Many businesses now use e-signatures to authenticate documents and sign contracts. Some of these e-signatures are relatively primitive, and involve a scrawled line on a tablet or phone screen. At the other end of the scale, digital cryptography allows sensitive data to be stored, transmitted and shared. Yet this bypasses the most human form of security: the written signature.
Researchers at University College London’s Visual Computing lab say that they’ve found a way to copy anyone’s handwriting using detailed measurements and analysis of the characters. Once their algorithm understands how the human writes, it can generate practically any sentence using the same shapes. The technique can even account for inconsistencies in the way we write certain letters.
Faking a Signature
One researcher, Tom Haines, explained to the BBC that this could be used for legitimate purposes. For example, there are some situations where a handwritten note is considered less formal than a computer printout. There may also be situations where someone has lost the ability to write after an illness, yet would like to retain the feeling of creating their own handwriting somehow.
But could this also be an area that’s prone to be exploited by hackers?
The UCL team call their system My Text In Your Handwriting, and they say it can reproduce the individual quirks that make each person’s handwriting unique. That could be the key to mimicking a signature on a cheque, for example. Their algorithm accounts for random variations, and avoids the uniformity of a traditional font. Reddit users have raised the possibility of similar software being used to make junk mail look legitimate, because people are more likely to pay attention to handwritten addresses.
However, there is one guaranteed way to tell the difference between human writing and computer-generated copies.
When the computer-generated handwriting is examined closely, experts can tell that it has been printed, rather than written by a pen, due to the composition of the dots that make up the characters. Interestingly, the algorithm behind My Text In Your Handwriting to be used to detect forgeries, because of the way it analyses the shape of written words.
The Weakest Link
In information security, it’s widely accepted that humans are now the weakest link in the chain. A business can spend tens of thousands of pounds on networking monitoring, but if just one person is tricked into revealing their password, the entire system can fall flat.
If computers can accurately reproduce human signatures, it might be time for humans to change their behaviour and banish the handwritten signature to the waste paper basket of history. Let’s face it: many of us no longer use pen and paper at all, save for signing the occasional letter.