IMDA Systems: Digital Signature Verification ECE-492/3 Senior Design Project Spring 2011 Electrical and Computer Engineering Department Volgenau School of Engineering George Mason University Fairfax, VA Team members: Faculty Supervisor: Zainab Hameda Benchekroun, Bassam Dourassi, Tarek Lahlou, and Dane Larsen Dr. Vasiliki Ikonomidou and Dr. Gerald Cook Abstract: The team (IMDA Systems) has implemented a user enrollment system in which software integrated with a tablet learns the biometric information for each user. This verification process is initiated through a graphical user interface by requesting the user to enter their name and signature. The signature is acquired using a touch screen and a custom built stylus. The information is then transferred via a USB microcontroller to a processing unit where it is displayed and analyzed. The biometric information is then extracted and compared to the pre-existing information from the user s directory within the centralized database. The algorithm used for the verification process is a correlation and feature detection algorithm. As the data (x, y, p, t) is read, it is parsed into x versus time, y versus time, and p (pressure) versus time. Each of these functions is one-to-one and conveys better correlation results. Once the data is collected, it undergoes segmentation, interpolation/decimation, and errorpoint correction. After the data passes through this pre-processing stage, it is then either stored for system training or tested for verification. Features such as height-to-width ratio and speed are checked as well as correlation between spatial position vectors and pressure. 1. Background Developments in digital technology continue to increase exponentially each year. This growth results in a need for new and heightened security techniques, especially considering the existence of third parties who may attempt to corrupt and take advantage of various digital systems. A personalized signature is one way to verify the authenticity of an individual. The signature has distinct biometric characteristics that can be analyzed to verify that the individual is who he says he or she is. Through this verification, the user is protected from personal and financial fraud. There are sophisticated techniques that are used to examine the validity of these signatures however despite the high level of security, the problem of at forging signatures continues to prevail. The current policy and practice of transaction verification is minimal and unfaithfully executed. The need for online digital signature verification is predicted to increase with the evolution of the global economy. The idea of a touch
screen that asks for the user s signature, analyzes the signature in real time, and verifies the user s identity could be implemented world-wide. This would drastically decrease credit card fraud and forgery in this fast-paced economy. 2. System design Figure 1 shows the top-level black box design as well as the white box design (system architecture) for this project. Major components of the system include: A stylus with a pressure sensor, a touch pad, a microcontroller, and processing software. The pressure information is collected from the stylus, amplified and transmitted through the Arduino to the computer along with information on the x and y positions. The software then graphs the signature and stores the x, y, and pressure information versus time. In the training phase, the system processes a user-provided signature and subsequently goes through a verification step. In the recognition phase, the system assigns a score to a signature and marks it as a pass or forgery. Figure 1: System design The hardware schematic and final device are shown in Figure 2. A dedicated stylus was built to sense pressure information. Once the stylus tip comes into contact with the touch screen, the moving rod inside a stylus applies pressure on the spring, which in turn applies pressure on the force sensor resistor (FSR) force sensor. The corresponding pressure is transmitted to the microcontroller for processing. The FSR was tested for minimum and maximum weight it could support. It was calibrated to read the minimum resistance possible at rest (no pressure
applied). The tip of the stylus was developed such that it responded accordingly to the smallest pressure applied on the tablet. Figure 2: Hardware schematics, stylus design, and final input device Incoming data from the pen is preprocessed using several algorithms shown in Figure 3.Erroneous data spikes within the graphed input signatures were detected. Through debugging, it was determined that the tablet was the source of the problem. Due to the tablet architecture, the two layers composing its surface need minimum pressure to accurately read a voltage in order to determine the actual position of the stylus. To help eliminate the issue a software smoothing filter was implemented. Original and smoothed images are shown in the figure below for comparison. Figure 3: Data pre-processing software architecture and results of added signature smoothing The Cartesian coordinates of the stylus are used to first record the image of the signature for comparison with the existing signature image on file. Second, they are used to help determine, in conjunction with the time input, the local velocity of the stylus during the signature. The software developed accomplishes the following: Take information directly from the USB input Create an image of the signature Record the number of pen lifts
Record stylus pressure (p) Record time spent Calculate the height-to-width ratio Parses the xy incoming stream inputs into x versus time (t) and y versus time (t) Interact directly with the database of enrolled users Communicate with the GUI Implement an enrollment algorithm o Interpolate or decimate the signature as necessary o Average the number of input signatures collected Implement a verification algorithm o Check segments o Check time o Check Height-to-width ratio o Check correlation of x versus t o Check correlation of y versus t o Check correlation of p versus t Final decision for acceptance or denial of user s signature Once in training mode, the features are loaded from the database. The incoming data is then simultaneously sent for preprocessing. Preprocessing creates normalized copies of the input that are to be used for effective correlation. When preprocessed, the algorithm then calls the model (correlation) to learn about the incoming features and stores them in the database. In the verification mode, the same steps are taken as in the training mode up until the preprocessing block. The data and stored information is then loaded and once the results are calculated, they are then compared to the information from the database. Finally, the percentage of matching is computed. 3. Decision making The decision making process is shown in Figure 4where a segmented signature is to be compared with models stored in the database. To assure full functionality of the device, the decision process is performed in two stages. Stage one checks for the segmentation and timing of the signatures. Stage two checks for the correlation (x vs. t, y vs. t, and p vs. t), and height-to-width ratio (HWR).Note that it is not possible to get to stage two without successfully passing stage one. Three levels were incorporated regarding potential scenarios that could arise in a real setting. Level zero (L0) assumes the forger only knows he name of the signee. Level one (L1) assumes the forger knows the name and the image of the signature. Level two (L2) then assumes the forger has total access to all biometric features that would help him/her duplicate someone else s signature; given time, number of segments, HWR, and correlation of x vs. t, y vs. t, and p vs. t. Figure 4: Decision making process
Normalized cross-correlation was used to compare segments. This correlation can determine the amount of similarity between two functions when searching for the peak. This is one of the simplest methods one can use on limited computing devices or when a decision must be made in a very short time. Alternative and better methods include Markov Fields but they could not be applied due to their computational burden. Cross-correlation computation is repeated for: X-position vs. Time, Y-position vs. Time, and Pressure vs. Time. The maximum of this function is taken near the origin (+/- 10%) when the sequences are the same length. For final decision making, a score is computed using the Nelder-Mead simplex (direct search) method: where: The Nelder-Mead helped compute the best weight distribution between all the extracted features as follow: HWR X Corr Y Corr P Corr 10 % 5 % 70 % 15 % 4. Experimentation and testing There were multiple phases to the testing process. The user s first enrolled in the database. Three to five signatures are averaged to learn about the variations of the signee. The user is then asked multiple times to verify against himself/herself. It should be noted that the user is asked to perform the same task at various times at least twice (the user is enrolled and verified the same day and then at a late day). Finally, various skillful forgers are given numerous attempts to break into the system in order to learn how well the algorithm performs. The following chart shows the testing results conducted with the help of thirty volunteers. Stage Level Stage 1 (Speed & No. of Sections) Stage 2 (HWR & Correlation) Final Result Level 0 (Viewing the name in text only) 100 % (30/30) - 100 % (30/30) Level 1 (Viewing the name in text and written signature) 10 attempts per user 87 % (26/30) 50% (2/4) 93.3% (28/30) Level 2 (Full knowledge of all characteristics and practiced) 25 attempts per user 40 % (12/30) 83% (15/18) 90 % (27/30)
The graph bellow determines the threshold between the real signee and the forger. Notice that there is a threshold of at least 10 percent difference in score. Figure 5: Score separation between the real signee and the forger 5. Final decision making Incorporating the weighting discussed previously, below are testing results collected from forgers allowed up to 25 trials each: TA TR FA FR Level 0 92% 100% 0% 8% Level 1 92% 91% 9% 8% Level 2 92% 90% 10% 8% where: True Acceptance (TA): True signature accepted True Rejection (TR): False signature rejected False Acceptance (FA): Forged signature accepted False Rejection (FR): True signature rejected 6. Conclusions Identity theft and credit card fraud has been a major concern for many businesses nowadays. Several technologies have been proposed in an attempt to help secure both customers and businesses alike. However, most existent devices are expensive and incorporate very complicated algorithms which raise the issue of software maintenance. Though there is certainly room for improvement, the product described herewith fulfills all the requirements set in the proposal. Its ability to potentially detect forgeries can help secure identities and keep the trust within the business community. Lastly, it is believed that this competitively priced device will find use in all sectors of business from government, banks, to small and large businesses, and self e-signature transactions in general.