From the gas station to the department store – paying for something without cash is commonplace. Now such payments become more secure: The Fraunhofer Institute for Computer Graphics Research IGD engineered a solution for inspecting the handwritten signatures directly on the bank card. The biometric "on-card comparison" additionally makes payment transactions more convenient, and it works with any ordinary commercial credit card. At this year's CeBIT in Hannover, the experts will unveil their latest prototype development.
Who isn't familiar with this scenario? You are standing at the check-out counter, a long line waiting behind you, and all you have in your wallet is just a handful of old receipts – and, thank goodness – the bank cards! There' s just no question: when it comes to paying for something, credit cards and the EC bank card make life easier. Unless the cardholder completely forgets the PIN (personal identification number). It is obviously much easier for the consumer if a purchase transaction can be sealed with a signature. But it is just as easy for a practiced hand to forge a florid signature, right? Wrong, if the biometric parameters are measured.
Like getting parcel post
The magic words which researchers at Fraunhofer IGD used to realize a bank card that can recognize a customer by his or her signature: "signature dynamics."
Each person's signature is completely unique; in the process of signing, he or she leaves behind an extraordinary – and therefore, extremely difficult to forge – biometric trace: Based on the chronological progression of the pen's position, which is traced onto a graphic tablet or touchscreen while signing, the Fraunhofer system ascertains if the cardholder's signature is genuine. In terms of security technology, there is no comparison with the conventional procedure – a purely subjective process in which the person behind the cash register verifies the signature.
Greater convenience and even more security
This process adds security and makes it twice as tough for any criminal. Even if the criminal gains possession of a card and uncovers its PIN code, biometrics places a whole new barrier in front of their activities. "The combination of knowledge, possession and biometrics is ideal, and guarantees a substantial additional benefit to the convenience and security for the cardholder," explains Alexander Nouak, head of competence center for identification and biometrics at Fraunhofer IGD.
"The comparison between the presented data and the biometric data stored in the card is done directly on the chip in the bankcard, which is protected according to established standards," explains Nouak. "So it is impossible for the biometric data to be stolen through an external device and be abused." One distinct advantage of the Fraunhofer solution: it meets all the conventional standards, so that it can be recorded onto any ordinary EC or bank credit card.
And this is how it looks in an everyday retail setting: The customer registers at his or her bank – upon card issuance, for example – by signing a touchpad. The biometric features of this signature are stored directly onto the chip in the card. When shopping, the cardholder runs the card through an ordinary merchant card reader. The reader is linked to a writing pad, on which the customer signs using an electronic pen. Once the biometric authenticity of the signature is confirmed, the transaction is authorised. Entering a PIN code is only required, as an added level of security, for those transactions that are high in amount.
Explore further: IT security for the daily life: Withdrawing money at cash machines with 'Google Glass'