A user‘s biometric signature can be any combination of letters, numbers or symbols. Most often, users will simply draw their three initials. For example, John Thomas Smith could draw the three letters “JTS”, just like he has been doing since kindergarten. Users draw this biometric signature directly onto a touchscreen device with their finger. On average, signing those three simple initials takes 3 seconds or less.
Any combination of letters, numbers or symbols
Secure biometric unique to the user and a chosen, changeable password
Dynamic security that measures both shape and timing of strokes
Accessible anywhere, at any time, with any device
Proprietary math algorithms measure multiple factors to ensure that the biometric signature drawn on the screen correctly matches the identity of an individual user.
TIMING FACTORS are used to measure the time it takes to draw strokes on the screen. Examples of timing factors include velocity of the curve and peak acceleration rate.
SHAPE FACTORS are used to measure the length and size of strokes drawn on the screen. Examples of shape factors include curvature variance & space between strokes.
“The combination of 25+ shape and timing factors identify each signature as a biometric unique to the user.”
Just like passwords, complexity of the signature affects the level of security. There are four key factors that make a strong biometric signature: shape, size, timing, and multiple strokes.
A strong biometric signature includes:
Strokes with multiple curves
Strokes that take up a large portion of the screen
Strokes performed quickly from memory
Three-factor authentication (3FA) is an industry standard definition of three recognized factors used to determine a user’s identity.
These three factors are:
The more factors satisfied through an authentication solution, the more secure that solution is.
Asignio uses all three factors of authentication.
Asignio users create their own biometric signature, something that only the user knows
The user’s registered devices become a physical token of security, something that only the user possesses
The user’s unique style of handwriting is their biometric identifier, something the user is
Biometrics authenticate a user‘s identity through physical or behavioral traits biologically unique to the user.
Hard biometrics, like fingerprints, palm scans, or iris scans, are a physical trait biologically unique to the individual. Hard biometrics require specific hardware (like a fingerprint reader) and are stored directly on a device belonging to the user. Using your fingerprint as secure authentication for social media sites, banking, and shopping accounts is equivalent to using your social security number as your password for every single account. That number may be hard to guess at random, but, once stolen, your identity (fingerprint, social security number, or otherwise) is compromised forever.
“While convenient for the user, hard biometrics risk the loss of a permanent, non-changeable biometric. If a hacker gains access to your iris or fingerprint pattern, those biometric identifiers will forever be unsafe to use.”
This is the benefit of soft biometrics. Soft biometrics are behavioral traits unique to the individual. Examples include the tone of your voice, your walking gate, or your handwriting. Soft biometrics measure learned behavioral traits when the user speaks a chosen password or signs a chosen signature. Soft biometrics store personal information off device and do not require specific hardware. In the case of a breach, simply change that signature to re-secure a compromised account, and never worry about permanent identifiers being compromised! This is a huge benefit of a chosen, changeable soft biometric.
“Soft biometrics never risk the permanent loss of your unique biometric identifier (i.e., your unique style of handwriting). A hacker may be able to compromise a specific signature, but your handwriting is never at risk.”
Beyond three-factor authentication (3FA), Asignio‘s platform includes additional layers of security for the protection of the user. Ultimately, each signature is given a risk score based on all of these security layers, indicating a level of assurance that the biometric signature truly identifies a specific user.
The following security layers factor into the risk score
Asignio users can choose to include location tagging each time they sign in. This prevents the same signature from being used for authentication in the US and China at the same time.
Asignio tracks patterns in account use history with factors like age of the account and consistency of use. Any abrupt change in use patterns is flagged to affect the risk score.
Users sign more quickly and consistently as they get used to Asignio‘ signature format. Machine learning algorithms measure and track these changes over time, adapting to the user and ultimately making the signature stronger (and harder to replicate) the more it is used.
Asignio‘s web-based authentication platform allows the user to sign in to any account, with any device.
Users do not need to download an external app, and the only hardware required is a touchscreen device. On a smartphone or tablet, users sign in directly within a mobile web-browser or specific account application and are authenticated within seconds.
For desktop users, a simple QR code scan, email link, or text message will prompt the user to sign on a registered touchscreen device, and seamlessly transfer that authentication to the desktop account. This omnichannel, web-based authentication platform creates a seamless digital identification experience across one account, no matter what device the user is holding.
“Whether you are using a smartphone in line at the grocery store, or sitting in front of your desktop at work, Asignio seamlessly provides high-security 3FA.”