Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sign Your Name Online With A Mouse

Posted by simoniker on from the signing-mickey-mouse-frowned-upon dept.

icke writes "Soon, the way you use your mouse could help prove who you are. According to a BBC News article, scientists have found a way for people to sign their name online using a mouse instead of a pen. The technology, based on the research from Queen Mary College, University of London by Peter McOwan, 'uses a neural network to pick out the unique features of the way that someone uses a mouse.'"

13 of 236 comments (clear)

  1. This would be easy to fake by Megor1 · · Score: 5, Insightful

    You could just record the mouse movements with some macro software and then play it back whenever it asks for their signature.

    --
    Everyone that disagrees with me is a paid shill
    1. Re:This would be easy to fake by krymsin01 · · Score: 4, Insightful

      Well, I suppose it'd be trivial to check an see if one of the last couple hundred times you signed your name is am exact match (something I think only a macro, and not a human, could do), and if so, reject it.

      --
      stuff
    2. Re:This would be easy to fake by G4from128k · · Score: 4, Insightful

      Obviously if someonce can log the mouse motions with an accurate timestamp, then they can replicate the signature. But then EVERY computer-connected biometric ID system is potentially susceptable to interception/replay of the biometric key signal.

      In the case of this system, an arms race between the forger/loggers and the ID systems company would then ensue. The first countermeasure to mouse-loggers would be rejection of identical traces (as others have suggested). To this forgers would add statistical noise to the trace. The ID company would then need to create a more sophisticated statistical test that rejects traces that did not vary enough while staying within the statistical bounds of the 20 training samples that the systems asks for. An SVD on some transform of the sample signatures would help uncover both the strongest and weakest modes of variation. Signatures that did not match on the main pattern and did not vary sufficiently in expected way would be rejected. This would prevent either direct play-back or a simplistic addition of noise to the mouse trace.

      The presence of both a predicable static pattern (the "average" signature) and modes of variation (because people don't actually sign their name identically to the nanometer/nanosecond) makes this biometric key better than other more invariant biometric features that can be copied.

      --
      Two wrongs don't make a right, but three lefts do.
    3. Re:This would be easy to fake by s88 · · Score: 4, Insightful

      " If the software is smart, it will look for perfect reproductions which no human would be capable of and give an error if it detects one."

      Why do you not assume that the macro software could be "smart" and simply add some white noise to the playback?

    4. Re:This would be easy to fake by jackb_guppy · · Score: 4, Insightful

      Which then leads:

      Why do people sign electronic pads at stores when they use credit cards?

      You have just placed your last protection of who you are in a computer system that you have no control over.

      Real dumb.

  2. Question by AnimeFreak · · Score: 4, Insightful

    Would a signature created with a mouse be legally-binding?

  3. Your John Handcock is not secure by Dancin_Santa · · Score: 5, Insightful

    While it may be a huge flourish that impresses the ladies, your signature is not as secure as it would seem. Forgeries are easy to make by skilled criminals.

    Use a cryptographic key to sign. You'll be glad you did.

    1. Re:Your John Handcock is not secure by OmnipotentEntity · · Score: 5, Insightful

      The added fact that most skilled forgeries are identified by the depth of the pit in the paper (ie how hard you press down at certain points, you can imitate a shape but if you imitate it you're not doing it naturally and that shows in the patterns of heavy vs. light inking), and not by the shape of the writing, that makes the mouse signature doubly insecure. Any idiot can trace a pattern of pixels if they see it a few times.

      ___________

      --
      "Build a man a fire warm him for a day, set a man on fire and warm him for the rest of his life."
  4. ... even easier with a pen mouse. by OzPixel · · Score: 4, Insightful

    My girlfriend had a pen-shaped mouse for a while, (wrist problems), and I'd imagine signing would be much more "natural" with one of those. Neat idea, though ...

    David.

  5. right.... by hawkbug · · Score: 4, Insightful

    Because I always use a mouse the same way, this will work great.... Not. I have many different computers, all with different types of mice and software. Trackballs, eraser-head laptops, trackpad laptops, and don't even get me started about different operating systems and the software they use. This is not going to work for many reasons, and I hope business realize this sooner than later.

  6. Another odd idea that'll never work by Rosco+P.+Coltrane · · Score: 4, Insightful

    "It's another way of indicating that you as an individual are sitting there on the end of the line."

    Easy to fake with a mouse movement recorder.

    Oh and what about people who use a trackball? does the smart biometric layer apply to those hand movements?

    And the other obvious question : wouldn't it be easier to simply teach people why they should use properly formed passwords that are not "mom", "dad", "john1" or "s00persekrit"?

    In short, yet another far-fetched solution to solve a non-problem.

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
  7. Similar biometrics don't work by thepacketmaster · · Score: 5, Insightful

    After recently studying for the CISSP, I learned a great deal about biometrics. The most accurate biometrics include things like iris scans, palm scans, retina scans, etc. These are so accurate because they measure characteristics that are totally unique to individuals. Signature dynamics and keystroke dynamics are some of the most ineffective biometrics around. A big problem is they can be faked. While the article states that early trials are 99% accurate, it doesn't detail how many people have actually tried this system. (A test group of 10 wouldn't be very good.) It also doesn't mention if they tried to fake it out. The real world is a harsh place on biometrics.

    --

    --

    Luck is just skill you didn't know you had.

  8. Re:That's the point though.. by whereiswaldo · · Score: 4, Insightful

    Interesting, but there's a big problem with using a mouse to write a signature: moving from machine to machine. The ergonomics are totally different between machines, for one thing. Plus, different brands of mouse. What about mice with the thumb-rollerball? Or notebook touchpads? Or optical mice vs. crappy old mice with crud stuck in the rollers?