The ISO standard
The ISO19794/7 standard defines the biometric data interchange formats.
The interchange format is a data structure that stores graphometric data. Regulations do not require the use of this specific format, but this standard is useful because it also defines the physical parameters that are necessary to ensure that a signature is recognized as graphometric.
These formats are listed in the table, mandatory formats are in bold:
NAME | DESCRIPTION |
---|---|
X | x-coordinate, (horizontal pen position) |
Y | y-coordinate (vertical pen position) |
Z | z-coordinate (height of pen above the writing plane) |
VX | velocity in x-direction |
VY | velocity in y-direction |
AX | acceleration in x-direction |
AY | acceleration in y-direction |
T | time elapsed since the first sample |
DT | time elapsed since the previous sample point |
F | pen tip force (force applied on the writing plane) |
S | pen tip switch state (touching/not touching the writing plane) |
TX | pen tilt along the x-axis |
TY | pen tilt along the y-axis |
AZ | pen azimuth from the writing plane |
EL | pen elevation from the writing plane |
R | pen rotation |
Biometric data collection must be carried out on a device that allows for a precise sampling of the signing trait.
The sampling frequency must be equal or higher than 50Hz (50 samplings per second).
To respect this standard, the graphometric signature systems must record at least the parameters X, Y, together with T or DT.
All other parameters are optional, even if pen tip force and pen azimuth on the writing plane can be useful to the expert in case the judicial authority requests an expert opinion.
You will be contacted by our staff for more information
HOW DOES THE GRAPHOMETRIC SIGNATURE WORK?
The graphometric signature process
From a technical point of view, the application of a graphometric signature on a PDF document follows a process, repeated for each and every signature. The procedural steps are:
- The hash for the PDF document is calculated before signing
- The biometric data are captured
- An image with the signature specimen is created
- The hash and biometric data are included in a single data structure that is immediately encrypted with a public key encryption algorithm of appropriate length. An "Encrypted Signature Data Container" (ESDC) is created. The ESDC has the dual purpose of protecting the graphometric datum and indissolubly bind the signature to the document on which it has been applied.
- The ESDC is embedded in the PDF document (in compliance with the ISO 32000 standard)
- In the position of the signature area, on the page, the image with the signature specimen is applied for immediate check during the reading or printing phase
- The PDF document obtained (that is the original document with the embedded ESDC) is “sealed” in PAdES mode with a certificate of technical signature. This PAdES signature guarantees that the document cannot be edited after the graphometric signature has been applied. Therefore, this signature has no value for the purpose of signing, but is useful exclusively in terms of security of the signing process.
You will be contacted by our staff for more information
DATA SECURITY
Encrypted Signature Data Container
The Encrypted Signature Data Container is a data structure that indissolubly binds the biometric datum captured with the hash of the document for which that graphometric datum was identified.
Through ESDC encryption, the system ensures that the graphometric datum:
- Remains confidential
- Cannot be used on another document except the one for which it was originally captured
The ESDC encryption is created with a system of public and private asymmetric encryption keys.
The public key, of appropriate length, can be used exclusively for the encryption of the datum and is installed in the signature system to create the ESDC. To decrypt the datum it is necessary to have the private key.
To ensure that the ESDC is secure, and consequently the graphometric data are secure, the two keys, public and private, are generated by a “trusted third party” (generally a Notary or a Certification Authority).
The private key is safely stored by the party that created it, who is responsible for the confidentiality of the key and guarantees that it is used in a safe environment to facilitate the work of a document expert examiner, in case it is needed.
You will be contacted by our staff for more information
ADVANCED E-SIGNATURE
Graphometric signature for Advanced Electronic Signature (AES)
The graphometric signature is a technology that can be used to create an Advanced Electronic Signature because it can satisfy some of the requirements listed in the Decree of the President of the Council of Ministers of 22/02/2013. These regulations, together with the requirements guaranteed over the process, complete the framework defined in the rules for the Advanced Electronic Signature.
More specifically, the graphometric signature technology provides:
The graphometric e-signature technology, together with the definition of a process able to meet all the requirements listed in the regulations, can be easily adopted for an Advanced e-signature service.
You will be contacted by our staff for more information