This paper outlines various challenges in creating a distance education course that involves laboratory activities.

1. The Challenge of Forgeries and Perception of Dynamic Signature
Verification
Stephen J. Elliott, Ph.D. and Adam R. Hunt
Biometric Standards, Performance, and Assurance Laboratory
Purdue University
West Lafayette, Indiana, 47906, United States
e-mail: {elliott, arhunt}@purdue.edu
Abstract: Dynamic Signature Verification (DSV) is unique among other biometric authentication
technologies as there is no clearly defined method of creating a forgery. This research examined the
perception of the signature to the forger (how easy an individual perceives the signature to be forged),
and whether there were any characteristics common among the groupings of difficulty. The dynamic
variables of the signature were then examined to establish which statistical variables were susceptible
to forgery using forensic tools. Overall, it seems that both the genuine and impostor groups do not
single out a specific dynamic trait within their judgment of an “easy” or “difficult” signature.
Furthermore, it also shows that individuals have difficulty in assigning a speed to their signature – i.e.
the perception of speed is different for each individual (both genuine and impostor), and additionally,
both the impostors and genuine users ranked their signatures differently when asked about the
perceived level of difficulty.
Keywords: dynamic signature verification, biometric technology, forgeries
1. Introduction
Dynamic Signature Verification has long been used to authenticate individuals based on their signing
characteristics. Applications such as document authenticity, financial transactions, and paper-based
transactions have all at one time used the signature to convey the intent to complete a transaction [1],
[2]. Dynamic signature verification is a subset of a larger science called biometrics, that aims to
authenticate an individual based on either behavioral or physiological traits, including fingerprint
recognition, hand geometry, and voice recognition. The signature is a behavioral biometric which has
some unique traits that make it harder to test and evaluate than some of the other behavioral biometrics
such as voice or face recognition. These challenges include the fact that a signature is learnt, it
contains variant measures, can be changed by the owner, has several versions of the signature, all
depending on the transaction or intent of the signer. Additionally, current dynamic signature
verification applications are normally in lieu of a paper / ink combination (such as a retail point-of-
sale), and therefore the signature might not be verified at the specific moment of the transaction, rather
challenged at a later date. The typical consensus is that these input variables are gathered from a
digitizer and include x, y (Cartesian co-ordinates), p (pressure) or force, and t (time) [3]. These input
variables are then used to create the global and local features described in various accounts in the
literature [4, 5]. Dynamic signature verification has a number of statistical features that can be derived
from the basic set of data that a digitizer provides, and these vary significantly across algorithms. [6]
outlined 61 features, [7] note over 40 feature types, [8] have 44 features. [2] describe the x, y co-
ordinates of the pen motion. [9] observes that the temporal “characteristics of the production of an on-
line signature are the key to the signature’s verification” (page 5). Typical signature functions include
pressure vs. time, horizontal and vertical components of position, velocity, acceleration and force, all
against time. Another way of characterizing a signature is through the analysis of the “stroke” that is,
the pen down, pen up movement of the pen on the digitizer. All of these various dynamic traits that
are collected during the act of signing are said to make an impostor signature easier to detect.
Proceedings of the 6th International Conference on Recent Advances in Soft
Computing (RASC 2006), K. Sirlantzis (Ed.), pp. 455-459, 2006

2. 2. Dynamic Signature Verification and Forgeries
Biometric testing and evaluation typically create a probability of an impostor signature getting
accepted as a genuine signature. These outcomes are generally denoted by a False Accept, or a False
Reject under conditions of zero effort. Such an attempt is defined as “where an impostor uses his or
her own biometric sample and claims the identity of a different enrollee” [10]. The determination of
the forger in dynamic signature verification is somewhat of a challenge, as a zero effort forgery would
require the impostor to sign his or her own name while claiming the identity of the different enrollee.
So understanding how to test and evaluate the signature in a forgery setting is an interesting research
question. In the literature, there is no real consensus on how best to challenge a signature. In the
Signature Verification Competition, genuine signers created different signatures that were not their
own in order to maintain their own privacy [11]. In [12], a number of different methodologies were
outlined to generate the impostor distribution, with the majority of impostors using some form of
practice. In [13], the authors defined three different levels of forgeries, the simple, statically skilled,
and timed (page 643). [2] used signatures that “on casual visual inspection would pass as authentic”
(page 201), and [14] provides three characteristics, the random forgery – defined as one that belongs to
“a different writer of the signature model”, simple forgery that is represented by a similar shape
consistency with the genuine signers shape, and the third is represented by a skilled forger (page 2).
This variability in impostor signature generated the following research questions – what is the initial
threat of the signature, and how should this be measured?
The majority of signature fraud is done within the financial services sector. A 1993 Hansard transcript
discussed the level of fraud on credit cards, with the fraud rate doubling in five years. Additionally, the
signature on the back of the card is often not checked by the retailer. One study noted that cashiers in
a retail environment were unable to detect forged signatures [15]. One could argue that a more
“secure” method of authentication on credit cards is called for, but recent studies and news articles
also highlight some of the issues relating to chip + PIN transactions, notably tampered devices and
shoulder surfing, the latter discussed in [16].
The motivation in this paper is to assess the basic attack on a signature, in the case of a stolen credit
card, and to determine the Perceived Strength of the Signature (PSS). The PSS is a concept that
indicates that an “opportunistic forger” will not forge a signature that is “hard” to forge, as their
success at the point-of-sale may be not as high as an “easy” signature. This is more of an
“opportunistic” forgery as opposed to a more sophisticated attack on the signature as outlined in
previous research. For the case of this study, an opportunistic forger is analogous to an “opportunistic
thief” – working on their own without any equipment [16]. This definition is further enhanced by the
fact that there is no practice in forging the signature. Furthermore, the study outlines a “ground truth”
– that is what the genuine signature owner’s perception of their strength of signature is, and tries to
understand whether an owner of a genuine signature has the same or different perception of the
signature than that of the forger.
3. Methodology
In order to understand the “ground truth” of the PSS, each of the genuine signature owners were asked
the following questions about their signature:
1) how easy their signature was to forge (rated on a Likert scale)
2) how fast or slow they signed their signature (rated on a Likert scale from slow to fast)
3) handedness (right or left handed; ambidextrous was not an option in the survey)
These basic questions were asked in order to assess whether the forger was able to predict the speed
and “forgeability” of their signature, which was typically centered on the dynamic traits of speed or
velocity, time, and graphical outline or complexity of the shape. Each genuine signature owner signed
a consent form and this signature was used as the basis for the impostor test. The consent form was

3. used primarily because the genuine signature owner had some intent to sign it, and it would be as close
as possible to a financial transaction signature. Each of the genuine signature owners were then asked
to sign on a digitizer three times. The digitizer that was used was an Interlink Electronics ePad Ink
Pro™ device which has 100-400 reports per second, and 300 dots per inch [17]. The device was
connected to forensic signature software to collect all of the information from the digitizer, but the
subjects could not see the signature or the information on the PC monitor as they signed. The digitizer
did display their signature as they signed their name electronically on it. The three signatures were
then processed, with the resultant variables averaged across the signatures.
The impostor group was a separate group of 9 individuals who were asked the following questions
while looking at the signed consent form of each individual in the genuine group:
1) how easy the genuine signature was to forge (rated on a Likert scale)
2) how fast or slow did they estimate the genuine signature to be (rated on a Likert scale
from slow to fast)
3) what was the handedness of the genuine subject (right or left handed; ambidextrous was
not an option in the survey)
4. Results
A total of 60 genuine signature owners participated in the experiment. Out of the 60 subjects, 1 was
female and 59 were males. Out of these 60 genuine signature owners, 36 of them signed the digitizer.
The remainder did not sign (or dropped out of the study). There was a retention rate in the study of
60%. This was then compared to the mean scores of the 9 impostor individuals who rated the
signatures based on the above questions.
A t-test was used to determine whether the mean of the genuine and impostor groups were statistically
significant from each other with regard their perceived level of difficulty, with α level set to 0.05. In
the study, the data were normally distributed, and there were no outliers in the dataset. The data were
ranked with 1 being easy to forge, and 5 being difficult to forge. Table 1 outlines the results of the test.
Note that when a genuine subject rated their signature as “neutral” so did the forger. The difference in
the “very difficult” category has a p-value of 0.053. This shows that both groups did not have
significantly different means, but an argument for this is that both the genuine and impostor groups
may have defaulted to the “very difficult” or “neutral” categories if they could not determine whether
a signature fitted into the other categories. All of the other categories show there is a statistically
significant difference between the means of the genuine and impostor groups, and thus there are
grounds to reject the null hypothesis that genuine and impostor signature owners perceive their
signature strength to be the same.
When analyzing speeds (see Table 2) denoted by 1 being “fast” and 5 being “slow” both groups had
significant differences, except for the “neutral” standing. Neither group assigned group 4 as a speed.
When examining the dynamic features of the signature (36 individuals signing on the digitizer out of
the original 60 individuals who completed the genuine group consent form signing), an Analysis of

4. Variance test was conducted over all of the individual variables that were extracted from the digitizer.
These 54 individual variables (speed, number of segments etc.) were set as the response in the
ANOVA test, and difficulty was assigned as the factor. At α = 0.05, none of these variables were
significantly different across each difficultly group. For the forger group, the ANOVA showed no
significance with these extracted variables and difficulty group. There were some interesting
correlations however; speed was negatively correlated with difficulty (-0.191, with p-value 0.273), as
was the number of strokes and difficulty at -0.314 for the genuine group. The forger group had a
slightly positive correlation with speed, and slightly negative correlation with segments (-0.081).
Figure 1 shows the distribution of the genuine and impostor rankings within difficulty groups.
Data
Frequency
543210
35
30
25
20
15
10
5
0
2.723 1.317 65
3.092 0.8239 65
Mean StDev N
Genuine
Impostors
Variable
Histogram of Genuine, Impostors
Normal
Figure 1: Distribution of Genuine and Impostor ratings
When analyzing handedness, the impostor group could not consistently determine the handedness of
the genuine users. Only 3 out of 8, 37.5%, of the forgers correctly identified a left-handed signature
and 3 of the left-handed signatures were not correctly identified at all. Comparably, 7 of 49 right-
handed signatures were correctly identified by all forgers. However, the least accurate results showed
that 5 of 8 forgers incorrectly identified a signature as left-handed when it was, in fact, right-handed.
5. Conclusions
The subjects in this study were challenged when it came to ranking their own “strength of signature”
in a Likert scale category, and tended to opt for the extremes and neutrals, as opposed to categories
“2” and “4”. The impostors also had difficulty in assigning strength, and therefore an individual’s
perception of strength it not necessarily at the same rank as an impostor’s perception for that same
signature. For speed, the same difficulties arise again; individuals seem to pick the extremes when
establishing “speed” values, i.e. “very fast,” “very slow” or neutral. Even when this is the case, both
groups still cannot accurately determine speed rates.
With regard to ranking the “difficulty of forgery”, it was interesting to note the genuine user group
migrated again towards the extremes, as shown in Figure 1 with a bimodal distribution, as opposed to
the impostor group which tended towards a neutral category resulting in a more normal distribution.
Another result worthy of note was that impostors could not accurately determine handedness when
viewing a genuine signature.
Overall, it seems that both the genuine and impostor groups do not single out a specific dynamic trait
within their judgment of an “easy” or “difficult” signature. Furthermore, it also shows that individuals
have difficulty in assigning a speed to their signature – i.e. the perception of speed is different for each
individual (both genuine and impostor), and additionally, both the impostors and genuine users ranked
their signatures differently when asked about the perceived level of difficulty. Thus the addition of

5. dynamic traits within a signature may help in the prevention of fraud and identity theft. Future work
will be to assess the different levels of forgery as the novice forger becomes more skilled, and to
examine which of these dynamic traits are susceptible to the forger.
References
[1] D. J. Hamilton, J. Whelan, A. McLaren, I. MacIntyre, and A. Tizzard, "Low cost dynamic
signature verification system," presented at 1995 European Convention on Security and
Detection, Brighton, UK, 1995.
[2] W. Nelson and E. Kishon, "Use of dynamic features for signature verification," presented at
1991 IEEE International Conference on Systems, Man, and Cybernetics "Decision Aiding for
Complex Systems", Charlottesvill, VA, 1991.
[3] C. Vielhauer, R. Steinmetz, and A. Mayerhofer, "Biometric hash based on statistical features
of online signatures," presented at 16th International Conference on Pattern Recognition, 2002.
[4] F. Leclerc and R. Plamondon, Automatic Signature Verification: The State of the Art - 1989-
1993. Singapore: World Scientific Publishing Co., 1994.
[5] J.-J. Brault and R. Plamondon, "A Complexity Measure of Handwritten Curves: Modeling of
Dynamic Signature Forgery," IEEE Transactions on Systems, Man, and Cybernetics, vol. 23,
pp. 400-413, 1993.
[6] M. C. Fairhurst and S. Ng, "Management of access through biometric control: A case study
based on automatic signature verification," Universal Access in the Information Society, vol. 1,
pp. 31-39, 2001.
[7] A. Kholmatov and B. Yanikoglu, "Biometric Authentication Using Online Signatures,"
presented at 19th International Symposium on Computer and Information Sciences - ISCIS
2004, Kemer-Antalya, Turkey, 2004.
[8] H. D. Crane and J. S. Ostem, "Automatic Signature Verification using a Three-axis Force-
Sensitive Pen," IEEE Transactions on Systems, Man, and Cybernetics, vol. 13, pp. 329-337,
1983.
[9] V. Nalwa, "Automatic On-Line Signature Verification," Proceedings of the IEEE, vol. 85, pp.
215-239, 1997.
[10] I. I. J. S. WG1, "Vocabulary Standing Document SD2," vol. 2005: ISO/IEC JTC1 SC37 WG1,
2005.
[11] D.-Y. Yeung, H. Chang, Y. Xiong, S. George, R. Kashi, T. Matsumoto, and G. Rigoll, "SVC
2004: First International Signature Verification Competition," presented at First International
Conference on Biometric Authentication, ICBA, Hong Kong, China, 2004.
[12] S. Elliott, "A Comparison of On-Line Dynamic Signature Trait Variables vis-à-vis Mobile
Computing Devices and Table-Based Digitizers," in Third Workshop on Automatic
Identification Advanced Technologies. Tarrytown, NY: IEEE, 2002.
[13] L. Lee, Berger, T. & Aviczer E, "Reliable On-Line Human Signature Verification Systems,"
IEEE Trans. Pattern Analysis Machine, vol. 18, pp. 643-647, 1996.
[14] E. J. R. Justino, Bortolozzi, F., and Sabourin R, "The Interpersonal and Intrapersonal
Variability Influences on Off-Line Signature Verification using HMM," presented at
Proceedings of the XV Brazillian Symposium on Computer Graphics and Image Processing
(SIBGRAPHI'02), 2002.
[15] R. Kemp, Towell, N., & Pike, G, "When Seeing should not be Believing: Photographs, Credit
Cards, and Fraud," Applied Cognitive Psychology, vol. 11, pp. 211-222, 1996.
[16] D. Cvrcek, Krhovjak, J., & V. Matyas, "PIN (& Chip) or signature - beating the cheating?."
Brno, Czech Republic, 2005.
[17] Interlink Electronics, "E-Pad Signature Pad Specification Sheet," 2006.