If the customer is not paying cash for a transaction but instead is charging the transaction cost to a credit card or bank account, a retailer typically may require the customer to sign a charge slip as evidence that the customer is who he says he is and actually purchased the goods or services. Retailers commonly save and file these signed paper receipts, and forward them upon request to a credit card company or other financial institution as evidence of the transaction. In addition, some retailers attempt to "authenticate" the customer's signature at time of transaction by visually comparing it with a presumed authentic signature on the back of the credit card and/or on a photo ID such as a driver's license. Thus, the store clerk makes a quick visual comparison between (a) a presumed-to-be-authentic signature presented by the customer, and (b) the signature the customer created on a paper charge slip in the presence of the store clerk.
This "authentication" technique may sometimes be successful in detecting amateur thieves, but has severe limitations that make it totally ineffective against any serious and/or intelligent thief. For example, a thief can easily avoid detection by simply practicing the signature to be forged beforehand--since store clerks typically are not skilled in the art of handwriting comparison. Skillful thieves can distract the store clerk with small talk or compliments--thereby effectively destroying the effectiveness of any visual handwriting comparisons. Moreover, many store clerks (especially those faced with a long line of anxiously waiting customers) may not be willing to take the time to make a careful visual signature comparison. Still further, a thief can destroy the reliability of the entire visual inspection handwriting authentication process by presenting his own handwritten signature of an alias name as the presumed-to-be-valid signature for comparison purposes. People sometimes do not sign the backs of their credit cards as they are supposed to, and a thief can easily write the credit card owner's name in the thief's own handwriting on the back of an unsigned card--which the thief can of course easily reproduce on demand on a paper charge slip. Professional thieves sometimes also forge photo IDs--completely bypassing efforts to detect fraudulent transactions based on visual handwriting comparison. In addition, store clerks very seldom study the hand-written signature on the back of the card and there is thus little chance of detecting the use of a lost or stolen card.
An alternative to using a signature for establishing authorization to conduct a transaction is to have the customer input his or her PIN (personal identification number) into a transaction terminal. This PIN technique has recently become quite popular for point-of-sale transactions involving ATM (automatic teller machine) bank cards. However, PIN-based transactions suffer from the following problems as compared to requiring a signature:
1) If the PIN is known by an imposter, the transaction is compromised with 100% certainty. If the signature is known by the imposter, however, there is a lower probability of success so there is a significant deterrent to the would be imposter attempting to forge the signature. PA1 2) The PIN may be forgotten by the customer. The signature is never forgotten. PA1 3) The PIN provides no hard audit trail back to the actual customer. With a signature, the audit trail is in the form of a reproducible signature image. PA1 4) Requiring a signature provides a convenient (albeit not always 100% reliable) human comparison of submitted and authentic signatures. The PIN system offers no comparable capability. PA1 (a) the customer account is credited temporarily pending investigation; PA1 (b) the acquiring bank (or merchant bank) is debited pending investigation; PA1 (c) the retailer is asked by the acquiring bank to produce a copy of the sales slip with the customer's signature on it (about 30% of these slips are not produced by the retailer); PA1 (d) if the retailer cannot produce a sales slip with a valid or legible signature he loses the revenue from the transaction. If the signature is fraudulent, either the card issuer or the retailer stands the loss; PA1 (e) if the retailer produces a valid transaction record, the charge is reinstated in the customer's account and the acquiring bank is once more credited with the transaction value. PA1 1) $1.0 Billion in credit card transactions PA1 2) Average ticket value $200 PA1 3) 3000 ECR's PA1 Savings=$600,000/year PA1 Savings=$540,000/year PA1 Savings=$612,000/year PA1 Total system costs=$850,000 PA1 (a) eliminating the chargebacks attributable to lost or illegible transaction copies; PA1 (b) virtually eliminating the administrative effort associated with filing, retrieval and the chargeback process; PA1 (c) streamlining the payment process at the register by eliminating the duplicate copy of the credit card slip and automating the reconciliation process; PA1 (d) vastly improving the efficiency of satisfying the "request for copy" process in the acquiring merchant banks so that close to 100% of these requests will be satisfied within days rather than 70% of the requests satisfied in weeks. In addition, the acquirer is compensated handsomely by the issuer for satisfying the retrieval requests in a timely manner; PA1 (e) significantly reducing credit card fraud (which, today stands at over $1 billion) using the electronic signature verification feature (some of these signature terminals which generate such an attractive return to the retailer contain the capability, turned on by software at the host device or register, to verify the submitted signature at point of service). PA1 1) The transaction items are rung up at the register and the customer tenders a smart card which could be used to trigger a charge transaction to the retailers loyalty card, to a bank card or to a travel related proprietary card. Alternatively it could be tendered as a check guarantee card. In any case, the card is inserted into the slot of the smart card reader integrated into the signature terminal which is connected to the register and the customer selects the appropriate transaction type. PA1 2) The signature image of the authentic cardholder which was written at personalization (stored on the card in ROM in less than 500 bytes) is passed to the register which displays it prominently on the screen. PA1 3) The verification template of the cardholder (stored in EEPROM in about 50 bytes with an embedded message authentication code) created at personalization, is read from the smart card and passed to the signature terminal which tests the template for authenticity and then prompts for a signature. The signature is captured electronically as the receipt is signed by the customer and is passed to the register for display and (human) comparison with the authentic image already displayed. PA1 4) In parallel with this process, the signature terminal carries out the signature verification analysis and passes back to the register the result of the analysis (pass or fail and/or a mis-match score). This is the third significant item of information that the sales associate requires for validation of identity. The sales associate will now use this information to determine whether further identity checks are required. The whole process has taken place while the signature is being submitted--part of the normal transaction process--and the system forces the comparison decision to take place by requiring the sales associate to ACCEPT or DECLINE the transaction before it is closed out. PA1 5) Only if the signature is accepted by the signature terminal, irrespective of the sales associate's decision on the transaction, is the verification template (with a new authentication code embedded within it) re-written to the smart card. The calculation uses the previous template and the last good signature as the basis for the new template. This allows the template to mold itself to the user over time and a constantly changing authentication code protects a verification template, changed on the card by some third party, from being used at the next transaction. PA1 A digitizer located beneath and spaced from the writing surface together with circuitry to locate the position of a stylus moving on the surface or on a record member located on the surface. PA1 A means of locating the record member on the signature tablet such that the plane of the record member coincides with that of the x,y plane of the digitizer during the writing of the signature. PA1 A means of enabling said record member to be inserted easily into position from the top or from the side and to avoid the member moving on the surface when the signature is written with the stylus. PA1 A stylus coupled electrically or electro-magnetically to the digitizer with or without a replaceable ink refill. PA1 An integrated IC (smart) card connector controlled by the signature tablet processor such that data including an electronic signature image may be read from and/or written to an intelligent or memory based IC card. PA1 A means of two-way communication with a host device so that a signature captured electronically may be compared with that stored on the smart card or at the host device and may be communicated to the host together with the result of the signature comparison for display, storage, onward transmission or hard copy reproduction. PA1 A method of comparing a submitted signature against a signature verification template supplied from the host or from a smart card based upon the extraction of a number of mathematically defined features. PA1 A method of authenticating the verification template against tampering by means of writing a template authentication code into the signature verification template at creation and update and by checking the authentication code whenever the template is communicated to the tablet. PA1 A method of updating the verification template after each accepted signature so that the template molds itself to the author if the signature changes gradually over time. PA1 A means of enrolling new authors through checking for compatibility of a minimum of three initial signatures. PA1 A means of automatically detecting the host communications protocol and adapting the communications port accordingly. PA1 A means of operating the signature tablet wirelessly allowing it to be moved easily from one location to another. PA1 A means of determining the angle of submission of the signature and correcting for said angle before signature comparison. PA1 A special means of calculating the angle of submission which minimizes the sum of squared errors perpendicular to the line of regression rather than the sum of vertical or horizontal squared errors. PA1 A special means of compressing and representing the captured signature to minimize the number of points defining the signature so that points almost on a straight line are eliminated and each x,y coordinate pair, or the differences between successive coordinate pairs, is represented in two eight bit binary numbers or in three bytes or more of ASCII code. PA1 A means of encrypting the captured signature using a transaction based number communicated to the tablet from the host prior to communicating the signature back to the host. PA1 A means of decrypting the signature when supplied with the encrypted signature and the original transaction based number from an attached host. PA1 A signature tablet with these features containing a PIN pad allowing PIN based cardholder authentication to take place supporting DUKPT (derived unique key per transaction) and Master Session key management. PA1 An electronic signature tablet containing these features with an integrated LCD display allowing the electronically captured signature to be displayed on said LCD. PA1 A means of authenticating the validity of an IC card by utilizing public key encryption, using the IC card's public key to decrypt a message encrypted by the private key from the card. PA1 Customization parameters stored in non-volatile fashion characterizing the operation of signature capture, signature verification, signature compression, and signature encryption.
The handling of signed paper receipts as evidence of a transaction has also become a significant problem. For some time now retailers and the acquiring banks have been concerned with the cost in time and effort associated with dealing with the "request for copy" process. The process starts when a customer, not recognizing an item on his monthly credit card statement, calls his issuer to query the charge. The credit card company rules define the further procedures as follows:
About 0.4% of all credit card transactions are challenged in this manner. With the paper-based "signature on file" process, each investigation can drag on for about four weeks before a resolution is reached. The acquiring bank is out of pocket during this period to the extent of the value of the transaction and expends valuable time attempting to resolve the dispute. Recent rules have been introduced by Visa and MasterCard which cause the issuers to provide a strong financial incentive to the acquirers to respond quickly to retrieval requests.
The retailer, in order to service the request for copy efficiently, often installs expensive microfilm systems and is asked to keep copies for up to three years. To service each request someone must physically search out the copy and regenerate an image of the transaction. If the retailer does not install such equipment it is estimated that on an average of up to 30% of the copies cannot be found and the retailer loses the sale revenue under these circumstances. In order to prepare for requests for copy and to reconcile the credit card transactions with the register audit tape, all systems generate an extra copy of the transaction details which are reconciled and batched for processing each day. All this effort is quite costly to the retailer.