[go: up one dir, main page]

WO2009145767A1 - Method and system for transmitting and verifying signatures wirelessly - Google Patents

Method and system for transmitting and verifying signatures wirelessly Download PDF

Info

Publication number
WO2009145767A1
WO2009145767A1 PCT/US2008/065039 US2008065039W WO2009145767A1 WO 2009145767 A1 WO2009145767 A1 WO 2009145767A1 US 2008065039 W US2008065039 W US 2008065039W WO 2009145767 A1 WO2009145767 A1 WO 2009145767A1
Authority
WO
WIPO (PCT)
Prior art keywords
time duration
duration values
signature
animation file
receiving device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/US2008/065039
Other languages
French (fr)
Inventor
Johnny Russell
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hewlett Packard Development Co LP
Original Assignee
Hewlett Packard Development Co LP
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hewlett Packard Development Co LP filed Critical Hewlett Packard Development Co LP
Priority to PCT/US2008/065039 priority Critical patent/WO2009145767A1/en
Publication of WO2009145767A1 publication Critical patent/WO2009145767A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V10/00Arrangements for image or video recognition or understanding
    • G06V10/94Hardware or software architectures specially adapted for image or video understanding
    • G06V10/95Hardware or software architectures specially adapted for image or video understanding structured as a network, e.g. client-server architectures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/30Writer recognition; Reading and verifying signatures
    • G06V40/37Writer recognition; Reading and verifying signatures based only on signature signals such as velocity or pressure, e.g. dynamic signature recognition
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • This innovation relates to a method and system for transmitting and verifying handwritten signatures wirelessly.
  • Handwritten signature is unique to every individual because no two persons can sign the same name the exact same way, making handwritten signature extremely useful for authorization purposes. Handwritten signatures are currently used as authorization not only in financial transactions, such as credit card transactions, but also many non-financial transactions. In a business setting, for example, a manager has the constant need to sign documents to authorize certain actions or transactions in the company. However, such handwritten signature authorization is usually only practical if the person signing the signature is present at the location where the signature can be witnessed.
  • the one main disadvantage of handwritten signature authorization is that the person signing the signature needs to be present in order for the signature to be witnessed. If the person signing the signature is at a remote location, his/her signature cannot be witnessed.
  • One solution to this problem is for the person to sign his/her signature on a mobile device, then save the digital signature as an image file, and send the image file to the desired or intended destination.
  • the recipient of the digital signature receives an image file, which is only the end result of the person signing the signature, meaning the recipient of the digital signature still cannot witness the process of the person signing the signature.
  • FIG. 1 is a diagram showing an overview of an exemplary embodiment of the system.
  • FIG. 2 is a diagram showing an overview of an exemplary embodiment of the verification of a wireless signature.
  • FIG. 3 is a diagram showing an exemplary wireless signature and its corresponding verification time intervals.
  • the embodiments of the present innovation provide a method and system for wirelessly transmitting and verifying signatures.
  • the embodiments allow a person to sign his/her signature by hand on a mobile device, record the handwritten signature, encrypt the handwritten signature, and transmit the handwritten signature.
  • the recipient may receive the signature, decrypt the signature, verify that the signature has not been tampered with, replay the signature, and verify the signature.
  • an Extended Messaging Service (XMS) application is used.
  • the XMS application allows a user to record handwritten input onto a notepad-like interface on a mobile device.
  • the mobile device may be a Windows Mobile powered device, or any other mobile device that would allow a user to input a handwritten input.
  • the XMS application can create a real-time record of a signature session and save the signature session as an animation file.
  • the animation file may be in any format that supports animation.
  • the method for transmitting and verifying a wireless signature may be illustrated by the diagram of Fig. 1.
  • the user may use any input device 105 that is capable of inputting handwritten signatures, such as a personal digital assistant (PDA), or a cellular phone. Any mobile device with touch screen support may be used.
  • PDA personal digital assistant
  • Any mobile device with touch screen support may be used.
  • the user may launch an application that is capable of recording handwritten strokes into an animation file in any format.
  • Any handwritten strokes recording applications may be used.
  • certain XMS applications such as XMS tools, or Pocket FlashTM are capable of recording handwritten strokes into one or more animation files.
  • the signature file may be saved as any animation file format, such as flash format, XMS application format, animated graphics interchange format (GIF), or any other file format that supports animation.
  • GIF animated graphics interchange format
  • the file is encrypted using any standard encryption tools. Any encryption technologies that can protect the file during creation and/or transmission may be used. For example, the encryption may be performed using pretty good privacy (PGP), wired equivalent privacy (WEP), wi-fi protected access (WPA), Cisco compatible extensions (CCX), etc.
  • PGP pretty good privacy
  • WEP wired equivalent privacy
  • WPA wi-fi protected access
  • CCX Cisco compatible extensions
  • the signature file may be transmitted using any wireless or wired network, such as a local area network (LAN), a wide area network (WAN), the internet, wi-fi, general packet radio service (GPRS), wideband code division multiple access (WCDMA), ActiveSync, Bluetooth, universal serial bus GJSB), etc.
  • the signature file may be transmitted in any format, such as multimedia messaging service (MMS) or email message.
  • MMS multimedia messaging service
  • the receiving devices 110 and 115 shown in Fig. 1 may be any devices that is capable of receiving electronic messages, such as a PDA or a computer connected to any wireless or wired network.
  • the signature animation file may be decrypted.
  • Some standard encryption/decryption software may also perform a check to determine whether the signature animation file has been tampered with before, during, or after transmission. Any encryption/decryption software that provides tampering checks may be used. If the check indicates that the signature animation file has been tampered with, the software would initiate an alert to the recipient and/or sender of the signature animation file.
  • the signature animation file may be decrypted. After the signature animation file has been decrypted, the signature animation file may be "played back" by the receiving device. Any XMS applications or applications that support flash or animation file formats may be used for "playing back” the signature. Instead of simply showing the resulting signature image, the signature is "played back" the same way the signature is written by the sender. Therefore, the system 100 allows the recipient of the signature to "witness" the signing process even if the user is at a remote location. [0018] In another exemplary embodiment, additional signature verification algorithms may be used, such as those discussed below with regard to Fig. 3.
  • the system may collect a set of time measurement values by measuring the total time duration between the moment when a stylus registers on the touch screen to the time that it ceases during a signature recording. For instance, for a standard two name signature, three measurements may be taken: (i) the time required to write the first name; (ii) the time required to write the second name; and (iii) the time gap between the first name and the second name.
  • the time measurement values recording application may function without a user interface on the mobile device.
  • the time measurement values recording application may run in the background and register the activity of signature recording applications and the activity of the touch screen.
  • the time measurement values recording application may use the registered information to produce quantified, time based variables that may be encrypted and transmitted to another device or verified against existing or stored time based variables.
  • time measurement values may be incorporated into the signature animation file, encrypted and transmitted to the recipient.
  • the time measurement values may be saved as an authentication file, encrypted and transmitted to the recipient separately from the signature animation file.
  • the receiving device 110 or 115 receives the signature animation file and time measurement values (in a separate authentication file or incorporated with the signature animation file)
  • the recipient of the signature animation file may open the signature animation file.
  • the receiving device may proceed to decrypt the signature animation file and the time measurement values. From the received signature animation file, the receiving device may obtain time measurement values directly from the signature animation file.
  • the receiving device may then compare the time measurement values received from the input device against the time measurement values extracted directly from the signature animation file to determine if the two sets of time measurement values match with each other. If the receiving device determines that the two sets of time measurement values do not match each other, the receiving device may launch an alert for the recipient and/or sender of the signature animation file that the signature animation file may have been tampered with. If the receiving device determines that the two sets of time measurement values match each other, the receiving device may then proceed to "play back" the signature animation file.
  • a user may initially create a baseline or average set of time measurement values for later use in comparison in further signature verification processes.
  • the baseline or average set of time measurement values may be created by writing and recording the digital signature multiple times. For example, a user may write his/her signature ten times or more, the time measurement values of those signatures are then recorded and averaged to form a baseline set of time measurement values.
  • the baseline may be created by further processing such as calculations of averages, means and modes.
  • These sets of baseline time measurement values may be assigned a unique identifier, transmitted and stored at a secure server.
  • the exemplary embodiment may be illustrated by the diagram of Fig. 2.
  • the baseline time measurement values for a particular user may be stored in a secure storage medium 210.
  • the storage medium 210 may be a secure server that supports authentication to offer further protection to the stored baseline time measurement values. Any suitably secured computers with communication capabilities that can host the authentication files and handle secure transactions may be used.
  • the user may use input device 205 to provide a set of time measurement values to the secure server 210 by signing his/her signature multiple times and transmitting the recorded time measurement values to the secure server 210.
  • the secure server 210 may process the set of time measurement values for averages, means and/or modes to obtain a set of baseline measurement values for the particular user.
  • the secure server 210 may then assign a unique identifier to the set of baseline measurement values for the particular user and store the set of baseline measurement values.
  • the baseline signatures may be created remotely or at the same premise where the secure server resides, depending on the user's custom security policies.
  • the user may open a recording application on input device 205, and complete a signature session, i.e. sign his/her signature and allow the recording application to record the signature and time measurement values.
  • the digital signature may be saved as a signature animation file.
  • the signature animation file may then be encrypted by the input device 205 and transmitted to the receiving device 215.
  • the signature animation file may be transmitted using any format, such as MMS or email.
  • the signature animation file may be protected during creation and/or transmission using standard encryption tools, or any other encryption tools according to the senders' and recipients' preference.
  • the unique identifier of the particular user and the recorded time measurement values may also be encrypted and transmitted.
  • the unique identifier may be transmitted to allow the receiving device 215 to request the secure server 210 to locate the stored baseline time measurement values on the secure sever 210.
  • the unique identifier may be incorporated with the signature animation file; or the unique identifier may be incorporated with the separate authentication file; or alternatively, the unique identifier may be encrypted and transmitted as a separate identifier file.
  • the signature animation file (and authentication file, if any) has been successfully received by the receiving device 215, the signature animation file (and any authentication files) may be decrypted, and the time measurement values may be extracted directly from the signature animation file or authentication file.
  • the receiving device 215 may then transmit the unique identifier and the extracted time measurement values to secure sever 210 and request a comparison. Alternatively, the receiving device 215 may transmit the signature animation file and any authentication files without any decryption.
  • the secure server 210 receives the signature animation file (and any authentication files)
  • the secure server 210 may then decrypt the signature animation file (and any authentication files) and extract the time measurement values and unique identifier.
  • the secure server 210 may locate the stored baseline time measurement values and compare against the time measurement values transmitted by receiving device 215. If the comparison falls within a range or threshold, the signature is considered authenticate. On the other hand, if the comparison falls outside of a range or threshold, the signature is considered not authenticate.
  • the range or threshold may be predetermined by the user or recipient and stored on the secure server 210 with the unique identifier. Each user may have a different range or threshold. If the secure server 210 determines that the signature is authenticate, the secure server may transmit an indicator to the receiving device 215. The receiving device 215 receives the indicator, and may proceed to decrypt and "play back" the signature.
  • the secure server 210 may send an alert to the receiving device 215 and/or input device 205.
  • the receiving device may perform the comparison on the receiving device 215 instead of requesting the secure server 210 to perform the comparison.
  • the receiving device 215 may transmit the unique identifier to the secure server 210 and request the secure server 210 to locate the stored baseline time measurement values.
  • the secure server 210 may then locate the stored baseline time measurement values based on the unique identifier provided by the receiving device 215, and transmit the baseline time measurement values to the receiving device 215.
  • the secure server 210 may also encrypt the baseline time measurement values before transmitting to the receiving device 215.
  • the receiving device 215 may perform a comparison between the baseline time measurement values and the recorded time measurement values. If the comparison exceeds a predetermined range or threshold, the receiving device 215 may determine that the signature is not authenticate and raise an alert to the recipient and/or the sender. On the other hand, if the comparison falls within the predetermined range or threshold, the receiving device 215 may then determine that the signature is authenticate and proceed to decrypt and "play back" the signature for the recipient.
  • the recipient may preset the threshold or range according to the recipient's preference.
  • the system may provide stronger signature verification by increasing the number of time measurement values measured during a signature session.
  • time measurement values may be measured for subsections of pen strokes. Since a time variable may be associated with a specific location in the signature window or approximate location within the pen stroke, verification may occur at a pixel or sub-second level.
  • the exemplary embodiment may be illustrated in the diagram of Fig. 3.
  • Fig. 3 shows a sample signature comprising a first name and a last name.
  • the first time measurement value 301 may be taken from the first detection on the touch screen to the end of the signature session, i.e., the time measurement value 301 may be the time elapsed for the entire signature, from the moment the user puts his/her pen or stylus onto the touch screen to the time the user indicates he/she has completed the signature.
  • the second time measurement value 302 may be measured from the first detection on the touch screen until the detection ceases. In other words, the second time measurement value 302 may be measured from the moment the user puts his/her pen or stylus on to the touch screen to the moment the user lifts his/her pen or stylus. [0030] As further shown in Fig. 3, the third time measurement value 303 may be measured from the first cessation of detection on the touch screen until the next detection. In other words, the third time measurement value 303 may be measured from the moment the user lifts his/her pen or stylus to the moment the user puts his/her pen or stylus on the touch screen again.
  • the fourth time measurement value 304 may be measured from the second detection on the touch screen until the next cessation or the end of the signature session. In other words, the fourth time measurement value 304 may be measured from the moment the user put his/her pen or stylus on the touch screen again to the moment the user lifts his/her pen or stylus.
  • the sample signature shown in Fig. 3 comprises a first name and a last name, but the time measurement values may be measured for any signatures. For example, if the signature comprises three names, i.e., a first name, a middle name, and a last name, then more time measurement values may be measured from the signature. In other words, after the fourth time measurement value has been measured from the second detection on the touch screen until the next cessation of the detection, additional time measurement values may be measured.
  • the fifth time measurement value may be measured from the second cessation of detection on the touch screen until the next detection, i.e., the fifth time measurement value may be measured from the end of the measurement of the fourth time measurement value to the moment the user puts his/her pen or stylus on the touch screen again.
  • the sixth time measurement may be measured from the third detection on the touch screen until the end of the signature session, i.e., the sixth time measurement may be measured from the moment the user puts his/her pen or stylus on the touch screen again until the user lifts his/her pen or stylus off the touch screen.
  • the system may record as many time measurement values as it is necessary depending on the number of "subsections" the signature may be divided into in order to increase the accuracy of the signature verification process.
  • the user may customize thresholds for each time measurement values. For example, the user may consider the first time measurement value (the time duration for the entire signature) to be the most important item of comparison; therefore, the user may set a very low threshold value for comparison purposes. On the other hand, the user may consider the third time measurement value (the time duration between pen/stylus detections) to be the least important item of comparison, thus setting a higher threshold value for comparison purposes. These customized settings may be stored in the secure server 210 and may be different for each signature.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Theoretical Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Human Computer Interaction (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The embodiments of the present innovation provide a method and system for wirelessly transmitting and verifying signatures. The method and system record a signature session into a signature animation file, encrypt the signature animation file, transmit the signature animation file, decrypt the signature animation file, and play back the signature animation file. The method and system can also measure time measurement values of a signature session and compares against baseline time measurement values for signature verification.

Description

METHOD AND SYSTEM FOR TRANSMITTING AND VERIFYING SIGNATURES WIRELESSLY
BACKGROUND
[0001] This innovation relates to a method and system for transmitting and verifying handwritten signatures wirelessly.
[0002] As people and business become more and more mobile, the ability to securely transmit and verify handwritten signatures becomes more and more important because businesses are now conducted globally with people scattered in different locations.
[0003] Handwritten signature is unique to every individual because no two persons can sign the same name the exact same way, making handwritten signature extremely useful for authorization purposes. Handwritten signatures are currently used as authorization not only in financial transactions, such as credit card transactions, but also many non-financial transactions. In a business setting, for example, a manager has the constant need to sign documents to authorize certain actions or transactions in the company. However, such handwritten signature authorization is usually only practical if the person signing the signature is present at the location where the signature can be witnessed.
[0004] Currently there is no solution that would allow a handwritten signature to be used as authorization on a mobile device. Presently available solutions mainly rely on the use of passwords or authorization codes. However, the use of passwords and/or authorization codes are inadequate because these codes may leak through a security breach or these codes can be obtained by criminals. Current credit card transactions make use of additional three to four digit number strings for an extra layer of identity verification. But, this measure can be circumvented if the number string is available to a criminal, as in the case of a lost credit card. Other virtual payment methods, such as Paypal, make use of email addresses and passwords. In these virtual payment transactions, the email addresses are part of all the payment records. Thus, any security breach would jeopardize the security of the passwords and unauthorized persons may gain access to the accounts. [0005] The one main disadvantage of handwritten signature authorization is that the person signing the signature needs to be present in order for the signature to be witnessed. If the person signing the signature is at a remote location, his/her signature cannot be witnessed. One solution to this problem is for the person to sign his/her signature on a mobile device, then save the digital signature as an image file, and send the image file to the desired or intended destination. However, the recipient of the digital signature receives an image file, which is only the end result of the person signing the signature, meaning the recipient of the digital signature still cannot witness the process of the person signing the signature. Thus, the idea of digital signature images is inadequate in allowing a person to securely authorize financial or non- financial transactions from a mobile device. The ability to securely authorize non- financial transactions is especially useful in executive orders, medical approval or any remote identity verifications. In addition, it would be desirable for financial transactions that require verification to be handled remotely with greater security. [0006] Therefore, there is a need for a method and a system that would allow a handwritten signature transmitted from a mobile device to be used as authorizations.
BRIEF DESCRIPTION OF THE DRAWINGS
[0007] The method and system for transmitting and verifying wireless signatures are further described with reference to the accompanying drawings in which:
[0008] Fig. 1 is a diagram showing an overview of an exemplary embodiment of the system.
[0009] Fig. 2 is a diagram showing an overview of an exemplary embodiment of the verification of a wireless signature.
[0010] Fig. 3 is a diagram showing an exemplary wireless signature and its corresponding verification time intervals.
DETAILED DESCRIPTION OF THE EMBODIMENTS
[0011] The embodiments of the present innovation provide a method and system for wirelessly transmitting and verifying signatures. [0012] The embodiments allow a person to sign his/her signature by hand on a mobile device, record the handwritten signature, encrypt the handwritten signature, and transmit the handwritten signature. The recipient may receive the signature, decrypt the signature, verify that the signature has not been tampered with, replay the signature, and verify the signature.
[0013] In one exemplary embodiment, an Extended Messaging Service (XMS) application is used. The XMS application allows a user to record handwritten input onto a notepad-like interface on a mobile device. The mobile device may be a Windows Mobile powered device, or any other mobile device that would allow a user to input a handwritten input. The XMS application can create a real-time record of a signature session and save the signature session as an animation file. The animation file may be in any format that supports animation.
[0014] In an exemplary embodiment, the method for transmitting and verifying a wireless signature may be illustrated by the diagram of Fig. 1. As shown in Fig. 1 , the user may use any input device 105 that is capable of inputting handwritten signatures, such as a personal digital assistant (PDA), or a cellular phone. Any mobile device with touch screen support may be used. In this exemplary embodiment, the user may launch an application that is capable of recording handwritten strokes into an animation file in any format. Any handwritten strokes recording applications may be used. For example, certain XMS applications, such as XMS tools, or Pocket Flash™ are capable of recording handwritten strokes into one or more animation files. The signature file may be saved as any animation file format, such as flash format, XMS application format, animated graphics interchange format (GIF), or any other file format that supports animation.
[0015] After the user signed his/her name using the XMS application, the file is encrypted using any standard encryption tools. Any encryption technologies that can protect the file during creation and/or transmission may be used. For example, the encryption may be performed using pretty good privacy (PGP), wired equivalent privacy (WEP), wi-fi protected access (WPA), Cisco compatible extensions (CCX), etc. Once the signature file is encrypted, it may be transmitted using any wireless or wired network, such as a local area network (LAN), a wide area network (WAN), the internet, wi-fi, general packet radio service (GPRS), wideband code division multiple access (WCDMA), ActiveSync, Bluetooth, universal serial bus GJSB), etc. The signature file may be transmitted in any format, such as multimedia messaging service (MMS) or email message.
[0016] The receiving devices 110 and 115 shown in Fig. 1 may be any devices that is capable of receiving electronic messages, such as a PDA or a computer connected to any wireless or wired network. When the signature animation file is received by the receiving devices 110 or 115, the signature animation file may be decrypted. Some standard encryption/decryption software may also perform a check to determine whether the signature animation file has been tampered with before, during, or after transmission. Any encryption/decryption software that provides tampering checks may be used. If the check indicates that the signature animation file has been tampered with, the software would initiate an alert to the recipient and/or sender of the signature animation file.
[0017] If the check indicates that the signature animation file has not been tampered with, the signature animation file may be decrypted. After the signature animation file has been decrypted, the signature animation file may be "played back" by the receiving device. Any XMS applications or applications that support flash or animation file formats may be used for "playing back" the signature. Instead of simply showing the resulting signature image, the signature is "played back" the same way the signature is written by the sender. Therefore, the system 100 allows the recipient of the signature to "witness" the signing process even if the user is at a remote location. [0018] In another exemplary embodiment, additional signature verification algorithms may be used, such as those discussed below with regard to Fig. 3. For example, in addition to recording the handwritten strokes of the signature, the time intervals required to complete a signature session are also recorded. The system may collect a set of time measurement values by measuring the total time duration between the moment when a stylus registers on the touch screen to the time that it ceases during a signature recording. For instance, for a standard two name signature, three measurements may be taken: (i) the time required to write the first name; (ii) the time required to write the second name; and (iii) the time gap between the first name and the second name. The time measurement values recording application may function without a user interface on the mobile device. The time measurement values recording application may run in the background and register the activity of signature recording applications and the activity of the touch screen. The time measurement values recording application may use the registered information to produce quantified, time based variables that may be encrypted and transmitted to another device or verified against existing or stored time based variables.
[0019] These time measurement values may be incorporated into the signature animation file, encrypted and transmitted to the recipient. Alternatively, the time measurement values may be saved as an authentication file, encrypted and transmitted to the recipient separately from the signature animation file. When the receiving device 110 or 115 receives the signature animation file and time measurement values (in a separate authentication file or incorporated with the signature animation file), the recipient of the signature animation file may open the signature animation file. When the recipient of the signature animation file opens the signature animation file, the receiving device may proceed to decrypt the signature animation file and the time measurement values. From the received signature animation file, the receiving device may obtain time measurement values directly from the signature animation file. The receiving device may then compare the time measurement values received from the input device against the time measurement values extracted directly from the signature animation file to determine if the two sets of time measurement values match with each other. If the receiving device determines that the two sets of time measurement values do not match each other, the receiving device may launch an alert for the recipient and/or sender of the signature animation file that the signature animation file may have been tampered with. If the receiving device determines that the two sets of time measurement values match each other, the receiving device may then proceed to "play back" the signature animation file.
[0020] In another exemplary embodiment, a user may initially create a baseline or average set of time measurement values for later use in comparison in further signature verification processes. The baseline or average set of time measurement values may be created by writing and recording the digital signature multiple times. For example, a user may write his/her signature ten times or more, the time measurement values of those signatures are then recorded and averaged to form a baseline set of time measurement values. To obtain more accurate information from the initial recorded time measurement values, the baseline may be created by further processing such as calculations of averages, means and modes. These sets of baseline time measurement values may be assigned a unique identifier, transmitted and stored at a secure server. [0021] The exemplary embodiment may be illustrated by the diagram of Fig. 2.
According to Fig. 2, the baseline time measurement values for a particular user may be stored in a secure storage medium 210. For example, the storage medium 210 may be a secure server that supports authentication to offer further protection to the stored baseline time measurement values. Any suitably secured computers with communication capabilities that can host the authentication files and handle secure transactions may be used. The user may use input device 205 to provide a set of time measurement values to the secure server 210 by signing his/her signature multiple times and transmitting the recorded time measurement values to the secure server 210. The secure server 210 may process the set of time measurement values for averages, means and/or modes to obtain a set of baseline measurement values for the particular user. The secure server 210 may then assign a unique identifier to the set of baseline measurement values for the particular user and store the set of baseline measurement values. The baseline signatures may be created remotely or at the same premise where the secure server resides, depending on the user's custom security policies. [0022] Following the flow diagram of Fig. 2, when a secure signature is needed by a remote parly 215, the user may open a recording application on input device 205, and complete a signature session, i.e. sign his/her signature and allow the recording application to record the signature and time measurement values. The digital signature may be saved as a signature animation file. The signature animation file may then be encrypted by the input device 205 and transmitted to the receiving device 215. The signature animation file may be transmitted using any format, such as MMS or email. The signature animation file may be protected during creation and/or transmission using standard encryption tools, or any other encryption tools according to the senders' and recipients' preference. In addition, the unique identifier of the particular user and the recorded time measurement values may also be encrypted and transmitted. The unique identifier may be transmitted to allow the receiving device 215 to request the secure server 210 to locate the stored baseline time measurement values on the secure sever 210. The unique identifier may be incorporated with the signature animation file; or the unique identifier may be incorporated with the separate authentication file; or alternatively, the unique identifier may be encrypted and transmitted as a separate identifier file.
[0023] When the signature animation file (and authentication file, if any) has been successfully received by the receiving device 215, the signature animation file (and any authentication files) may be decrypted, and the time measurement values may be extracted directly from the signature animation file or authentication file. [0024] The receiving device 215 may then transmit the unique identifier and the extracted time measurement values to secure sever 210 and request a comparison. Alternatively, the receiving device 215 may transmit the signature animation file and any authentication files without any decryption. When the secure server 210 receives the signature animation file (and any authentication files), the secure server 210 may then decrypt the signature animation file (and any authentication files) and extract the time measurement values and unique identifier.
[0025] The secure server 210 may locate the stored baseline time measurement values and compare against the time measurement values transmitted by receiving device 215. If the comparison falls within a range or threshold, the signature is considered authenticate. On the other hand, if the comparison falls outside of a range or threshold, the signature is considered not authenticate. The range or threshold may be predetermined by the user or recipient and stored on the secure server 210 with the unique identifier. Each user may have a different range or threshold. If the secure server 210 determines that the signature is authenticate, the secure server may transmit an indicator to the receiving device 215. The receiving device 215 receives the indicator, and may proceed to decrypt and "play back" the signature. On the other hand, if the secure server 210 determines that the signature is not authenticate, the secure server 210 may send an alert to the receiving device 215 and/or input device 205. [0026] Alternatively, in another exemplary embodiment, the receiving device may perform the comparison on the receiving device 215 instead of requesting the secure server 210 to perform the comparison. For example, the receiving device 215 may transmit the unique identifier to the secure server 210 and request the secure server 210 to locate the stored baseline time measurement values. The secure server 210 may then locate the stored baseline time measurement values based on the unique identifier provided by the receiving device 215, and transmit the baseline time measurement values to the receiving device 215. The secure server 210 may also encrypt the baseline time measurement values before transmitting to the receiving device 215. When the receiving device 215 receives the baseline time measurement values, the receiving device may perform a comparison between the baseline time measurement values and the recorded time measurement values. If the comparison exceeds a predetermined range or threshold, the receiving device 215 may determine that the signature is not authenticate and raise an alert to the recipient and/or the sender. On the other hand, if the comparison falls within the predetermined range or threshold, the receiving device 215 may then determine that the signature is authenticate and proceed to decrypt and "play back" the signature for the recipient. The recipient may preset the threshold or range according to the recipient's preference.
[0027] Furthermore, the system may provide stronger signature verification by increasing the number of time measurement values measured during a signature session. In one exemplary embodiment, time measurement values may be measured for subsections of pen strokes. Since a time variable may be associated with a specific location in the signature window or approximate location within the pen stroke, verification may occur at a pixel or sub-second level. The exemplary embodiment may be illustrated in the diagram of Fig. 3. Fig. 3 shows a sample signature comprising a first name and a last name.
[0028] As shown in Fig. 3, several time measurement values may be taken from the sample signature. For example, the first time measurement value 301 may be taken from the first detection on the touch screen to the end of the signature session, i.e., the time measurement value 301 may be the time elapsed for the entire signature, from the moment the user puts his/her pen or stylus onto the touch screen to the time the user indicates he/she has completed the signature.
[0029] Continuing with the exemplary embodiment shown in Fig. 3, the second time measurement value 302 may be measured from the first detection on the touch screen until the detection ceases. In other words, the second time measurement value 302 may be measured from the moment the user puts his/her pen or stylus on to the touch screen to the moment the user lifts his/her pen or stylus. [0030] As further shown in Fig. 3, the third time measurement value 303 may be measured from the first cessation of detection on the touch screen until the next detection. In other words, the third time measurement value 303 may be measured from the moment the user lifts his/her pen or stylus to the moment the user puts his/her pen or stylus on the touch screen again.
[0031] The fourth time measurement value 304 may be measured from the second detection on the touch screen until the next cessation or the end of the signature session. In other words, the fourth time measurement value 304 may be measured from the moment the user put his/her pen or stylus on the touch screen again to the moment the user lifts his/her pen or stylus.
[0032] The sample signature shown in Fig. 3 comprises a first name and a last name, but the time measurement values may be measured for any signatures. For example, if the signature comprises three names, i.e., a first name, a middle name, and a last name, then more time measurement values may be measured from the signature. In other words, after the fourth time measurement value has been measured from the second detection on the touch screen until the next cessation of the detection, additional time measurement values may be measured. For example, the fifth time measurement value may be measured from the second cessation of detection on the touch screen until the next detection, i.e., the fifth time measurement value may be measured from the end of the measurement of the fourth time measurement value to the moment the user puts his/her pen or stylus on the touch screen again. Accordingly, the sixth time measurement may be measured from the third detection on the touch screen until the end of the signature session, i.e., the sixth time measurement may be measured from the moment the user puts his/her pen or stylus on the touch screen again until the user lifts his/her pen or stylus off the touch screen.
[0033] In other exemplary embodiments, the system may record as many time measurement values as it is necessary depending on the number of "subsections" the signature may be divided into in order to increase the accuracy of the signature verification process. In other exemplary embodiments, the user may customize thresholds for each time measurement values. For example, the user may consider the first time measurement value (the time duration for the entire signature) to be the most important item of comparison; therefore, the user may set a very low threshold value for comparison purposes. On the other hand, the user may consider the third time measurement value (the time duration between pen/stylus detections) to be the least important item of comparison, thus setting a higher threshold value for comparison purposes. These customized settings may be stored in the secure server 210 and may be different for each signature.
[0034] It is understood that the herein described apparatus and methods are susceptible to various modifications and alternative constructions. There is no intention to limit the invention to the specific constructions described herein. To the contrary, the invention is intended to cover all modifications, alternative constructions, and equivalents falling within the scope and spirit of the invention. [0035] Although an exemplary implementation of the invention has been described in detail above, those skilled in the art will readily appreciate that many additional modifications are possible in the exemplary embodiments without materially departing from the novel teachings and advantages of the invention. Accordingly, these and all such modifications are intended to be included within the scope of this invention.

Claims

CLAIMSWhat is claimed is:
1. A method of wirelessly transmitting digital handwritten signatures, comprising the steps of: recording a user's signature as an animation file; encrypting the animation file; transmitting the animation file to a receiving device wirelessly; decrypting the animation file; and playing the animation file on the receiving device.
2. The method as recited in claim 1, further comprising: recording one or more time duration values of the signature; transmitting the recorded time duration values to the receiving device wirelessly; extracting time duration values from the received animation file; comparing the recorded time duration values with the extracted time duration values; raising an alert if the recorded time duration values do not match the extracted time duration values; and playing the animation file on the receiving device if the recorded time duration values match the extracted time duration values.
3. The method as recited in claim 1, further comprising: storing one or more baseline time duration values; recording one or more time duration values of the signature; comparing the baseline time duration values with the recorded time duration values; raising one or more alerts if the differences between the baseline time duration values and the recorded time duration values exceed one or more thresholds; and indicating signature as authenticate if the differences between the baseline time duration values and the recorded time duration values fall within one or more thresholds.
4. The method as recited in claim 3, further comprising: transmitting the baseline time duration values and the time duration values of the signature to the receiving device; and operating the receiving device to perform the comparing, raising and indicating steps.
5. The method as recited in claim 4, wherein: the step of transmitting the baseline time duration values and the time duration values comprises including the baseline time duration values and the time duration values in the animation file being transmitted during the animation file transmitting step.
6. The method as recited in claim 3, wherein: a server performs the comparing, raising and indicating steps as requested by the receiving device.
7. The method as recited in claim 3, further comprising: assigning one or more thresholds to each user's time duration values.
8. The method as recited in claim 3, wherein the baseline time duration values recording step further comprises: recording one or more time duration values of a plurality of signatures from a user; processing the time duration values for averages; and storing the averages as the baseline time duration values.
9. The method as recited in claim 8, further comprising: processing the time duration values for means and modes; and storing the averages, means and modes as the baseline time duration values.
10. The method as recited in claim 1, wherein: the animation file is transmitted via MMS or email.
11. A system for wirelessly transmitting digital handwritten signatures, comprising: an input device; and a receiving device; wherein the input device further comprises: a touch screen capable of accepting at least one digital handwritten signature from a user; a processor for recording the user's signature as an animation file and encrypting the animation file; and a communication component for wirelessly transmitting the animation file; and the receiving device further comprises: a communication component for receiving the animation file; a processor for decrypting the animation file; and a display component for displaying the playback of the animation file.
12. The system as recited in claim 11 , wherein: the input device: records one or more time duration values of the signature; transmits the recorded time duration values to the receiving device; the receiving device: extracts the time duration values from the received animation file; compares the recorded time duration values with the extracted time duration values; raises an alert if the recorded time duration values do not match the extracted time duration values; and plays the animation file on the receiving device if the recorded time duration values match the extracted time duration values.
13. The system as recited in claim 11 , further comprises : a server with one or more storage medium for storing one or more baseline time duration values; wherein: the input device: records one or more time duration values of the signature; transmits the recorded time duration values to the receiving device; the receiving device: transmits the recorded time duration values to the server; and the server: compares the baseline time duration values with the recorded time duration values; raises one or more alerts if the differences between the baseline time duration values and the recorded time duration values exceed one or more thresholds; and indicates signature as authenticate if the difference between the baseline time duration values and the recorded time duration values fall within one or more thresholds.
14. The system as recited in claim 12, wherein the input device records a plurality of time duration values for a plurality of subsections of the signature.
15. The system as recited in claim 11 , further comprises : a server with one or more storage medium for storing one or more baseline time duration values; wherein: the input device: records one or more time duration values of the signature; transmits the recorded time duration values to the receiving device; the server: transmits the baseline time duration values to the receiving device; and the receiving device: compares the baseline time duration values with the recorded time duration values; raises one or more alerts if the differences between the baseline time duration values and the recorded time duration values exceed one or more thresholds; and indicates signature as authenticate if the difference between the baseline time duration values and the recorded time duration values fall within one or more thresholds.
16. The system as recited in claim 13, wherein: the input device: incorporates the recorded time duration values into the animation file; transmits the recorded time duration values to the receiving device by transmitting the animation file; and the receiving device: extracts the recorded time duration values from the animation file.
17. The system as recited in claim 13, wherein the server: assigns one or more thresholds to each user's time duration values.
18. The method as recited in claim 13, wherein: the input device: incorporates the recorded time duration values into the animation file; transmits the recorded time duration values to the receiving device by transmitting the animation file; the receiving device: transmits the recorded time duration values to the server by transmitting the animation file; and the server: extracts the recorded time duration values from the animation file.
19. The system as recited in claim 11 , wherein the input device is a mobile device.
20. The system as recited in claim 11 , wherein the input device is a personal digital assistant.
PCT/US2008/065039 2008-05-29 2008-05-29 Method and system for transmitting and verifying signatures wirelessly Ceased WO2009145767A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/US2008/065039 WO2009145767A1 (en) 2008-05-29 2008-05-29 Method and system for transmitting and verifying signatures wirelessly

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2008/065039 WO2009145767A1 (en) 2008-05-29 2008-05-29 Method and system for transmitting and verifying signatures wirelessly

Publications (1)

Publication Number Publication Date
WO2009145767A1 true WO2009145767A1 (en) 2009-12-03

Family

ID=41377376

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2008/065039 Ceased WO2009145767A1 (en) 2008-05-29 2008-05-29 Method and system for transmitting and verifying signatures wirelessly

Country Status (1)

Country Link
WO (1) WO2009145767A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10614607B2 (en) 2016-06-12 2020-04-07 Apple Inc. Playback of handwritten message

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20050034841A (en) * 2003-10-10 2005-04-15 한국전자통신연구원 Method for creating and verifying simple object access protocol message on web service security using signature encryption
KR20060073474A (en) * 2004-12-23 2006-06-28 인피니언 테크놀로지스 아게 Data processing method by data processing device, telecommunication terminal device and data processing device
KR20060118102A (en) * 2005-05-16 2006-11-23 엘지전자 주식회사 Apparatus and method for generating handwritten signature message of mobile communication terminal
US20070113293A1 (en) * 2004-11-17 2007-05-17 Steven Blumenau Systems and methods for secure sharing of information

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20050034841A (en) * 2003-10-10 2005-04-15 한국전자통신연구원 Method for creating and verifying simple object access protocol message on web service security using signature encryption
US20070113293A1 (en) * 2004-11-17 2007-05-17 Steven Blumenau Systems and methods for secure sharing of information
KR20060073474A (en) * 2004-12-23 2006-06-28 인피니언 테크놀로지스 아게 Data processing method by data processing device, telecommunication terminal device and data processing device
KR20060118102A (en) * 2005-05-16 2006-11-23 엘지전자 주식회사 Apparatus and method for generating handwritten signature message of mobile communication terminal

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10614607B2 (en) 2016-06-12 2020-04-07 Apple Inc. Playback of handwritten message
US11194599B2 (en) 2016-06-12 2021-12-07 Apple Inc. Handwritten message input for electronic devices

Similar Documents

Publication Publication Date Title
US11943362B2 (en) System and method for providing personal information using one time private key based on blockchain of proof of use
US11310058B2 (en) Methods for digitally signing an electronic file and authentication method
EP2573986B1 (en) Methods and systems for increasing the security of electronic messages
US8485438B2 (en) Mobile computing device authentication using scannable images
AU2013205396B2 (en) Methods and Systems for Conducting Smart Card Transactions
US12326961B2 (en) Individual data unit and methods and systems for enhancing the security of user data
CN115485709A (en) smart card unlock
WO2008030184A1 (en) Improved authentication system
CN106022081B (en) A kind of card reading method of identity card card-reading terminal, identity card card-reading terminal and system
US20160182464A1 (en) Techniques for securing delivery of an audio message
CN103312519A (en) Dynamic password device and working method thereof
KR101067146B1 (en) Method for processing encrypted message in portable terminal and portable terminal
JP4270398B2 (en) System and method for displaying a secure status indicator on a display
US20130326223A1 (en) Methods and systems for increasing the security of private keys
JP4976978B2 (en) Information processing system
CN108322440A (en) It is a kind of to utilize safety equipment Card Reader login method and Security Login System
WO2009145767A1 (en) Method and system for transmitting and verifying signatures wirelessly
CN114006721A (en) E-mail risk detection method and system
EP2624188A1 (en) Methods and systems for increasing the security of electronic messages
KR102876255B1 (en) Apparatus for determining approval of entering to a restricted space using user information and method thereof
JP4981733B2 (en) Encrypted file management system and method for portable terminal, apparatus and program thereof
WO2012038449A2 (en) Authentication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08756416

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08756416

Country of ref document: EP

Kind code of ref document: A1