Signature Authorization is Stupid Security - Page 2

Ever forge your husband's signature? Wife's? Parent's? Client's? Do you think the clerk behind the counter at Walmart is skilled in handwriting analysis?

 By Robert Siciliano
Page 2 of 2   |  Back to Page 1
Print Article

If someone signs your name to a check and you call the bank and say it wasn't you, they look at the signature and determine whether it's yours or not. From there they assign liability.

That's dumb.

Other than at the teller line, most banks don't actually view signature cards until there's a problem. Same with credit card issuers etc.

There are a few companies that actually have given validity to the handwritten signature.

One such company is Orbograph, an image-based fraud detection company north of Boston that actually looks at previous signatures and recognizes potential document fraud before loss occurs.

If we are going to rely on signatures, this type of technology needs to be implemented everywhere. Many smaller credit card purchases no longer require a hand written signature.

Visa recently announced it would mandate a move to chip and PIN technology for all Australian Visa cardholders over the next four years, with signatures no longer accepted at the check-out by 2013.

This means all card holders will have a password, as opposed to a signature.

Even though passwords aren't all that secure to begin with, a signature is even less secure, unless of course we provide the signature some credibility by implementing image-based fraud detection system-wide, or putting guys like Bob in a booth in every business district on the planet to review the legitimacy of the signature.

That ain't happening. Yet we have plenty of coffee shops on every corner. Seems like our priorities are a bit skewed.

Because the system is insecure, you must protect your identity.

Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.


This article was originally published on Dec 9, 2009
Get the Latest Scoop with Networking Update Newsletter