How do living politicians protect their readily obtainable signatures from misuse?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
Many living politicians' signatures are found online or can handily be acquired (You can write them, and their letters will contain their signature). Thus do they use a different signature for personal private documents? If not, how can they guarantee that their signatures aren't replicated without their consent? I deliberately quote signatures of lesser-known politicians.
The Rt Hon. George Osborne MP
The Honourable Rona Ambrose PC
Some members of the Minnesota House & Senate
physical-signature
|
show 7 more comments
Many living politicians' signatures are found online or can handily be acquired (You can write them, and their letters will contain their signature). Thus do they use a different signature for personal private documents? If not, how can they guarantee that their signatures aren't replicated without their consent? I deliberately quote signatures of lesser-known politicians.
The Rt Hon. George Osborne MP
The Honourable Rona Ambrose PC
Some members of the Minnesota House & Senate
physical-signature
8
What harm do you believe could be done by replicating the signature of George Osborne, for instance?
– Nate Eldredge
Apr 18 at 15:10
42
You seem to be missing the fact that signatures don't actually mean anything.
– only_pro
Apr 18 at 15:49
3
@NateEldredge Someone can use his signature and commit fraud?
– Postmodernist Antinatalist
Apr 19 at 2:17
6
@PostmodernistAntinatalist: But what specific fraudulent acts would those be, and would they actually succeed? I think you'll find that, in this day and age, one cannot really achieve any significant evil ends just by copying a person's signature.
– Nate Eldredge
Apr 19 at 2:30
4
@PostmodernistAntinatalist: But what companies actually offer such an order form, and depend only on signature matching to authenticate? The point I'm trying to make is that you are not the first to realize that it is very common for unauthorized people to have access to a person's signature, and therefore in real life, people do not design systems that rely solely on signatures as an authentication mechanism. Any such systems would have collapsed under rampant fraud long ago.
– Nate Eldredge
Apr 20 at 23:01
|
show 7 more comments
Many living politicians' signatures are found online or can handily be acquired (You can write them, and their letters will contain their signature). Thus do they use a different signature for personal private documents? If not, how can they guarantee that their signatures aren't replicated without their consent? I deliberately quote signatures of lesser-known politicians.
The Rt Hon. George Osborne MP
The Honourable Rona Ambrose PC
Some members of the Minnesota House & Senate
physical-signature
Many living politicians' signatures are found online or can handily be acquired (You can write them, and their letters will contain their signature). Thus do they use a different signature for personal private documents? If not, how can they guarantee that their signatures aren't replicated without their consent? I deliberately quote signatures of lesser-known politicians.
The Rt Hon. George Osborne MP
The Honourable Rona Ambrose PC
Some members of the Minnesota House & Senate
physical-signature
physical-signature
edited Apr 19 at 2:16
Postmodernist Antinatalist
asked Apr 18 at 5:59
Postmodernist AntinatalistPostmodernist Antinatalist
18625
18625
8
What harm do you believe could be done by replicating the signature of George Osborne, for instance?
– Nate Eldredge
Apr 18 at 15:10
42
You seem to be missing the fact that signatures don't actually mean anything.
– only_pro
Apr 18 at 15:49
3
@NateEldredge Someone can use his signature and commit fraud?
– Postmodernist Antinatalist
Apr 19 at 2:17
6
@PostmodernistAntinatalist: But what specific fraudulent acts would those be, and would they actually succeed? I think you'll find that, in this day and age, one cannot really achieve any significant evil ends just by copying a person's signature.
– Nate Eldredge
Apr 19 at 2:30
4
@PostmodernistAntinatalist: But what companies actually offer such an order form, and depend only on signature matching to authenticate? The point I'm trying to make is that you are not the first to realize that it is very common for unauthorized people to have access to a person's signature, and therefore in real life, people do not design systems that rely solely on signatures as an authentication mechanism. Any such systems would have collapsed under rampant fraud long ago.
– Nate Eldredge
Apr 20 at 23:01
|
show 7 more comments
8
What harm do you believe could be done by replicating the signature of George Osborne, for instance?
– Nate Eldredge
Apr 18 at 15:10
42
You seem to be missing the fact that signatures don't actually mean anything.
– only_pro
Apr 18 at 15:49
3
@NateEldredge Someone can use his signature and commit fraud?
– Postmodernist Antinatalist
Apr 19 at 2:17
6
@PostmodernistAntinatalist: But what specific fraudulent acts would those be, and would they actually succeed? I think you'll find that, in this day and age, one cannot really achieve any significant evil ends just by copying a person's signature.
– Nate Eldredge
Apr 19 at 2:30
4
@PostmodernistAntinatalist: But what companies actually offer such an order form, and depend only on signature matching to authenticate? The point I'm trying to make is that you are not the first to realize that it is very common for unauthorized people to have access to a person's signature, and therefore in real life, people do not design systems that rely solely on signatures as an authentication mechanism. Any such systems would have collapsed under rampant fraud long ago.
– Nate Eldredge
Apr 20 at 23:01
8
8
What harm do you believe could be done by replicating the signature of George Osborne, for instance?
– Nate Eldredge
Apr 18 at 15:10
What harm do you believe could be done by replicating the signature of George Osborne, for instance?
– Nate Eldredge
Apr 18 at 15:10
42
42
You seem to be missing the fact that signatures don't actually mean anything.
– only_pro
Apr 18 at 15:49
You seem to be missing the fact that signatures don't actually mean anything.
– only_pro
Apr 18 at 15:49
3
3
@NateEldredge Someone can use his signature and commit fraud?
– Postmodernist Antinatalist
Apr 19 at 2:17
@NateEldredge Someone can use his signature and commit fraud?
– Postmodernist Antinatalist
Apr 19 at 2:17
6
6
@PostmodernistAntinatalist: But what specific fraudulent acts would those be, and would they actually succeed? I think you'll find that, in this day and age, one cannot really achieve any significant evil ends just by copying a person's signature.
– Nate Eldredge
Apr 19 at 2:30
@PostmodernistAntinatalist: But what specific fraudulent acts would those be, and would they actually succeed? I think you'll find that, in this day and age, one cannot really achieve any significant evil ends just by copying a person's signature.
– Nate Eldredge
Apr 19 at 2:30
4
4
@PostmodernistAntinatalist: But what companies actually offer such an order form, and depend only on signature matching to authenticate? The point I'm trying to make is that you are not the first to realize that it is very common for unauthorized people to have access to a person's signature, and therefore in real life, people do not design systems that rely solely on signatures as an authentication mechanism. Any such systems would have collapsed under rampant fraud long ago.
– Nate Eldredge
Apr 20 at 23:01
@PostmodernistAntinatalist: But what companies actually offer such an order form, and depend only on signature matching to authenticate? The point I'm trying to make is that you are not the first to realize that it is very common for unauthorized people to have access to a person's signature, and therefore in real life, people do not design systems that rely solely on signatures as an authentication mechanism. Any such systems would have collapsed under rampant fraud long ago.
– Nate Eldredge
Apr 20 at 23:01
|
show 7 more comments
5 Answers
5
active
oldest
votes
They don't. Outside the lowest security scenarios, signatures aren't intended to be security feature to prevent forgery.
In most cases, putting a signature on paper is just ceremonial. The actual details/decision may have been recorded through other means. For example, depending on what exactly is being signed and how sensitive the matters is, by witnesses (whether by sworn individuals or even just casually), through publications in mass media, or filed into a register on a trusted computer system/filing cabinet.
In the latter case, the paper you receive, even when physically signed with ink and even if it's the paper signed when you shake hands in agreement, might just be considered a copy of the true records in the registry you don't really see. This is similar to how a birth/death/university degree certificate is really just a copy of the registration detail in your civil/university records, the only really important detail in that piece of paper is the record number rather than the signature. A person who has reasonable suspicion that the letters might be a forgery should confirm with the office of the relevant signer to check for its authenticity. For important, formal letters, there may be a filing number for the file that you can cite to confirm the content of the letter.
2
Even if there's no filing number, even the most mundane document is likely to be dated and contain some kind of reference; for example, both documents shown by OP contain a recipient name and address, and one contains what is presumably a document date (the other contains an effective date). Assuming a half-way decent filing system, that should be sufficient to locate the "true" record.
– a CVn
Apr 20 at 13:05
add a comment |
If not, how can they guarantee that their signatures aren't replicated without their consent?
They can't - but this problem is not restricted to politicians. Many of us leave signatures in various places (bank, rental agreements ...) and we have no control of who has access to these signatures, might scan these and reuse these somewhere else.
In other words: the trust which can be placed in a document just because it seems to be signed is very limited, especially if this is not the original document but just a copy or electronic representation. Everybody who has to rely on such documents need to be aware of this and needs to have additional verification depending on the kind of trust actually needed.
11
In fact, the first letter even states that it wasn't signed by George Osbourne personally - it's just a scan of his signature printed onto the letter...
– Matthew
Apr 18 at 8:37
1
Before PayPal, peoplr on eBay mailed paper checks. Hundreds of people got my sig and bank account numbers (on the bottom of every check). Never had a problem with my sig, but someone used my bank account numbers to charge their auto insurance once. I reversed, but by that time they had gotten their proof of insuranve for the DMV ...
– Harper
Apr 18 at 21:39
add a comment |
Hand written signature is a very old concept. It is just based on few assumptions:
- putting one's own signature on a original document is an explicit consent on what is written on the document
- a copy of the original just have no value at all, unless it is in turned manually signed by an authority that confirms that it is correct
- forging a handwritten signature is forbidden by law and will lead to legal actions.
That is a totally different concept from digital signature. Once a digital document is signed, it is admitted that it can be copied at will and any copy will have the same value. And the protection is technical while the protection of a handwritten signature is mainly legal.
Once I have said that, there are some caveats:
- a manually signed telecopy have just no legal value, until you can find the original document - it is just a hint that the original might exists
- digital archives of manually signed documents have no legal value, unless special procedures are used to have an authority to confirm that they were correct by digitally signing the digital archive. And the force of that archives cannot be greater than the faith on the authority that signed them
Because of that, images of handwritten signatures do not need special protection.
1
"identity theft, a type of forgery wherein a person forges a writing in order to assume the identity of another, is a felony under federal law, punishable by a fine and many years' imprisonment." – criminaldefenselawyer.com. If you want to tangle with the FBI, go commit fraud somewhere. Bonus points if you mail it (a second federal offense) all but guaranteeing it will then be heard in a Federal court.
– Mazura
Apr 19 at 0:35
There are digital signatures that involve some form of digitally signing a file, so they're not images but rather cryptographic digital signatures. These do seem to have legal standing.
– bob
Apr 19 at 18:15
add a comment |
Signatures have started out as an honor system: before widespread literacy, there was no realistic means of telling one X from another. They haven't come far since.
Currently, the only security measure is that ink signatures on paper can be analyzed by forensic document examiners to determine if a signature matches others produced by the person it's meant to identify. This requires physical access to the paper to examine the ink very closely.
Translating this to modern security concepts, there is no secret in the image of the signature. Rather, the image is public and simultaneously serves as a signature and a sample (certificate) for verifying other signatures by the same person. The secret or the private key is the exact sequence of strokes with the angle, velocity and pressure for each, required to produce the same imprint on paper.
These parameters and their distribution over each stroke are difficult to match manually and will usually differ enough for an expert to distinguish. Non-manual reproduction, be it by photocopy or facsimile, is much easier to detect.
Electronic tablets meant to capture handwritten signatures digitally also record and store these parameters, not just the image, in an attempt to provide similar protection. However, the current industry practice for this, at least in the largest vendor's implementation, relies on steganography rather than cryptography, rendering it insecure.
nod. One can get inks with deliberately unusual chemical characteristics -- the Warden's series from Noodler's is onesuch; as I understand it, they send a sample from each batch to the FBI lab that does forgery investigations... but honestly, almost anyone buying that ink is doing so knowing that it's more for their own personal satisfaction rather than as a safety feature that's likely to be of any practical use (except against the most old-school of cheque washers, with regard to whom the deliberate indifference to common solvents may be useful!)
– Charles Duffy
Apr 18 at 14:59
add a comment |
Anyone's signature on anything is subject to verification if challenged in court. Celebrities sometimes have assistants (or machines) sign photos for them. If someone presents them with a check or contract that they apparently signed, they can argue that their signature was duplicated without authorization and the other party has to prove otherwise.
There's even a system in place to avoid this entire problem. A notary public offers a service where they serve as an official, impartial witness for your signing of a document after verifying your identity. They keep a legal record of the event that can be used in court to confirm that a signature was genuine and proper. If a document is important enough that a forged signature is a real problem, then there will almost certainly be a requirement to have that signature notarized.
Even notarized documents are to a large extent on the honor system since there is nothing to ensure that all of the pages that are present in the document at any particular point in time are the ones that were there when the document was notarized.
– supercat
Apr 19 at 22:41
1
@supercat They don't mark each page?
– David Richerby
Apr 19 at 23:12
1
Also what about evil notaries?
– beppe9000
Apr 20 at 15:32
@DavidRicherby: I don't think I've ever seen a notary do anything with individual pages. I've sometimes been required to initial every page, but if initials were unforgeable there'd be no need for notaries.
– supercat
Apr 20 at 16:35
1
@beppe9000 Is that where the word "notorious" comes from? *baddum-tsh*
– David Richerby
Apr 20 at 17:00
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "162"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f207640%2fhow-do-living-politicians-protect-their-readily-obtainable-signatures-from-misus%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
5 Answers
5
active
oldest
votes
5 Answers
5
active
oldest
votes
active
oldest
votes
active
oldest
votes
They don't. Outside the lowest security scenarios, signatures aren't intended to be security feature to prevent forgery.
In most cases, putting a signature on paper is just ceremonial. The actual details/decision may have been recorded through other means. For example, depending on what exactly is being signed and how sensitive the matters is, by witnesses (whether by sworn individuals or even just casually), through publications in mass media, or filed into a register on a trusted computer system/filing cabinet.
In the latter case, the paper you receive, even when physically signed with ink and even if it's the paper signed when you shake hands in agreement, might just be considered a copy of the true records in the registry you don't really see. This is similar to how a birth/death/university degree certificate is really just a copy of the registration detail in your civil/university records, the only really important detail in that piece of paper is the record number rather than the signature. A person who has reasonable suspicion that the letters might be a forgery should confirm with the office of the relevant signer to check for its authenticity. For important, formal letters, there may be a filing number for the file that you can cite to confirm the content of the letter.
2
Even if there's no filing number, even the most mundane document is likely to be dated and contain some kind of reference; for example, both documents shown by OP contain a recipient name and address, and one contains what is presumably a document date (the other contains an effective date). Assuming a half-way decent filing system, that should be sufficient to locate the "true" record.
– a CVn
Apr 20 at 13:05
add a comment |
They don't. Outside the lowest security scenarios, signatures aren't intended to be security feature to prevent forgery.
In most cases, putting a signature on paper is just ceremonial. The actual details/decision may have been recorded through other means. For example, depending on what exactly is being signed and how sensitive the matters is, by witnesses (whether by sworn individuals or even just casually), through publications in mass media, or filed into a register on a trusted computer system/filing cabinet.
In the latter case, the paper you receive, even when physically signed with ink and even if it's the paper signed when you shake hands in agreement, might just be considered a copy of the true records in the registry you don't really see. This is similar to how a birth/death/university degree certificate is really just a copy of the registration detail in your civil/university records, the only really important detail in that piece of paper is the record number rather than the signature. A person who has reasonable suspicion that the letters might be a forgery should confirm with the office of the relevant signer to check for its authenticity. For important, formal letters, there may be a filing number for the file that you can cite to confirm the content of the letter.
2
Even if there's no filing number, even the most mundane document is likely to be dated and contain some kind of reference; for example, both documents shown by OP contain a recipient name and address, and one contains what is presumably a document date (the other contains an effective date). Assuming a half-way decent filing system, that should be sufficient to locate the "true" record.
– a CVn
Apr 20 at 13:05
add a comment |
They don't. Outside the lowest security scenarios, signatures aren't intended to be security feature to prevent forgery.
In most cases, putting a signature on paper is just ceremonial. The actual details/decision may have been recorded through other means. For example, depending on what exactly is being signed and how sensitive the matters is, by witnesses (whether by sworn individuals or even just casually), through publications in mass media, or filed into a register on a trusted computer system/filing cabinet.
In the latter case, the paper you receive, even when physically signed with ink and even if it's the paper signed when you shake hands in agreement, might just be considered a copy of the true records in the registry you don't really see. This is similar to how a birth/death/university degree certificate is really just a copy of the registration detail in your civil/university records, the only really important detail in that piece of paper is the record number rather than the signature. A person who has reasonable suspicion that the letters might be a forgery should confirm with the office of the relevant signer to check for its authenticity. For important, formal letters, there may be a filing number for the file that you can cite to confirm the content of the letter.
They don't. Outside the lowest security scenarios, signatures aren't intended to be security feature to prevent forgery.
In most cases, putting a signature on paper is just ceremonial. The actual details/decision may have been recorded through other means. For example, depending on what exactly is being signed and how sensitive the matters is, by witnesses (whether by sworn individuals or even just casually), through publications in mass media, or filed into a register on a trusted computer system/filing cabinet.
In the latter case, the paper you receive, even when physically signed with ink and even if it's the paper signed when you shake hands in agreement, might just be considered a copy of the true records in the registry you don't really see. This is similar to how a birth/death/university degree certificate is really just a copy of the registration detail in your civil/university records, the only really important detail in that piece of paper is the record number rather than the signature. A person who has reasonable suspicion that the letters might be a forgery should confirm with the office of the relevant signer to check for its authenticity. For important, formal letters, there may be a filing number for the file that you can cite to confirm the content of the letter.
edited Apr 18 at 13:10
answered Apr 18 at 13:04
Lie RyanLie Ryan
24.4k35178
24.4k35178
2
Even if there's no filing number, even the most mundane document is likely to be dated and contain some kind of reference; for example, both documents shown by OP contain a recipient name and address, and one contains what is presumably a document date (the other contains an effective date). Assuming a half-way decent filing system, that should be sufficient to locate the "true" record.
– a CVn
Apr 20 at 13:05
add a comment |
2
Even if there's no filing number, even the most mundane document is likely to be dated and contain some kind of reference; for example, both documents shown by OP contain a recipient name and address, and one contains what is presumably a document date (the other contains an effective date). Assuming a half-way decent filing system, that should be sufficient to locate the "true" record.
– a CVn
Apr 20 at 13:05
2
2
Even if there's no filing number, even the most mundane document is likely to be dated and contain some kind of reference; for example, both documents shown by OP contain a recipient name and address, and one contains what is presumably a document date (the other contains an effective date). Assuming a half-way decent filing system, that should be sufficient to locate the "true" record.
– a CVn
Apr 20 at 13:05
Even if there's no filing number, even the most mundane document is likely to be dated and contain some kind of reference; for example, both documents shown by OP contain a recipient name and address, and one contains what is presumably a document date (the other contains an effective date). Assuming a half-way decent filing system, that should be sufficient to locate the "true" record.
– a CVn
Apr 20 at 13:05
add a comment |
If not, how can they guarantee that their signatures aren't replicated without their consent?
They can't - but this problem is not restricted to politicians. Many of us leave signatures in various places (bank, rental agreements ...) and we have no control of who has access to these signatures, might scan these and reuse these somewhere else.
In other words: the trust which can be placed in a document just because it seems to be signed is very limited, especially if this is not the original document but just a copy or electronic representation. Everybody who has to rely on such documents need to be aware of this and needs to have additional verification depending on the kind of trust actually needed.
11
In fact, the first letter even states that it wasn't signed by George Osbourne personally - it's just a scan of his signature printed onto the letter...
– Matthew
Apr 18 at 8:37
1
Before PayPal, peoplr on eBay mailed paper checks. Hundreds of people got my sig and bank account numbers (on the bottom of every check). Never had a problem with my sig, but someone used my bank account numbers to charge their auto insurance once. I reversed, but by that time they had gotten their proof of insuranve for the DMV ...
– Harper
Apr 18 at 21:39
add a comment |
If not, how can they guarantee that their signatures aren't replicated without their consent?
They can't - but this problem is not restricted to politicians. Many of us leave signatures in various places (bank, rental agreements ...) and we have no control of who has access to these signatures, might scan these and reuse these somewhere else.
In other words: the trust which can be placed in a document just because it seems to be signed is very limited, especially if this is not the original document but just a copy or electronic representation. Everybody who has to rely on such documents need to be aware of this and needs to have additional verification depending on the kind of trust actually needed.
11
In fact, the first letter even states that it wasn't signed by George Osbourne personally - it's just a scan of his signature printed onto the letter...
– Matthew
Apr 18 at 8:37
1
Before PayPal, peoplr on eBay mailed paper checks. Hundreds of people got my sig and bank account numbers (on the bottom of every check). Never had a problem with my sig, but someone used my bank account numbers to charge their auto insurance once. I reversed, but by that time they had gotten their proof of insuranve for the DMV ...
– Harper
Apr 18 at 21:39
add a comment |
If not, how can they guarantee that their signatures aren't replicated without their consent?
They can't - but this problem is not restricted to politicians. Many of us leave signatures in various places (bank, rental agreements ...) and we have no control of who has access to these signatures, might scan these and reuse these somewhere else.
In other words: the trust which can be placed in a document just because it seems to be signed is very limited, especially if this is not the original document but just a copy or electronic representation. Everybody who has to rely on such documents need to be aware of this and needs to have additional verification depending on the kind of trust actually needed.
If not, how can they guarantee that their signatures aren't replicated without their consent?
They can't - but this problem is not restricted to politicians. Many of us leave signatures in various places (bank, rental agreements ...) and we have no control of who has access to these signatures, might scan these and reuse these somewhere else.
In other words: the trust which can be placed in a document just because it seems to be signed is very limited, especially if this is not the original document but just a copy or electronic representation. Everybody who has to rely on such documents need to be aware of this and needs to have additional verification depending on the kind of trust actually needed.
answered Apr 18 at 6:40
Steffen UllrichSteffen Ullrich
123k16216283
123k16216283
11
In fact, the first letter even states that it wasn't signed by George Osbourne personally - it's just a scan of his signature printed onto the letter...
– Matthew
Apr 18 at 8:37
1
Before PayPal, peoplr on eBay mailed paper checks. Hundreds of people got my sig and bank account numbers (on the bottom of every check). Never had a problem with my sig, but someone used my bank account numbers to charge their auto insurance once. I reversed, but by that time they had gotten their proof of insuranve for the DMV ...
– Harper
Apr 18 at 21:39
add a comment |
11
In fact, the first letter even states that it wasn't signed by George Osbourne personally - it's just a scan of his signature printed onto the letter...
– Matthew
Apr 18 at 8:37
1
Before PayPal, peoplr on eBay mailed paper checks. Hundreds of people got my sig and bank account numbers (on the bottom of every check). Never had a problem with my sig, but someone used my bank account numbers to charge their auto insurance once. I reversed, but by that time they had gotten their proof of insuranve for the DMV ...
– Harper
Apr 18 at 21:39
11
11
In fact, the first letter even states that it wasn't signed by George Osbourne personally - it's just a scan of his signature printed onto the letter...
– Matthew
Apr 18 at 8:37
In fact, the first letter even states that it wasn't signed by George Osbourne personally - it's just a scan of his signature printed onto the letter...
– Matthew
Apr 18 at 8:37
1
1
Before PayPal, peoplr on eBay mailed paper checks. Hundreds of people got my sig and bank account numbers (on the bottom of every check). Never had a problem with my sig, but someone used my bank account numbers to charge their auto insurance once. I reversed, but by that time they had gotten their proof of insuranve for the DMV ...
– Harper
Apr 18 at 21:39
Before PayPal, peoplr on eBay mailed paper checks. Hundreds of people got my sig and bank account numbers (on the bottom of every check). Never had a problem with my sig, but someone used my bank account numbers to charge their auto insurance once. I reversed, but by that time they had gotten their proof of insuranve for the DMV ...
– Harper
Apr 18 at 21:39
add a comment |
Hand written signature is a very old concept. It is just based on few assumptions:
- putting one's own signature on a original document is an explicit consent on what is written on the document
- a copy of the original just have no value at all, unless it is in turned manually signed by an authority that confirms that it is correct
- forging a handwritten signature is forbidden by law and will lead to legal actions.
That is a totally different concept from digital signature. Once a digital document is signed, it is admitted that it can be copied at will and any copy will have the same value. And the protection is technical while the protection of a handwritten signature is mainly legal.
Once I have said that, there are some caveats:
- a manually signed telecopy have just no legal value, until you can find the original document - it is just a hint that the original might exists
- digital archives of manually signed documents have no legal value, unless special procedures are used to have an authority to confirm that they were correct by digitally signing the digital archive. And the force of that archives cannot be greater than the faith on the authority that signed them
Because of that, images of handwritten signatures do not need special protection.
1
"identity theft, a type of forgery wherein a person forges a writing in order to assume the identity of another, is a felony under federal law, punishable by a fine and many years' imprisonment." – criminaldefenselawyer.com. If you want to tangle with the FBI, go commit fraud somewhere. Bonus points if you mail it (a second federal offense) all but guaranteeing it will then be heard in a Federal court.
– Mazura
Apr 19 at 0:35
There are digital signatures that involve some form of digitally signing a file, so they're not images but rather cryptographic digital signatures. These do seem to have legal standing.
– bob
Apr 19 at 18:15
add a comment |
Hand written signature is a very old concept. It is just based on few assumptions:
- putting one's own signature on a original document is an explicit consent on what is written on the document
- a copy of the original just have no value at all, unless it is in turned manually signed by an authority that confirms that it is correct
- forging a handwritten signature is forbidden by law and will lead to legal actions.
That is a totally different concept from digital signature. Once a digital document is signed, it is admitted that it can be copied at will and any copy will have the same value. And the protection is technical while the protection of a handwritten signature is mainly legal.
Once I have said that, there are some caveats:
- a manually signed telecopy have just no legal value, until you can find the original document - it is just a hint that the original might exists
- digital archives of manually signed documents have no legal value, unless special procedures are used to have an authority to confirm that they were correct by digitally signing the digital archive. And the force of that archives cannot be greater than the faith on the authority that signed them
Because of that, images of handwritten signatures do not need special protection.
1
"identity theft, a type of forgery wherein a person forges a writing in order to assume the identity of another, is a felony under federal law, punishable by a fine and many years' imprisonment." – criminaldefenselawyer.com. If you want to tangle with the FBI, go commit fraud somewhere. Bonus points if you mail it (a second federal offense) all but guaranteeing it will then be heard in a Federal court.
– Mazura
Apr 19 at 0:35
There are digital signatures that involve some form of digitally signing a file, so they're not images but rather cryptographic digital signatures. These do seem to have legal standing.
– bob
Apr 19 at 18:15
add a comment |
Hand written signature is a very old concept. It is just based on few assumptions:
- putting one's own signature on a original document is an explicit consent on what is written on the document
- a copy of the original just have no value at all, unless it is in turned manually signed by an authority that confirms that it is correct
- forging a handwritten signature is forbidden by law and will lead to legal actions.
That is a totally different concept from digital signature. Once a digital document is signed, it is admitted that it can be copied at will and any copy will have the same value. And the protection is technical while the protection of a handwritten signature is mainly legal.
Once I have said that, there are some caveats:
- a manually signed telecopy have just no legal value, until you can find the original document - it is just a hint that the original might exists
- digital archives of manually signed documents have no legal value, unless special procedures are used to have an authority to confirm that they were correct by digitally signing the digital archive. And the force of that archives cannot be greater than the faith on the authority that signed them
Because of that, images of handwritten signatures do not need special protection.
Hand written signature is a very old concept. It is just based on few assumptions:
- putting one's own signature on a original document is an explicit consent on what is written on the document
- a copy of the original just have no value at all, unless it is in turned manually signed by an authority that confirms that it is correct
- forging a handwritten signature is forbidden by law and will lead to legal actions.
That is a totally different concept from digital signature. Once a digital document is signed, it is admitted that it can be copied at will and any copy will have the same value. And the protection is technical while the protection of a handwritten signature is mainly legal.
Once I have said that, there are some caveats:
- a manually signed telecopy have just no legal value, until you can find the original document - it is just a hint that the original might exists
- digital archives of manually signed documents have no legal value, unless special procedures are used to have an authority to confirm that they were correct by digitally signing the digital archive. And the force of that archives cannot be greater than the faith on the authority that signed them
Because of that, images of handwritten signatures do not need special protection.
edited Apr 20 at 13:08
a CVn
6,54312446
6,54312446
answered Apr 18 at 14:37
Serge BallestaSerge Ballesta
17.8k33062
17.8k33062
1
"identity theft, a type of forgery wherein a person forges a writing in order to assume the identity of another, is a felony under federal law, punishable by a fine and many years' imprisonment." – criminaldefenselawyer.com. If you want to tangle with the FBI, go commit fraud somewhere. Bonus points if you mail it (a second federal offense) all but guaranteeing it will then be heard in a Federal court.
– Mazura
Apr 19 at 0:35
There are digital signatures that involve some form of digitally signing a file, so they're not images but rather cryptographic digital signatures. These do seem to have legal standing.
– bob
Apr 19 at 18:15
add a comment |
1
"identity theft, a type of forgery wherein a person forges a writing in order to assume the identity of another, is a felony under federal law, punishable by a fine and many years' imprisonment." – criminaldefenselawyer.com. If you want to tangle with the FBI, go commit fraud somewhere. Bonus points if you mail it (a second federal offense) all but guaranteeing it will then be heard in a Federal court.
– Mazura
Apr 19 at 0:35
There are digital signatures that involve some form of digitally signing a file, so they're not images but rather cryptographic digital signatures. These do seem to have legal standing.
– bob
Apr 19 at 18:15
1
1
"identity theft, a type of forgery wherein a person forges a writing in order to assume the identity of another, is a felony under federal law, punishable by a fine and many years' imprisonment." – criminaldefenselawyer.com. If you want to tangle with the FBI, go commit fraud somewhere. Bonus points if you mail it (a second federal offense) all but guaranteeing it will then be heard in a Federal court.
– Mazura
Apr 19 at 0:35
"identity theft, a type of forgery wherein a person forges a writing in order to assume the identity of another, is a felony under federal law, punishable by a fine and many years' imprisonment." – criminaldefenselawyer.com. If you want to tangle with the FBI, go commit fraud somewhere. Bonus points if you mail it (a second federal offense) all but guaranteeing it will then be heard in a Federal court.
– Mazura
Apr 19 at 0:35
There are digital signatures that involve some form of digitally signing a file, so they're not images but rather cryptographic digital signatures. These do seem to have legal standing.
– bob
Apr 19 at 18:15
There are digital signatures that involve some form of digitally signing a file, so they're not images but rather cryptographic digital signatures. These do seem to have legal standing.
– bob
Apr 19 at 18:15
add a comment |
Signatures have started out as an honor system: before widespread literacy, there was no realistic means of telling one X from another. They haven't come far since.
Currently, the only security measure is that ink signatures on paper can be analyzed by forensic document examiners to determine if a signature matches others produced by the person it's meant to identify. This requires physical access to the paper to examine the ink very closely.
Translating this to modern security concepts, there is no secret in the image of the signature. Rather, the image is public and simultaneously serves as a signature and a sample (certificate) for verifying other signatures by the same person. The secret or the private key is the exact sequence of strokes with the angle, velocity and pressure for each, required to produce the same imprint on paper.
These parameters and their distribution over each stroke are difficult to match manually and will usually differ enough for an expert to distinguish. Non-manual reproduction, be it by photocopy or facsimile, is much easier to detect.
Electronic tablets meant to capture handwritten signatures digitally also record and store these parameters, not just the image, in an attempt to provide similar protection. However, the current industry practice for this, at least in the largest vendor's implementation, relies on steganography rather than cryptography, rendering it insecure.
nod. One can get inks with deliberately unusual chemical characteristics -- the Warden's series from Noodler's is onesuch; as I understand it, they send a sample from each batch to the FBI lab that does forgery investigations... but honestly, almost anyone buying that ink is doing so knowing that it's more for their own personal satisfaction rather than as a safety feature that's likely to be of any practical use (except against the most old-school of cheque washers, with regard to whom the deliberate indifference to common solvents may be useful!)
– Charles Duffy
Apr 18 at 14:59
add a comment |
Signatures have started out as an honor system: before widespread literacy, there was no realistic means of telling one X from another. They haven't come far since.
Currently, the only security measure is that ink signatures on paper can be analyzed by forensic document examiners to determine if a signature matches others produced by the person it's meant to identify. This requires physical access to the paper to examine the ink very closely.
Translating this to modern security concepts, there is no secret in the image of the signature. Rather, the image is public and simultaneously serves as a signature and a sample (certificate) for verifying other signatures by the same person. The secret or the private key is the exact sequence of strokes with the angle, velocity and pressure for each, required to produce the same imprint on paper.
These parameters and their distribution over each stroke are difficult to match manually and will usually differ enough for an expert to distinguish. Non-manual reproduction, be it by photocopy or facsimile, is much easier to detect.
Electronic tablets meant to capture handwritten signatures digitally also record and store these parameters, not just the image, in an attempt to provide similar protection. However, the current industry practice for this, at least in the largest vendor's implementation, relies on steganography rather than cryptography, rendering it insecure.
nod. One can get inks with deliberately unusual chemical characteristics -- the Warden's series from Noodler's is onesuch; as I understand it, they send a sample from each batch to the FBI lab that does forgery investigations... but honestly, almost anyone buying that ink is doing so knowing that it's more for their own personal satisfaction rather than as a safety feature that's likely to be of any practical use (except against the most old-school of cheque washers, with regard to whom the deliberate indifference to common solvents may be useful!)
– Charles Duffy
Apr 18 at 14:59
add a comment |
Signatures have started out as an honor system: before widespread literacy, there was no realistic means of telling one X from another. They haven't come far since.
Currently, the only security measure is that ink signatures on paper can be analyzed by forensic document examiners to determine if a signature matches others produced by the person it's meant to identify. This requires physical access to the paper to examine the ink very closely.
Translating this to modern security concepts, there is no secret in the image of the signature. Rather, the image is public and simultaneously serves as a signature and a sample (certificate) for verifying other signatures by the same person. The secret or the private key is the exact sequence of strokes with the angle, velocity and pressure for each, required to produce the same imprint on paper.
These parameters and their distribution over each stroke are difficult to match manually and will usually differ enough for an expert to distinguish. Non-manual reproduction, be it by photocopy or facsimile, is much easier to detect.
Electronic tablets meant to capture handwritten signatures digitally also record and store these parameters, not just the image, in an attempt to provide similar protection. However, the current industry practice for this, at least in the largest vendor's implementation, relies on steganography rather than cryptography, rendering it insecure.
Signatures have started out as an honor system: before widespread literacy, there was no realistic means of telling one X from another. They haven't come far since.
Currently, the only security measure is that ink signatures on paper can be analyzed by forensic document examiners to determine if a signature matches others produced by the person it's meant to identify. This requires physical access to the paper to examine the ink very closely.
Translating this to modern security concepts, there is no secret in the image of the signature. Rather, the image is public and simultaneously serves as a signature and a sample (certificate) for verifying other signatures by the same person. The secret or the private key is the exact sequence of strokes with the angle, velocity and pressure for each, required to produce the same imprint on paper.
These parameters and their distribution over each stroke are difficult to match manually and will usually differ enough for an expert to distinguish. Non-manual reproduction, be it by photocopy or facsimile, is much easier to detect.
Electronic tablets meant to capture handwritten signatures digitally also record and store these parameters, not just the image, in an attempt to provide similar protection. However, the current industry practice for this, at least in the largest vendor's implementation, relies on steganography rather than cryptography, rendering it insecure.
edited Apr 18 at 20:52
answered Apr 18 at 7:23
TheracTherac
1,902511
1,902511
nod. One can get inks with deliberately unusual chemical characteristics -- the Warden's series from Noodler's is onesuch; as I understand it, they send a sample from each batch to the FBI lab that does forgery investigations... but honestly, almost anyone buying that ink is doing so knowing that it's more for their own personal satisfaction rather than as a safety feature that's likely to be of any practical use (except against the most old-school of cheque washers, with regard to whom the deliberate indifference to common solvents may be useful!)
– Charles Duffy
Apr 18 at 14:59
add a comment |
nod. One can get inks with deliberately unusual chemical characteristics -- the Warden's series from Noodler's is onesuch; as I understand it, they send a sample from each batch to the FBI lab that does forgery investigations... but honestly, almost anyone buying that ink is doing so knowing that it's more for their own personal satisfaction rather than as a safety feature that's likely to be of any practical use (except against the most old-school of cheque washers, with regard to whom the deliberate indifference to common solvents may be useful!)
– Charles Duffy
Apr 18 at 14:59
nod. One can get inks with deliberately unusual chemical characteristics -- the Warden's series from Noodler's is onesuch; as I understand it, they send a sample from each batch to the FBI lab that does forgery investigations... but honestly, almost anyone buying that ink is doing so knowing that it's more for their own personal satisfaction rather than as a safety feature that's likely to be of any practical use (except against the most old-school of cheque washers, with regard to whom the deliberate indifference to common solvents may be useful!)
– Charles Duffy
Apr 18 at 14:59
nod. One can get inks with deliberately unusual chemical characteristics -- the Warden's series from Noodler's is onesuch; as I understand it, they send a sample from each batch to the FBI lab that does forgery investigations... but honestly, almost anyone buying that ink is doing so knowing that it's more for their own personal satisfaction rather than as a safety feature that's likely to be of any practical use (except against the most old-school of cheque washers, with regard to whom the deliberate indifference to common solvents may be useful!)
– Charles Duffy
Apr 18 at 14:59
add a comment |
Anyone's signature on anything is subject to verification if challenged in court. Celebrities sometimes have assistants (or machines) sign photos for them. If someone presents them with a check or contract that they apparently signed, they can argue that their signature was duplicated without authorization and the other party has to prove otherwise.
There's even a system in place to avoid this entire problem. A notary public offers a service where they serve as an official, impartial witness for your signing of a document after verifying your identity. They keep a legal record of the event that can be used in court to confirm that a signature was genuine and proper. If a document is important enough that a forged signature is a real problem, then there will almost certainly be a requirement to have that signature notarized.
Even notarized documents are to a large extent on the honor system since there is nothing to ensure that all of the pages that are present in the document at any particular point in time are the ones that were there when the document was notarized.
– supercat
Apr 19 at 22:41
1
@supercat They don't mark each page?
– David Richerby
Apr 19 at 23:12
1
Also what about evil notaries?
– beppe9000
Apr 20 at 15:32
@DavidRicherby: I don't think I've ever seen a notary do anything with individual pages. I've sometimes been required to initial every page, but if initials were unforgeable there'd be no need for notaries.
– supercat
Apr 20 at 16:35
1
@beppe9000 Is that where the word "notorious" comes from? *baddum-tsh*
– David Richerby
Apr 20 at 17:00
add a comment |
Anyone's signature on anything is subject to verification if challenged in court. Celebrities sometimes have assistants (or machines) sign photos for them. If someone presents them with a check or contract that they apparently signed, they can argue that their signature was duplicated without authorization and the other party has to prove otherwise.
There's even a system in place to avoid this entire problem. A notary public offers a service where they serve as an official, impartial witness for your signing of a document after verifying your identity. They keep a legal record of the event that can be used in court to confirm that a signature was genuine and proper. If a document is important enough that a forged signature is a real problem, then there will almost certainly be a requirement to have that signature notarized.
Even notarized documents are to a large extent on the honor system since there is nothing to ensure that all of the pages that are present in the document at any particular point in time are the ones that were there when the document was notarized.
– supercat
Apr 19 at 22:41
1
@supercat They don't mark each page?
– David Richerby
Apr 19 at 23:12
1
Also what about evil notaries?
– beppe9000
Apr 20 at 15:32
@DavidRicherby: I don't think I've ever seen a notary do anything with individual pages. I've sometimes been required to initial every page, but if initials were unforgeable there'd be no need for notaries.
– supercat
Apr 20 at 16:35
1
@beppe9000 Is that where the word "notorious" comes from? *baddum-tsh*
– David Richerby
Apr 20 at 17:00
add a comment |
Anyone's signature on anything is subject to verification if challenged in court. Celebrities sometimes have assistants (or machines) sign photos for them. If someone presents them with a check or contract that they apparently signed, they can argue that their signature was duplicated without authorization and the other party has to prove otherwise.
There's even a system in place to avoid this entire problem. A notary public offers a service where they serve as an official, impartial witness for your signing of a document after verifying your identity. They keep a legal record of the event that can be used in court to confirm that a signature was genuine and proper. If a document is important enough that a forged signature is a real problem, then there will almost certainly be a requirement to have that signature notarized.
Anyone's signature on anything is subject to verification if challenged in court. Celebrities sometimes have assistants (or machines) sign photos for them. If someone presents them with a check or contract that they apparently signed, they can argue that their signature was duplicated without authorization and the other party has to prove otherwise.
There's even a system in place to avoid this entire problem. A notary public offers a service where they serve as an official, impartial witness for your signing of a document after verifying your identity. They keep a legal record of the event that can be used in court to confirm that a signature was genuine and proper. If a document is important enough that a forged signature is a real problem, then there will almost certainly be a requirement to have that signature notarized.
answered Apr 19 at 2:23
btabta
34115
34115
Even notarized documents are to a large extent on the honor system since there is nothing to ensure that all of the pages that are present in the document at any particular point in time are the ones that were there when the document was notarized.
– supercat
Apr 19 at 22:41
1
@supercat They don't mark each page?
– David Richerby
Apr 19 at 23:12
1
Also what about evil notaries?
– beppe9000
Apr 20 at 15:32
@DavidRicherby: I don't think I've ever seen a notary do anything with individual pages. I've sometimes been required to initial every page, but if initials were unforgeable there'd be no need for notaries.
– supercat
Apr 20 at 16:35
1
@beppe9000 Is that where the word "notorious" comes from? *baddum-tsh*
– David Richerby
Apr 20 at 17:00
add a comment |
Even notarized documents are to a large extent on the honor system since there is nothing to ensure that all of the pages that are present in the document at any particular point in time are the ones that were there when the document was notarized.
– supercat
Apr 19 at 22:41
1
@supercat They don't mark each page?
– David Richerby
Apr 19 at 23:12
1
Also what about evil notaries?
– beppe9000
Apr 20 at 15:32
@DavidRicherby: I don't think I've ever seen a notary do anything with individual pages. I've sometimes been required to initial every page, but if initials were unforgeable there'd be no need for notaries.
– supercat
Apr 20 at 16:35
1
@beppe9000 Is that where the word "notorious" comes from? *baddum-tsh*
– David Richerby
Apr 20 at 17:00
Even notarized documents are to a large extent on the honor system since there is nothing to ensure that all of the pages that are present in the document at any particular point in time are the ones that were there when the document was notarized.
– supercat
Apr 19 at 22:41
Even notarized documents are to a large extent on the honor system since there is nothing to ensure that all of the pages that are present in the document at any particular point in time are the ones that were there when the document was notarized.
– supercat
Apr 19 at 22:41
1
1
@supercat They don't mark each page?
– David Richerby
Apr 19 at 23:12
@supercat They don't mark each page?
– David Richerby
Apr 19 at 23:12
1
1
Also what about evil notaries?
– beppe9000
Apr 20 at 15:32
Also what about evil notaries?
– beppe9000
Apr 20 at 15:32
@DavidRicherby: I don't think I've ever seen a notary do anything with individual pages. I've sometimes been required to initial every page, but if initials were unforgeable there'd be no need for notaries.
– supercat
Apr 20 at 16:35
@DavidRicherby: I don't think I've ever seen a notary do anything with individual pages. I've sometimes been required to initial every page, but if initials were unforgeable there'd be no need for notaries.
– supercat
Apr 20 at 16:35
1
1
@beppe9000 Is that where the word "notorious" comes from? *baddum-tsh*
– David Richerby
Apr 20 at 17:00
@beppe9000 Is that where the word "notorious" comes from? *baddum-tsh*
– David Richerby
Apr 20 at 17:00
add a comment |
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f207640%2fhow-do-living-politicians-protect-their-readily-obtainable-signatures-from-misus%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
8
What harm do you believe could be done by replicating the signature of George Osborne, for instance?
– Nate Eldredge
Apr 18 at 15:10
42
You seem to be missing the fact that signatures don't actually mean anything.
– only_pro
Apr 18 at 15:49
3
@NateEldredge Someone can use his signature and commit fraud?
– Postmodernist Antinatalist
Apr 19 at 2:17
6
@PostmodernistAntinatalist: But what specific fraudulent acts would those be, and would they actually succeed? I think you'll find that, in this day and age, one cannot really achieve any significant evil ends just by copying a person's signature.
– Nate Eldredge
Apr 19 at 2:30
4
@PostmodernistAntinatalist: But what companies actually offer such an order form, and depend only on signature matching to authenticate? The point I'm trying to make is that you are not the first to realize that it is very common for unauthorized people to have access to a person's signature, and therefore in real life, people do not design systems that rely solely on signatures as an authentication mechanism. Any such systems would have collapsed under rampant fraud long ago.
– Nate Eldredge
Apr 20 at 23:01