The Challenge of Forgeries and Perception of Dynamic Signature Verification

Stephen J. Elliott, Ph.D. and Adam R. Hunt

Biometric Standards, Performance, and Assurance Laboratory Purdue University

West Lafayette, Indiana, 47906, United States e-mail: {elliott, arhunt}@purdue.edu

Abstract: Dynamic Signature Verification (DSV) is unique among other biometric authentication technologies as there is no clearly defined method of creating a forgery. This research examined the perception of the signature to the forger (how easy an individual perceives the signature to be forged), and whether there were any characteristics common among the groupings of difficulty. The dynamic variables of the signature were then examined to establish which statistical variables were susceptible to forgery using forensic tools. Overall, it seems that both the genuine and impostor groups do not single out a specific dynamic trait within their judgment of an “easy” or “difficult” signature. Furthermore, it also shows that individuals have difficulty in assigning a speed to their signature – i.e. the perception of speed is different for each individual (both genuine and impostor), and additionally, both the impostors and genuine users ranked their signatures differently when asked about the perceived level of difficulty. Keywords: dynamic signature verification, biometric technology, forgeries

1. Introduction

Dynamic Signature Verification has long been used to authenticate individuals based on their signing characteristics. Applications such as document authenticity, financial transactions, and paper-based transactions have all at one time used the signature to convey the intent to complete a transaction [1], [2]. Dynamic signature verification is a subset of a larger science called biometrics, that aims to authenticate an individual based on either behavioral or physiological traits, including fingerprint recognition, hand geometry, and voice recognition. The signature is a behavioral biometric which has some unique traits that make it harder to test and evaluate than some of the other behavioral biometrics such as voice or face recognition. These challenges include the fact that a signature is learnt, it contains variant measures, can be changed by the owner, has several versions of the signature, all depending on the transaction or intent of the signer. Additionally, current dynamic signature verification applications are normally in lieu of a paper / ink combination (such as a retail point-of-sale), and therefore the signature might not be verified at the specific moment of the transaction, rather challenged at a later date. The typical consensus is that these input variables are gathered from a digitizer and include x, y (Cartesian co-ordinates), p (pressure) or force, and t (time) [3]. These input variables are then used to create the global and local features described in various accounts in the literature [4, 5]. Dynamic signature verification has a number of statistical features that can be derived from the basic set of data that a digitizer provides, and these vary significantly across algorithms. [6] outlined 61 features, [7] note over 40 feature types, [8] have 44 features. [2] describe the x, y co-ordinates of the pen motion. [9] observes that the temporal “characteristics of the production of an on-line signature are the key to the signature’s verification” (page 5). Typical signature functions include pressure vs. time, horizontal and vertical components of position, velocity, acceleration and force, all against time. Another way of characterizing a signature is through the analysis of the “stroke” that is, the pen down, pen up movement of the pen on the digitizer. All of these various dynamic traits that are collected during the act of signing are said to make an impostor signature easier to detect.

Proceedings of the 6th International Conference on Recent Advances in Soft Computing (RASC 2006), K. Sirlantzis (Ed.), pp. 455-459, 2006

2. Dynamic Signature Verification and Forgeries

Biometric testing and evaluation typically create a probability of an impostor signature getting accepted as a genuine signature. These outcomes are generally denoted by a False Accept, or a False Reject under conditions of zero effort. Such an attempt is defined as “where an impostor uses his or her own biometric sample and claims the identity of a different enrollee” [10]. The determination of the forger in dynamic signature verification is somewhat of a challenge, as a zero effort forgery would require the impostor to sign his or her own name while claiming the identity of the different enrollee. So understanding how to test and evaluate the signature in a forgery setting is an interesting research question. In the literature, there is no real consensus on how best to challenge a signature. In the Signature Verification Competition, genuine signers created different signatures that were not their own in order to maintain their own privacy [11]. In [12], a number of different methodologies were outlined to generate the impostor distribution, with the majority of impostors using some form of practice. In [13], the authors defined three different levels of forgeries, the simple, statically skilled, and timed (page 643). [2] used signatures that “on casual visual inspection would pass as authentic” (page 201), and [14] provides three characteristics, the random forgery – defined as one that belongs to “a different writer of the signature model”, simple forgery that is represented by a similar shape consistency with the genuine signers shape, and the third is represented by a skilled forger (page 2). This variability in impostor signature generated the following research questions – what is the initial threat of the signature, and how should this be measured?

The majority of signature fraud is done within the financial services sector. A 1993 Hansard transcript discussed the level of fraud on credit cards, with the fraud rate doubling in five years. Additionally, the signature on the back of the card is often not checked by the retailer. One study noted that cashiers in a retail environment were unable to detect forged signatures [15]. One could argue that a more “secure” method of authentication on credit cards is called for, but recent studies and news articles also highlight some of the issues relating to chip + PIN transactions, notably tampered devices and shoulder surfing, the latter discussed in [16].

The motivation in this paper is to assess the basic attack on a signature, in the case of a stolen credit card, and to determine the Perceived Strength of the Signature (PSS). The PSS is a concept that indicates that an “opportunistic forger” will not forge a signature that is “hard” to forge, as their success at the point-of-sale may be not as high as an “easy” signature. This is more of an “opportunistic” forgery as opposed to a more sophisticated attack on the signature as outlined in previous research. For the case of this study, an opportunistic forger is analogous to an “opportunistic thief” – working on their own without any equipment [16]. This definition is further enhanced by the fact that there is no practice in forging the signature. Furthermore, the study outlines a “ground truth” – that is what the genuine signature owner’s perception of their strength of signature is, and tries to understand whether an owner of a genuine signature has the same or different perception of the signature than that of the forger.

3. Methodology

In order to understand the “ground truth” of the PSS, each of the genuine signature owners were asked the following questions about their signature:

1) how easy their signature was to forge (rated on a Likert scale)

2) how fast or slow they signed their signature (rated on a Likert scale from slow to fast)

3) handedness (right or left handed; ambidextrous was not an option in the survey)

These basic questions were asked in order to assess whether the forger was able to predict the speed and “forgeability” of their signature, which was typically centered on the dynamic traits of speed or velocity, time, and graphical outline or complexity of the shape. Each genuine signature owner signed a consent form and this signature was used as the basis for the impostor test. The consent form was

used primarily because the genuine signature owner had some intent to sign it, and it would be as close as possible to a financial transaction signature. Each of the genuine signature owners were then asked to sign on a digitizer three times. The digitizer that was used was an Interlink Electronics ePad Ink Pro™ device which has 100-400 reports per second, and 300 dots per inch [17]. The device was connected to forensic signature software to collect all of the information from the digitizer, but the subjects could not see the signature or the information on the PC monitor as they signed. The digitizer did display their signature as they signed their name electronically on it. The three signatures were then processed, with the resultant variables averaged across the signatures.

The impostor group was a separate group of 9 individuals who were asked the following questions while looking at the signed consent form of each individual in the genuine group:

1) how easy the genuine signature was to forge (rated on a Likert scale)

2) how fast or slow did they estimate the genuine signature to be (rated on a Likert scale from slow to fast)

3) what was the handedness of the genuine subject (right or left handed; ambidextrous was not an option in the survey)

4. Results

A total of 60 genuine signature owners participated in the experiment. Out of the 60 subjects, 1 was female and 59 were males. Out of these 60 genuine signature owners, 36 of them signed the digitizer. The remainder did not sign (or dropped out of the study). There was a retention rate in the study of 60%. This was then compared to the mean scores of the 9 impostor individuals who rated the signatures based on the above questions.

A t-test was used to determine whether the mean of the genuine and impostor groups were statistically significant from each other with regard their perceived level of difficulty, with α level set to 0.05. In the study, the data were normally distributed, and there were no outliers in the dataset. The data were ranked with 1 being easy to forge, and 5 being difficult to forge. Table 1 outlines the results of the test. Note that when a genuine subject rated their signature as “neutral” so did the forger. The difference in the “very difficult” category has a p-value of 0.053. This shows that both groups did not have significantly different means, but an argument for this is that both the genuine and impostor groups may have defaulted to the “very difficult” or “neutral” categories if they could not determine whether a signature fitted into the other categories. All of the other categories show there is a statistically significant difference between the means of the genuine and impostor groups, and thus there are grounds to reject the null hypothesis that genuine and impostor signature owners perceive their signature strength to be the same.

When analyzing speeds (see Table 2) denoted by 1 being “fast” and 5 being “slow” both groups had significant differences, except for the “neutral” standing. Neither group assigned group 4 as a speed.

When examining the dynamic features of the signature (36 individuals signing on the digitizer out of the original 60 individuals who completed the genuine group consent form signing), an Analysis of

Variance test was conducted over all of the individual variables that were extracted from the digitizer. These 54 individual variables (speed, number of segments etc.) were set as the response in the ANOVA test, and difficulty was assigned as the factor. At α = 0.05, none of these variables were significantly different across each difficultly group. For the forger group, the ANOVA showed no significance with these extracted variables and difficulty group. There were some interesting correlations however; speed was negatively correlated with difficulty (-0.191, with p-value 0.273), as was the number of strokes and difficulty at -0.314 for the genuine group. The forger group had a slightly positive correlation with speed, and slightly negative correlation with segments (-0.081). Figure 1 shows the distribution of the genuine and impostor rankings within difficulty groups.

Data

Freq

uenc

y

543210

35

30

25

20

15

10

5

0

2.723 1.317 653.092 0.8239 65

Mean StDev N

GenuineImpostors

Variable

Histogram of Genuine, ImpostorsNormal

Figure 1: Distribution of Genuine and Impostor ratings

When analyzing handedness, the impostor group could not consistently determine the handedness of the genuine users. Only 3 out of 8, 37.5%, of the forgers correctly identified a left-handed signature and 3 of the left-handed signatures were not correctly identified at all. Comparably, 7 of 49 right-handed signatures were correctly identified by all forgers. However, the least accurate results showed that 5 of 8 forgers incorrectly identified a signature as left-handed when it was, in fact, right-handed.

5. Conclusions

The subjects in this study were challenged when it came to ranking their own “strength of signature” in a Likert scale category, and tended to opt for the extremes and neutrals, as opposed to categories “2” and “4”. The impostors also had difficulty in assigning strength, and therefore an individual’s perception of strength it not necessarily at the same rank as an impostor’s perception for that same signature. For speed, the same difficulties arise again; individuals seem to pick the extremes when establishing “speed” values, i.e. “very fast,” “very slow” or neutral. Even when this is the case, both groups still cannot accurately determine speed rates.

With regard to ranking the “difficulty of forgery”, it was interesting to note the genuine user group migrated again towards the extremes, as shown in Figure 1 with a bimodal distribution, as opposed to the impostor group which tended towards a neutral category resulting in a more normal distribution. Another result worthy of note was that impostors could not accurately determine handedness when viewing a genuine signature.

Overall, it seems that both the genuine and impostor groups do not single out a specific dynamic trait within their judgment of an “easy” or “difficult” signature. Furthermore, it also shows that individuals have difficulty in assigning a speed to their signature – i.e. the perception of speed is different for each individual (both genuine and impostor), and additionally, both the impostors and genuine users ranked their signatures differently when asked about the perceived level of difficulty. Thus the addition of

dynamic traits within a signature may help in the prevention of fraud and identity theft. Future work will be to assess the different levels of forgery as the novice forger becomes more skilled, and to examine which of these dynamic traits are susceptible to the forger.

References

[1] D. J. Hamilton, J. Whelan, A. McLaren, I. MacIntyre, and A. Tizzard, "Low cost dynamic signature verification system," presented at 1995 European Convention on Security and Detection, Brighton, UK, 1995.

[2] W. Nelson and E. Kishon, "Use of dynamic features for signature verification," presented at 1991 IEEE International Conference on Systems, Man, and Cybernetics "Decision Aiding for Complex Systems", Charlottesvill, VA, 1991.

[3] C. Vielhauer, R. Steinmetz, and A. Mayerhofer, "Biometric hash based on statistical features of online signatures," presented at 16th International Conference on Pattern Recognition, 2002.

[4] F. Leclerc and R. Plamondon, Automatic Signature Verification: The State of the Art - 1989-1993. Singapore: World Scientific Publishing Co., 1994.

[5] J.-J. Brault and R. Plamondon, "A Complexity Measure of Handwritten Curves: Modeling of Dynamic Signature Forgery," IEEE Transactions on Systems, Man, and Cybernetics, vol. 23, pp. 400-413, 1993.

[6] M. C. Fairhurst and S. Ng, "Management of access through biometric control: A case study based on automatic signature verification," Universal Access in the Information Society, vol. 1, pp. 31-39, 2001.

[7] A. Kholmatov and B. Yanikoglu, "Biometric Authentication Using Online Signatures," presented at 19th International Symposium on Computer and Information Sciences - ISCIS 2004, Kemer-Antalya, Turkey, 2004.

[8] H. D. Crane and J. S. Ostem, "Automatic Signature Verification using a Three-axis Force-Sensitive Pen," IEEE Transactions on Systems, Man, and Cybernetics, vol. 13, pp. 329-337, 1983.

[9] V. Nalwa, "Automatic On-Line Signature Verification," Proceedings of the IEEE, vol. 85, pp. 215-239, 1997.

[10] I. I. J. S. WG1, "Vocabulary Standing Document SD2," vol. 2005: ISO/IEC JTC1 SC37 WG1, 2005.

[11] D.-Y. Yeung, H. Chang, Y. Xiong, S. George, R. Kashi, T. Matsumoto, and G. Rigoll, "SVC 2004: First International Signature Verification Competition," presented at First International Conference on Biometric Authentication, ICBA, Hong Kong, China, 2004.

[12] S. Elliott, "A Comparison of On-Line Dynamic Signature Trait Variables vis-à-vis Mobile Computing Devices and Table-Based Digitizers," in Third Workshop on Automatic Identification Advanced Technologies. Tarrytown, NY: IEEE, 2002.

[13] L. Lee, Berger, T. & Aviczer E, "Reliable On-Line Human Signature Verification Systems," IEEE Trans. Pattern Analysis Machine, vol. 18, pp. 643-647, 1996.

[14] E. J. R. Justino, Bortolozzi, F., and Sabourin R, "The Interpersonal and Intrapersonal Variability Influences on Off-Line Signature Verification using HMM," presented at Proceedings of the XV Brazillian Symposium on Computer Graphics and Image Processing (SIBGRAPHI'02), 2002.

[15] R. Kemp, Towell, N., & Pike, G, "When Seeing should not be Believing: Photographs, Credit Cards, and Fraud," Applied Cognitive Psychology, vol. 11, pp. 211-222, 1996.

[16] D. Cvrcek, Krhovjak, J., & V. Matyas, "PIN (& Chip) or signature - beating the cheating?." Brno, Czech Republic, 2005.

[17] Interlink Electronics, "E-Pad Signature Pad Specification Sheet," 2006.