Signature

A user‘s biometric signature can be any combination of letters, numbers or symbols. Most often, users will simply draw their three initials. For example, John Thomas Smith could draw the three letters “JTS”, just like he has been doing since kindergarten. Users draw this biometric signature directly onto a touchscreen device with their finger. On average, signing those three simple initials takes 3 seconds or less.

Asignio‘s Biometric Signature

Any combination of letters, numbers or symbols

Secure biometric unique to the user and a chosen, changeable password

Dynamic security that measures both shape and timing of strokes

Accessible anywhere, at any time, with any device

Signature Algorithms

Proprietary math algorithms measure multiple factors to ensure that the biometric signature drawn on the screen correctly matches the identity of an individual user.

TIMING FACTORS are used to measure the time it takes to draw strokes on the screen. Examples of timing factors include velocity of the curve and peak acceleration rate.

SHAPE FACTORS are used to measure the length and size of strokes drawn on the screen. Examples of shape factors include curvature variance & space between strokes.

“The combination of 25+ shape and timing factors identify each signature as a biometric unique to the user.”

Signature Security

Just like passwords, complexity of the signature affects the level of security. There are four key factors that make a strong biometric signature: shape, size, timing, and multiple strokes.

A strong biometric signature includes:

Strokes with multiple curves

Strokes that take up a large portion of the screen

Strokes performed quickly from memory

Multiple strokes

3-Factor Authentication

What is 3-factor Authentication?

Three-factor authentication (3FA) is an industry standard definition of three recognized factors used to determine a user’s identity.

These three factors are:

  1. “something you KNOW”
  2. “something you HAVE”
  3. “something you ARE”

The more factors satisfied through an authentication solution, the more secure that solution is.

For example:

  • a password is considered one-factor authentication because the chosen password is “something you know”
  • a fingerprint is considered two-factor authentication because a biometric fingerprint is “something you are” and the device that fingerprint is registered on is “something you have”

Asignio‘s 3fa Solution

Asignio uses all three factors of authentication.

SOMETHING YOU KNOW

Asignio users create their own biometric signature, something that only the user knows

SOMETHING YOU HAVE

The user’s registered devices become a physical token of security, something that only the user possesses

SOMETHING YOU ARE

The user’s unique style of handwriting is their biometric identifier, something the user is

Biometrics

Biometrics authenticate a user‘s identity through physical or behavioral traits biologically unique to the user.

Hard Biometrics

Hard biometrics, like fingerprints, palm scans, or iris scans, are a physical trait biologically unique to the individual. Hard biometrics require specific hardware (like a fingerprint reader) and are stored directly on a device belonging to the user. Using your fingerprint as secure authentication for social media sites, banking, and shopping accounts is equivalent to using your social security number as your password for every single account. That number may be hard to guess at random, but, once stolen, your identity (fingerprint, social security number, or otherwise) is compromised forever.

“While convenient for the user, hard biometrics risk the loss of a permanent, non-changeable biometric. If a hacker gains access to your iris or fingerprint pattern, those biometric identifiers will forever be unsafe to use.”

Soft Biometrics

This is the benefit of soft biometrics. Soft biometrics are behavioral traits unique to the individual. Examples include the tone of your voice, your walking gate, or your handwriting. Soft biometrics measure learned behavioral traits when the user speaks a chosen password or signs a chosen signature. Soft biometrics store personal information off device and do not require specific hardware. In the case of a breach, simply change that signature to re-secure a compromised account, and never worry about permanent identifiers being compromised! This is a huge benefit of a chosen, changeable soft biometric.

“Soft biometrics never risk the permanent loss of your unique biometric identifier (i.e., your unique style of handwriting). A hacker may be able to compromise a specific signature, but your handwriting is never at risk.”

Layers of Security & Risk Scoring

Beyond three-factor authentication (3FA), Asignio‘s platform includes additional layers of security for the protection of the user. Ultimately, each signature is given a risk score based on all of these security layers, indicating a level of assurance that the biometric signature truly identifies a specific user.

The following security layers factor into the risk score

Geolocation

Asignio users can choose to include location tagging each time they sign in. This prevents the same signature from being used for authentication in the US and China at the same time.

Use Patterns

Asignio tracks patterns in account use history with factors like age of the account and consistency of use. Any abrupt change in use patterns is flagged to affect the risk score.

Machine Learning

Users sign more quickly and consistently as they get used to Asignio‘ signature format. Machine learning algorithms measure and track these changes over time, adapting to the user and ultimately making the signature stronger (and harder to replicate) the more it is used.

Omnichannel Authentication

Asignio‘s web-based authentication platform allows the user to sign in to any account, with any device.

Users do not need to download an external app, and the only hardware required is a touchscreen device. On a smartphone or tablet, users sign in directly within a mobile web-browser or specific account application and are authenticated within seconds.

For desktop users, a simple QR code scan, email link, or text message will prompt the user to sign on a registered touchscreen device, and seamlessly transfer that authentication to the desktop account. This omnichannel, web-based authentication platform creates a seamless digital identification experience across one account, no matter what device the user is holding.

“Whether you are using a smartphone in line at the grocery store, or sitting in front of your desktop at work, Asignio seamlessly provides high-security 3FA.”

Benefits to User

  • A consistent and familiar digital login experience eliminates cumbersome passwords and difficulty with 24/7 system access
  • Signatures are familiar and easy to use; many users have been signing their initials since kindergarten and are used to authorizing transactions using their signature
  • Adaptable signatures can be changed at any time to re-secure a compromised account
  • The user‘ biometric (i.e., their unique handwriting) is never at risk of being compromised providing the ultimate privacy and security
  • Users take back the power and validity of a signature tied directly to their identity

Benefits to Institution

  • Ultra-high security of a biometric reduces authentication fraud and the likelihood of successful phishing/social engineering schemes
  • Dynamic platform is easily integrated into existing systems with a few lines of code (and without forcing users to download an external app)
  • Omnichannel authentication creates a consistent digital experience across the brand
  • Multi-factor authentication complies with strict data privacy & KYC regulations
  • IDaaS signature tied to a verified identity establishes a trusted digital identity for online transactions
  • Consistent and familiar user experience increases user retention