means for recording characteristics of the signature in terms of variations in applied force as between said pen means and surface with elapsed time; means for comparing said characteristics with characteristics of a previously-recorded signature and means for notification o an authentication decision based on said comparison. The pen means does not necessarily leave a visible trace and optionally includes a pressure-sensitive transducer, although the surface may include a pressure-sensitive transducer. The invention provides an information stream, preferably digitised, for a reference or specimen signature and relating to variations in force, applied by the user via an input device to the signature-receptive surface, with elapsed time in writing the signature. The information stream is unique to the user, even in the case of visually-identical signatures written by different people, and can thus be used for comparing the reference of specimen signature with that of a would-be customer or the like to establish a reliable means of discriminating between the authorised person and an impostor.

Description

Personal Authentication System
This invention relates to personal authentication or accreditation systems based on an analysis of a personal signature.
Current commercial practice, for example in terms of purchase of goods or services or withdrawal of cash from a bank or other financial institution, and security practice, for example in terms of establishing personal identity for authorising access to premises or in cross-border control procedures, relies heavily on a visual comparison of a personal signature with a reference signature. Such a comparison is necessarily subjective and the fraudster or impostor is likely to be the beneficiary of doubt, given that considerable visual variation of a genuine signature compared with the reference signature can be expected. Other transactions do not involve signatures at all but instead rely on the use of a personal identification number supposedly known only to the authorised genuine user, Again, such systems are open to fraud.
Given that fraudulent transactions account for misappropriation of funds amounting to millions of pounds annually, considerable efforts have been made to provide for computer-aided analysis of signatures but such efforts have hitherto concentrated on attempts to "map" signatures and their biometric characteristics to present salient parts thereof on an X-Y coordinated matrix.
It has now been found that, in writing a given signature, the variation of applied force with elapsed time is characteristic of the person writing the signature and is the unseen equivalent of the normal visual signature, rather than of the signature itself, whereby force/time or derived unit information can be coded and stored for comparison purposes to establish the credentials of a person seeking access to, for example, a bank account or residential or commercial premises.
According to one aspect of the invention, therefore, apparatus for establishing personal authentication based on signatures comprises pen means for writing a signature on a surface; means for recording characteristics of the signature in terms of variations in applied force as between said pen means and surface with elapsed time; means for comparing said characteristics with characteristics of a previously-recorded signature and means for notification of an authentication decision based on said comparison.
The pen means comprises an input device which does not necessarily leave a visible trace and which optionally includes a pressure-sensitive transducer. Alternatively, the surface may include a pressure-sensitive transducer. The recording means comprises a storage device and the comparator means comprises a data processor. The notification means comprises an output device which may provide a visual or audible signal or may automatically authorise an initiated transaction to be completed or prevent any further processing thereof pending further input.
In one embodiment, the apparatus comprises a signature-receptive surface; means for inputting information relating to a test signature written on said surface to a storage memory; means for comparison of said test information with information previously recorded and relating to a reference signature; and means for notification of an authentication decision based on said comparison, in which 4he signature information is based on variations of applied force in writing the signatures with elapsed time.
According to another aspect of the invention, a method for establishing personal authentication comprises the steps of storing information relating to a hand-written reference signature in a storage memory; comparing said information with information relating to a hand-written test signature and notifying an authentication decision based on said comparing step, in which the binary information is based on variations, with elapsed time, of applied force in writing the signatures.
The invention provides an information stream, preferably digitised, for a reference or specimen signature and relating to variations in force, applied by the user via an input device to the signature-receptive surface, with elapsed time in writing the signature. The information stream is unique to the user, even in the case of visually-identical signatures written by different people, and can thus be used for comparing the reference or specimen signature with that of a would-be customer or the like to establish a more reliable means of discriminating between the authorised person and an impostor than has hitherto been available. The signature characteristics as encoded in the information stream may reflect a direct relationship of applied force with time or an indirect relationship such as rate of change of force with time.
The apparatus according to the invention may be complete in itself at one location, for example for controlling access to property, or the component parts may be disseminated over two or more locations and networked together, for example in the case of automatic teller machines. The comparison means or data processor may thus be a personal computer or a dedicated microprocessor, mainframe computer or a personal computer, workstation or server, at a remote location from the signature-receptive surface.
Data relating to the reference signature is preferably derived from two or more specimen signatures and the respective signature data can be compared to establish elements of the signature which are reproducible within given limits, and can thus reliably be used for comparison purposes, and also filter out elements which are less reliable. Furthermore, the reference signature data may be updated on a dynamic basis by using information from an authorised or authenticated test signature to augment information already stored and relating to the reference signature.
It will be appreciated that the signature-receptive surface must be sufficiently large to enable the user to write his or her signature in a natural and unconstrained manner, the pressure-sensitive transducer causing the pressure/time information to be transmitted from any position on the signature receptive surface. However, where the transducer is associated with the surface, the transducer does not react to the size or shape of the signature, needing only to respond to applied force and to relate variations thereof to elapsed time. In its simplest embodiment, therefore, a signature-receptive surface which includes a transducer may comprise a single pressure-sensitive element which converts applied force to pressure and may comprise a flexible material defining a housing containing a fluid exerting a positive pressure within the housing, the fluid being in communication with the transducer to convert rate of change pressure variations to digital form and to present them on a clocked basis. The fluid may conveniently comprise air or another gas but a liquid may be used if desired. The housing may comprise a flexible tube. In more sophisticated embodiments, two or more pressure-sensitive elements may be used, each associated with a respective transducer, data from which may be processed separately or multiplexed if necessary for data processing purposes and onward transmission. In a yet more sophisticated embodiment, the signature-receptive surface may comprise a matrix of individual pressure/force sensitive elements such as piezo-electric and load cells to provide spatial as well as pressure related data.
Output from the pressure transducer in analogue form is preferably fed, via appropriate circuitry, to an analogue-to-digital (A-D) converter. Dual-tube or other embodiments would require a separate transducer for each tube, and hence multichannel A-D conversion, each channel providing a separate sequence of digital data to the computer, preferably multiplexed along a single connection. A matrix embodiment would preferably incorporate A-D conversion and digital processing of data prior to transmission of the composite data to the computer.
The digital output from the A-D converter is then processed by a microprocessor, which extracts the essential information using a custom designed computer program from the data produced by the signature process and produces a much reduced data stream for comparison by either the remote computer, or by the same or another dedicated microprocessor in the case of entry security systems and the like.
Initial computer processing of signature data will now be described by way of example.
On data input via the signature-receptive surface and pressure transducer, a local.pomputer program module triggers conversion and transmission of successive readings by the A-D converter, terminating this process when transducer readings return to the ambient level on completion of signature input. The data thus gathered is then passed through a pre-processing phase to generate a signature file with the following attributes:
(a) it holds all significant aspects of the original signature data; (b) data content is reduced to a minimum for transmission, for example from an automatic teller machine to the central authorisation system;
(c) data format renders it amenable to comparison with other such signature trace data.
Once generated, such a file may simply be added to a database for future comparison with other such files; this would be the case if this were a sample signature for a bank or credit-card account. In such a case, certain statistical data may also be extracted from the file and incorporated in the database. Alternatively, if this signature had been input for the purpose of client/user authentication, the SPT file would be checked against such database records, as explained below.
When a signature is input for the purpose of user authentication, a reduced file is first generated as described above. This file is then checked against multiple files of the same type held as reference data for the claimed signatory. Comparison is both on a one-to-one basis (against each reference) and against cumulative statistical data gleaned from reference files and (possibly) also other authenticating signature inputs prior to this one. It follows that acceptance of this signature may result in statistical reference data being updated in the light of information gathered from this file.
Comparison of one signature file with another is made according to various criteria derived from the two files. A 'penalty score' is derived from a weighted combination of scores from these criteria, with an accept/reject threshold on the composite score.
In comparing one signature file against a bank of three (for example), the putative file is compared one-to-one against each, but certain individual comparisons are replaced by comparisons against statistical data derived from the three samples plus previous successful authentication files.
In order to be deemed successful, an authentication trace is required to match at least one of the three reference traces to a defined high degree and one other at least to a defined lesser degree. This criterion, also the way in which measured characteristics are used in the comparison, may be varied and other measurements may also be included in the comparison.
A variant of this process uses no stored signature reference traces, relying instead on comparisons of statistics from the putative signature file with statistical data accumulated from previous signature files.
Statistically-based comparisons require reference to a mean value and a measure of variance in the reference data, to account for variations between instances of the same signature as well as differences between different signatures. Continuous updating of these reference parameters, as well as periodic replacement of reference signature traces by successful authentication inputs (to replace least-well-matched reference trace) ensures accuracy/currency of reference data.
To prevent intercept and fraudulent use of data from a signature pad, a purpose designed form of encoded transmission from such pads to the central comparison means may be incorporated in all pads which use non-secure lines. This would include for example such applications as Internet shopping using a pad located beside a home computer.
Embodiments of the invention will now be described by way of example with reference to the accompanying drawings, of which:
Figure 1 illustrates schematically the sequence of operations for authentication of a signature in a store card or credit or debit card transaction;
Figure 2 illustrates traces of pressure versus time for the signatures of different subjects; and
Figure 3 illustrates results derived from analysis of signatures from a group of subjects, including authentic and false signatures. With reference firstly to Figure 1, store check-out tills 11 have signature pressure pads 12 associated therewith and each is connected via a pressure transducer and an A-D converter to a central computer 13 by direct lines 14. In an alternative arrangement, check-out tills 15 and associated signature pads 16 are connected to the central computer 13 by public telephone lines 17.
In operation, a shopper takes goods to the check-out 11, 15 and the check-out operator enters the goods and generates a total transaction amount in the usual way. The shopper presents his card, which is swiped by the operator. The shopper writes his signature using for example a standard ball-point pen on the signature pad 12, 16 and the transaction amount is automatically copied from the till to the pad for inclusion in a pad data packet. The packet, including a digitised representation of the signature as written on the pad and generated according to pressure/time characteristics, is transmitted to the central computer 13 by direct line 14 or public line 17 and the central computer compares the signature data with digital data already held on file for that shopper. If the result of the comparison is acceptance of the signature, the central computer debits the shopper's account and credits the store account, the purchase is confirmed to the store and to the shopper and the signature data is added to the shopper's stored profile. If the signature is not accepted, the shopper is invited to re-enter his signature but three successive rejections by the central computer will result in the entire transaction being abandoned.
With reference to Figure 2, two separate plots of pressure (ordinate) against time (abscissa) are shown for two subjects and it can be determined by a visual comparison that the two specimen signatures for each subject show a close correlation which can be used to generate a digital profile against which future signatures can be compared to establish their authenticity. In compiling the digital profile, any minor variations as between the specimen signatures can be excluded.
With reference to Figure 3, the results are shown of taking a large number of signature from a group of eleven subjects and scoring them against the stored signature profile for each subject. High-scoring signatures are represented towards the right-hand end of the chart whereas low-scoring signatures are shown towards the left. The white dots represent genuine signatures of the subject whereas the black dots represent signatures copied by other people from that of the subject and also those people's signatures. Taking the first subject as an example, the black dots represent the authentic signatures of close family relatives of the subject and also forgeries of the subject's signature carried out by those same close relatives, written at the natural speed of the subject and visually indistinguishable from the subject's genuine signature. Other forgeries were produced by other group members after careful observation of both the speed and the action of each genuine signatory. Where identical scores are obtained, the dots are stacked, thus forming a histogram. The very few white dots at the low-scoring end of the chart represent uncharacteristic signatures by the subject.
It can be seen that the scoring process is highly effective in distinguishing between a genuine signature and either a different signature or a forgery of the genuine signature. In each line, the black upright bar represents a computer-generated nominal cut-off point or threshold for acceptance of signature, based on each individual profile and determined according to the perceived reproducibility of the genuine signature in terms of pressure/time characteristics as determined from the various specimen signatures which have been marked.
The present invention has proved highly successful in identifying whether or not a signature trace is from the same source as reference data held on file. The following applications are among those where the invention may have utility:
Automatic teller machines - to incorporate a further layer of security to prevent unauthorised card use when the PIN becomes known to a person other than the card holder;
Point of sale machines - as for automatic teller machines.
Locks - to control physical access to premises as additional security.
To control access to stored information or other resources. Passport controls - where details could be held on a mainframe computer where "proof of identify" requirements would be obviated.
Identify cards.
Total personal identity - especially involving aspects of the more sophisticated embodiments described.
Proof of identity for all aspects of remote banking, shopping or similar transactions.
Educational applications.

Claims

Claims
1. Apparatus for establishing personal authentication based on signatures, the apparatus comprising pen means for writing a signature on a surface; means for recording characteristics of the signature in terms of variations in applied force as between said pen means and surface with elapsed time; means for comparing said characteristics with characteristics of a previously-recorded signature and means for notification of an authentication decision based on said comparison.
2. Apparatus according to claim 1, in which the pen means includes a pressure-sensitive transducer.
3. Apparatus according to claim 1, in which the surface includes a pressure-sensitive transducer.
4. Apparatus according to any preceding claim and comprising a signature-receptive surface; means for inputting information relating to a test signature written on said surface to a storage memory; means for comparison of said test information with information previously recorded and relating to a reference signature; and means for notification of an authentication decision based on said comparison, in which the signature information is based on variations of applied force in writing the signatures with elapsed time.
5. Apparatus according to any preceding claim, the elements thereof being disseminated over two or more locations and networked together.
6. Apparatus according to any of claims 3 to 5, in which the signature-receptive surface comprises a pressure-sensitive element which converts applied force to pressure and comprises a flexible material defining a housing containing a fluid exerting a positive pressure within the housing, the fluid being in communication with the transducer to convert rate of change pressure variations to digital form and to present them on a clocked basis.
7. Apparatus according to claim 6, including two or more pressure-sensitive elements each associated with a respective transducer.
8. Apparatus according to claim 7, in which the signature-receptive surface comprises a matrix of individual pressure/force sensitive elements to provide spatial as well as pressure related data.
9. A method for establishing personal authentication, the method comprising the steps of storing information relating to a hand-written reference signature in a storage memory; comparing said information with information relating to a hand-written test signature and notifying an authentication decision based on said comparing step, in which the information is based on variations, with elapsed time, of applied force in writing the signatures.
10. A method according to claim 9, in which data relating to the reference signature is derived from two or more specimen signatures and the respective signature data is compared to establish elements of the signature which are reproducible and to filter out elements which are less reproducible.
11. A method according to claim 10, in which reference signature data is updated on a dynamic basis by using information from an authorised or authenticated test signature to augment information already stored and relating to the reference signature.
12. A method according to any of claims 9 to 11, in which information relating to the test signature is encoded on being transmitted to the storage memory.
13. Apparatus for establishing personal authentication based on signatures and comprising an input device for writing a signature on a surface; a storage device for recording and storing characteristics of the signature in terms of variations in applied force as between said input device and surface with elapsed time; a data processor for comparing said characteristics with characteristics of a previously-recorded signature and an output device for notification of an authentication decision based on said comparison.
PCT/GB2001/004466 2000-10-06 2001-10-08 Personal authentication system Ceased WO2002029709A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU2001292121A AU2001292121A1 (en) 2000-10-06 2001-10-08 Personal authentication system
GB0310340A GB2384902A (en) 2000-10-06 2001-10-08 Personal authentication system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GBGB0024579.5A GB0024579D0 (en) 2000-10-06 2000-10-06 Personal authentication system
GB0024579.5 2000-10-06

Publications (1)

Publication Number Publication Date
WO2002029709A1 true WO2002029709A1 (en) 2002-04-11

Family

ID=9900837

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2001/004466 Ceased WO2002029709A1 (en) 2000-10-06 2001-10-08 Personal authentication system

Country Status (3)

Country Link
AU (1) AU2001292121A1 (en)
GB (2) GB0024579D0 (en)
WO (1) WO2002029709A1 (en)

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
ANONYMOUS: "SUPERVISED ADAPTION FOR SIGNATURE VERIFICATION SYSTEM", IBM TECHNICAL DISCLOSURE BULLETIN, IBM CORP. NEW YORK, US, vol. 21, no. 1, 1 June 1978 (1978-06-01), pages 424 - 425, XP002050796, ISSN: 0018-8689 *
BRUYNE DE P: "DYNAMIC SIGNATURE VERIFICATION USING YOUR OWN PEN", PROCEEDINGS OF THE INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY: CRIME COUNTERMEASURES. VENUE NOT SHOWN, OCT. 5 - 7, 1988, NEW YORK, IEEE, US, 5 October 1988 (1988-10-05), pages 5 - 8, XP000092872 *
N. M. HERBST AND C. N. LIU: "Automatic Verification of Signatures by Means of Acceleration Patterns", PROC. OF THE CONF. ON PATTERN RECOGNITION AND IMAGE PROCESSING, 6 June 1977 (1977-06-06) - 8 June 1977 (1977-06-08), Long Beach, USA, pages 332 - 337, XP002188397 *

Also Published As

Publication number Publication date
GB0310340D0 (en) 2003-06-11
GB0024579D0 (en) 2000-11-22
GB2384902A (en) 2003-08-06
AU2001292121A1 (en) 2002-04-15

Similar Documents

Publication Publication Date Title
US12518267B2 (en) Electronic transaction verification system with biometric authentication
US5673320A (en) Method and apparatus for image-based validations of printed documents
US5892824A (en) Signature capture/verification systems and methods
US5341428A (en) Multiple cross-check document verification system
US8678273B2 (en) Electronic transaction verification system
KR101203828B1 (en) Electronic transaction verification system
US20020163421A1 (en) Personal fingerprint authentication method of bank card and credit card
EP1041523A2 (en) Transaction recordal and validation
US20030163417A1 (en) Methods and systems for processing transaction requests
CN1855155B (en) Automatic cash transaction device
US20060092476A1 (en) Document with user authentication
JPH11312247A (en) Handwriting person identifying method and electronic pen authenticating device
WO2002029709A1 (en) Personal authentication system
US12387532B1 (en) Methods and systems for onsite signature verification
JPH10162144A (en) Person identification system by patterns of fingerprints of plural fingers
JP2006099313A (en) Transaction system
Janahi et al. Biometric Fingerprint Replaces PIN code on Point of Sale machines in the Kingdom of Bahrain
WO2007023488A2 (en) Apparatus for providing secured documents

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

ENP Entry into the national phase

Ref document number: 0310340

Country of ref document: GB

Kind code of ref document: A

Free format text: PCT FILING DATE = 20011008

Format of ref document f/p: F

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP