Section III
Applications of Technology in Forensic Document Examination
Chapter 14
Forensic Analysis of Handwritten Electronic Signatures
Kathleen Annunziata Nicolaides and Khody R. Detwiler
CONTENTS
14.1 Where Are Electronic Signatures Found and Why Is It Important to Be able to Authenticate Them?
14.2 History of Electronic Signature Laws
14.3 Dynamic Signature Research
14.4 Tablets and Capture Devices
14.5 What Is Gained and What Is Lost in the Analysis of a Dynamic Signature?
14.6 Electronic Signature Analysis in Casework
14.7 Electronic Signature Analysis in Court
14.8 Looking Forward
References
14.1 Where Are Electronic Signatures Found and Why Is It Important to Be able to Authenticate Them?
Just as many forensic document examiners (FDEs) experienced a decline in the number of typewriter cases being submitted as the “computer age” was emerging in the late 1980s, technological advancements taking place today are certain to change the landscape of the field once again. With the innovations in modern technology and the appeal of a paperless workflow, the use of e-signatures as a means of conducting day-to-day business is quickly becoming second nature in most industries. This is especially true with insurance companies, banking institutions, hospitals, and virtually every point of sale merchant. While it may seem like a much more efficient way to conduct business, this process undoubtedly raises a host of authentication concerns, creating the need for FDEs to be able to authenticate and verify electronic signatures just as they do with traditional “wet-ink” signatures.
Although there are several additional steps when conducting an analysis of an electronically-captured handwritten signature as compared to a traditional wet-ink signature, the methodology and principles established in the field over a century ago still apply. Specifically, in both analyses, the FDE relies upon a variety of factors, including writing speed, fluidity, directionality, pictorial agreement, skill, and overall writing quality, when forming his or her ultimate opinion of authenticity. In a traditional signature analysis, these characteristics are often interpreted in a subjective manner by the examiner, based upon his or her training, experience, and knowledge. However, when using the information contained in the raw signature data file associated with an electronically-captured handwritten signature, many of these features can be quantified. The international FDE community has conducted research developing and validating the techniques used in handwritten electronic signature examinations for more than two decades. This research and methodology will be extensively discussed in this chapter.
14.2 History of Electronic Signature Laws
As with many technological expansions, the overall effectiveness of a product or system is often decided by its efficiency and use by the general public. Considering the potential power and wealth that is often associated with the execution of a signature, it is imperative that electronic signatures have the capability of being authenticated and verified. Although the concept of electronic signature analysis may seem like a relatively new area of forensic document examination, federal and state e-signature laws have been in effect for the past two decades.
In 1999, the National Conference of Commissioners on Uniform State Laws (NCCUSL) adopted the Uniform Electronic Transactions Act (UETA). In short, UETA provides that a record or signature may not be denied legal validity or enforceability solely because it is in an electronic format.1 It should be noted that UETA is not intended to encompass all transactions, only business, commercial, and governmental matters. Since its inception, 47 states, as well as the District of Columbia, Puerto Rico, and the US Virgin Islands, have adopted UETA. Although Illinois, New York, and Washington have yet to do so, all three states have similar counterparts addressing the legality of electronic records and signatures.
Like UETA, on June 30, 2000 the federal government passed the United States Electronic Signatures in Global and National Commerce Act (ESIGN Act), which addresses the validity of electronic records and signatures used in transactions influencing interstate or foreign commerce.2 In consideration of both UETA and ESIGN, an electronic signature may be deemed legally valid when meeting or exceeding the following requirements:
Intent to sign – As the heading suggests, for an electronic signature to be considered valid, there must be a recognized intention from all involved parties to sign electronically.
Consent to do business electronically – All parties must give consent to conduct business electronically, which is often verified by the circumstances surrounding the transaction. (Please note that special considerations to this requirement may apply under ESIGN and UETA.)
Association of signature with the record – Every transaction executed with an electronic signature must include a record that specifies how the electronic signature was created.
Record retention – Lastly, all electronic signature records must be stored and archived in a manner so that they can also be accurately reproduced in the event that any party to the transaction wishes to do so.
14.3 Dynamic Signature Research
There are many types of electronic signatures. Some do not include the physical act of signing your name, instead employing cryptographic techniques (or digital signatures) to authenticate a document. Entering a PIN number at an ATM machine is an example of a digital signature being used in lieu of a signed checking withdrawal.
Handwritten electronic signatures include signatures collected on digitizing devices that have been (a) captured as images only or (b) captured as temporal and movement data. The first subgroup is often referred to as static signatures and the latter subgroup as dynamic signatures.3 Of the two subgroups, questioned dynamic signatures tend to be more identifiable since they contain a graphical representation of the signature as well as timing and movement data that aids greatly in signature verification.
Signature dynamics have been researched for decades for both authentication or biometric applications. Tytell describes an on-line signature verification system developed and tested in the 1970s by Veripen, Inc. using their SIGNAC system. Research conducted found “that a dynamic pressure pattern in the signature writing of an individual is consistent over time, varies significantly between individuals, and is almost impossible for another person to imitate.”4 A decade later, the IBM Thomas J. Watson Research Center developed and tested an automatic signature verification system which used analysis of pressure and acceleration data to determine if the signer was intoxicated; the last trial of this system resulted in a success rate of over 99%.
When casework first started in the area of handwritten electronic signatures, methodology had to be developed that would work in analyzing the dynamic data collected using various devices and software. This was important since the FDE might not have access to the proprietary software used to collect the dynamic data, nor be able to explain to a jury how that software works.
Flynn, who in the late 1990s had worked with Topaz© in developing forensic software for analysis of signatures captured with Topaz tablets,5 was one of the first North American FDEs to research and codify methodology for the forensic examination of dynamic data and electronically-captured biometric signatures. Using a Topaz tablet where both a wet-ink and dynamic signature were captured simultaneously, he conducted a study to determine if signatures plotted in Excel using dynamic data were an accurate representation of the corresponding wet-ink signatures. Flynn found that the plotted si...