The present invention relates to a digitized signature and, in particular, to a method and apparatus for the capture, generation and/or verification thereof.
A portion of the disclosure of this patent document contains material which is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent disclosure, as it appears in the Patent and Trademark Office patent files or records, but otherwise reserves all copyright rights whatsoever.
The world is long past the time where the economy and society were primarily local and everyone personally knew everyone he encountered, such as in business. As commerce expanded geographically, means other than personal knowledge arose to confirm identity and business. In modern times, with worldwide communication and transportation, business and commerce has become global. In addition, with telephone, undersea cables, radio communication, communication satellites, cell phones, facsimile, e-mail, and the Internet, business and commerce has become virtually instantaneous, irrespective of geographical location. Thus, means of confirming identity and business virtually instantaneously and over long distances have been developed.
Among these are various digital signature transmission and verification protocols, such as public key infrastructure (PKI) which is a form of electronic signature that utilizes encryption codes linked to specific computers and other hardware for providing confirmation and/or verification of users over the Internet. Commercial PKI includes, e.g., those available from VeriSign, Inc. located in Mountain View, Calif. and Digital Signature Trust located in Rockville, Md.
One disadvantage of the available PKI systems is that they lack mobility because the PKI code or key is associated with a particular equipment with which it is registered and must be used. Security and authentication comes in part from the equipment that is registered to the authorized user (person, company or other organization) in conjunction with a public key. Because PKI does not utilize biometric data as verification, anyone gaining access to the registered equipment could engage in a public key transaction and appear authentic.
Certain retail transactions such as credit card purchases now utilize an electronic pad and pen to capture an image or graphic of the signature of the person engaging in a transaction, but the signature image is for credit authorization and is not biometrically verified as belonging to the authorized cardholder. Such digital signature images are typically in an image format such as the JPEG, TIFF or the like, and typically require a substantial memory capacity to store, e.g., typically about three kilobytes. With millions of transactions occurring, the amount of memory capacity needed to store such digital signature images quickly becomes quite large, if not prohibitive. Moreover, because such images can be xe2x80x9ccut and pastedxe2x80x9d electronically, they can easily be falsified by being copied into a different document or file, and so because the copy cannot be distinguished from the original, image signatures cannot offer satisfactory security and authentication.
Other digital signature arrangements also utilize signature pads, e.g., U.S. Pat. Nos. 6,064,751, 5,818,955, and 5,195,133, and characterize certain characteristics of the signature, but all require substantial memory for recording the signature and/or its characteristics, typically, most require 2-4 kilobytes (2000-4000 bytes). Even in a known example of a vector method, the starting point can require as many a 5 bytes or more and each subsequent point can require as many as two additional bytes, so that a complete signature still requires as much as 1-3 kilobytes of memory. Known conventional signature digitizing schemes are based on averages and/or statistical data of various signature characteristics typically derived from a plurality of signings, and so biometric data of any particular signature is lost and is unavailable.
Accordingly, there is a need for a method for digitizing a signature that typically requires less than 1 kilobyte of memory, and preferably less than 500 bytes of memory for a typical signature. Moreover, it would be desirable for such method to be compatible with inexpensive hardware interfaces and for use over the Internet, as well as in other non-Internet utilizations, and to retain certain biometric data of the signature for use in signature authentication.
To this end, the present invention comprises a method for generating a digitized signature record from a signature signed on a signing comprising: recording the starting point of each stroke of the signature and point locations of each stroke of the signature between the starting point and the lift off point, until the signature is completely signed; determining and storing a number of bits for storing the point locations of the strokes of the signature; storing a sampling time or rate at which the recorded points are recorded; storing the locations of the starting points of each stroke of the signature; and coding in the determined number of bits the locations of the points of each stroke of the signature in values relative to a starting point or an immediately previous point thereof, and storing same in the digitized signature record.
According to another aspect of the invention, the method is also for authenticating a digitized signature comprising generating for each signature from the recorded coded point coordinates and times thereof at least two corresponding characteristics of each signature including: a size and shape, a number of strokes, a length of strokes, a number of closed loops, an order or sequence of strokes, a tangent of one or more strokes or segments, a time of the signature or a stroke or segment thereof, a speed of a stroke or of a segment, and/or a derivative of any of the foregoing. Further, comparing the at least two characteristics generated for the signatures and identifying or authenticating the signatures if the comparison correlates to at least a predetermined value.