Nowadays, it is becoming increasingly necessary to provide a signed document in a revision-proof manner. A so-called biometric-electronic signature has the advantage that a media breach, i.e. printing out an electronic document on paper for signature, is omitted. Moreover, a biometric feature, such as e.g., a signature, can not be copied, stolen or forgotten.
The signature is an unambiguous declaration of intent and a long-recognized method for documenting intention. The usual signature method is not changed with the biometric-electronic signature; however, the signer is not required to be a member of a so-called trust center, as is necessary for a digital signature method. Furthermore, the, e.g., hand-written biometric-electronic signature can be examined by a handwriting expert and for example, can also be compared with signatures on paper; the same applies to a biometric-electronic signature using a fingerprint or voice sample, inter alia, whose features can also be examined by recognized experts according to time-tested methods.
For example, the law covering electronic signatures passed in the Federal Republic of Germany regulates the basic conditions for all paperless signature methods, such as e.g., the digital signature, as used in connection with so-called smart cards and the biometric-electronic signatures relevant herein. This law is based upon the EU-Guidelines for electronic signatures and thereby replaces the law covering digital signatures of 1997, which was limited to only Germany. Thus, a European-wide foundation has been created, based upon which products for electronic signature can be employed in a cross-border manner. It can be assumed that the electronic signature will thereby gain a larger foothold in Europe.
Many large companies now produce their internal workflow almost exclusively electronically. However, up to now, the interface to the “outside world”—e.g., outside contractors such as insurance agents, etc.—has remained paper-bound nearly everywhere. Studies have shown that, for every dollar spent on the production of paper, another 30 to 60 dollars are incurred for the further processing thereof. The biometric-electronic signature thus offers companies the possibility of having electronic documents signed electronically instead of on paper.
In spite of substantial efforts, a biometric-electronic signature of an outside person could not, as of yet, be integrated into an electronic workflow without a media-breach using electronic methods. This shortcoming was due to the legal situation, which was applicable until recently, and also to the previous approaches to solving this problem. The electronic signature captures, which were previously known, now allow every end customer to provide an unmistakable declaration of intent without having to possess a special apparatus or certificate; the declaration of intention is directly transferred into an electronic document as a biometric-electronic signature. This form of biometric signature certainly already possesses a high degree of acceptance today (e.g., in the form of handwritten electronic signatures), in particular due to the well-known package delivery services. However, the misgivings relating to improper use and manipulation of signatures, which are utilized for the execution of contracts, etc., are still very high.
Nevertheless, the biometric-electronic signature is increasingly gaining in importance. From a simple document to a complex agreement, the biometric signature can no longer be ignored for everyday matters. However, the precautions for preventing the manipulation of a biometrically-signed electronic document can still be improved.
It has become known in the interim, with the aid of devices for electronically capturing the signature—so-called signature pads (see e.g., DE 10 2006 000 859.6 and the signature pads of StepOver GmbH/Germany offered under the product names: blueMobile Pad, blueMobile Pad LCD, plusPad and plusPad LCD)—, to realize the handwritten electronic signature without a media-breach during the processing of a digital document from the writing thereof until the archiving thereof. Thus, the central aspect of the problem is the unambiguous correlation of a handwritten electronic signature to a document and to a person. It is also known in the interim to make possible an automatic authenticity-check using the captured biometric data from the handwritten electronic signature and thus to almost completely exclude an improper use. However, it has been shown that security can be still further improved to prevent modification and manipulation of a biometrically-signed (e.g., a handwritten signature) electronic document.
For the sake of clarity, various important terms for the present disclosure are defined as follows:    Electronic signature: reference is made to the corresponding definition in the Guidelines 1999/93/EG of the European Parliament and the European Council concerning the Community Framework for Electronic Signatures, which were published on Jan. 19, 2000 in the Official Journal of the European Community (ABI. L 13 of Jan. 19, 2000, Page 12).    Biometric electronic signature: like an electronic signature, supplemented with an unambiguous biometric identification feature of a person, such as e.g., a fingerprint, a handwritten signature, voice recording, etc., which is securely linked with an electronic data set and/or is inserted therein and is connected by means of a check sum with the data content present at the time point of the signature.    Signature image: a visualization of the signature feature (that is, e.g., the two-dimensional image of a fingerprint, a signature, etc.).    Biometric data: data of a person linked to a feature (such as a fingerprint, a voice recording, a signature, etc.). In contrast to the signature image, biometric data includes, in part, higher resolution and not two-dimensionally depictable information concerning the respective identification feature (e.g., 3-D fingerprint, script image inclusive of writing speed, pressure procession, etc.).    Electric document: a data set, which includes data that can be provided or represented in a form readable or understandable by a human using an appropriate device.