Schneier Asks Why We Accept Fax Signatures

Bruce Schneier's latest commentary looks into one of my pet peeves: faxed signature requirements. He writes "Aren't fax signatures the weirdest thing? It's trivial to cut and paste -- with real scissors and glue -- anyone's signature onto a document so that it'll look real when faxed. There is so little security in fax signatures that it's mind-boggling that anyone accepts them. Yet people do, all the time. I've signed book contracts, credit card authorizations, nondisclosure..." It's amazing how organizations are sometimes willing to accept low-quality, unverified scans delivered over POTS as authoritative, when they won't take the same information in a high-resolution scan delivered over (relatively secure) email.

Re:Actually, I LOVE the CC sig.

[eXonyte]

Did you know that putting "See ID" or "See License" invalidates a Visa card unless you sign it as well? Unless, of course, your legal name happens to be "See License".

Check out the Rules for Visa Merchants, in particular page 34 (page 29 if printed). There is some amusing information in there, such as the fact that merchants are not allowed to require ID for a credit card purchase.

[...] merchants cannot make an ID a condition of acceptance. Therefore, merchants cannot refuse to complete a purchase transaction because a cardholder refuses to provide ID.

I have no idea if MasterCard, Discover, or Amex have similar rules.