7February 2010 Biometric Technology Today

Taking signatures seriously – making signature biometrics meet digital signatures

In October 2009, the German IT security association TeleTrusT awarded its innovation award for applied electronic signatures to the Spanish Confederation of Savings Banks, Confederación Española de Cajas de Ahorros (CECA), for its ‘Firma Digitalizada’ project at ISSE in The Hague. The award acknowledged its successful idea of combining the benefits of biometric signatures and cryptographic tech-niques in one application.

This award reflects the increasing importance of electronic signatures based on handwritten signatures and their integration into the digital workflow. It also shows that the implementa-tion of biometrics is no longer seen as an isolated security project, but, rather, a part of workflow optimisation.

The challenge: documents requiring a signatureThe demand for paperless signatures is higher than ever, and there is one common goal: to create trustworthy processes that are safe, secure and prove an individual’s true intent. In applications where signatures are the de facto means of confirming the intent of an individual, dynamic signature recognition offers a pretty smooth migration from paper to electronic processes. Essentially, in this first stage, it isn’t fully blown biometrics, rather a step-by-step move away from paper.

Spanish savings banks have been increasing automation levels in branches for many years, but there is one area this hasn’t yet embraced: documents that need to be signed by clients. These must be stored for six years to decades, depending on the legal requirement, and dur-ing this period they may have to be moved and manually reviewed.

The main objective of the Firma Digitalizada project was to get rid of the paper in savings bank branches, eliminating the

physical documents still produced for the sole purpose of capturing handwritten signatures. The aim was to work end-to-end with elec-tronic documents. Spanish banking employees should no longer need to handle paper and instead be able to turn their time to providing excellent customer service.

Thus it was necessary to be able to capture verifiable handwritten signatures and embed them in the document workflow in a reliable way to achieve proof of non-repudiation.

Paradigm shift Spain has spearheaded several IT initiatives, including the introduction of eID cards, similar to the ones planned for rollout in Germany in November 2010. Firma Digitalizada has proved that for several appli-cations the best electronic signature option is to embed the handwritten signature in digital workflows rather than replacing it. Although many Spanish citizens already possess a DNI electrónico (eID card), they prefer to indicate approval with their handwritten signature. As digital signatures based on certificates on smart cards are still struggling for acceptance, the Spanish savings banks decided to seek a trustworthy way of digitising handwrit-ten signatures and storing this information together with the electronic document secure with proof of its authenticity. They aimed to make signature biometrics meet digital signatures.

German experience provides inspirationWhen investigating potential solutions, CECA discovered that German savings banks already had a similar initiative. Known as Elektronische Unterschrift (Electronic Signature), it is part of the Model P project aimed at cutting the German banks’ workflow costs.

Doris Görke of DSGV, the German savings banks association, revealed how e-signing had worked at one German bank, Berliner Sparkasse, in an article in its weekly news-paper, Sparkassenzeitung, in March 2009. Entitled ‘eSigning makes you slim’, it revealed that electronic signing is the true ‘slim-fast diet’ for a lot of workflows as it literally slims them down and speeds them up!

Although in many processes a signature is not legally necessary, Görke says that elec-tronic signing with the handwritten signature is also beneficial from a marketing and sales perspective. Signing reinforces the relation-ship between customer and bank, something

Joerg Lenz, PR manager at SOFTPRO, takes a closer look at the recent develop-ments driving the increasing adoption of dynamic signature recognition in the financial market, particularly in banks.

FEATURE

Creating an optimised workflow through process transformation

since original signatures can be checked automatically against the client’s signatures.

different time and in a different location on the same digital document, without moving papers.

are needed.

by transferring content from paper to electronic files.

checking and automatic biometric validation.

reference signatures allowing automatic signature verification in paper based payment processing (cheque processing).

8Biometric Technology Today February 2010

which is increasingly important since custom-ers tend to visit branches less often and their main interface is the bank’s website.

The devices used to capture signatures are the same ones used for communication purposes. For example, signature tablets also display relevant customer service programme adverts and invitations to participate in com-petitions etc.

Santiago Uriel Arias, Technology Vice secretary (CIO) of CECA’s Commission of Organisation, Automation and Services (COAS), comments: “We are happy to benefit from our best practice information exchange with already existing customers of our German partner such as the German Savings Banks Association. We took a lot of inspiration from our talks with the processing centre Finanz Informatik and its customer Berliner Sparkasse which has rolled out very successfully a corresponding system with the similar hardware for signature capturing we are using in 2008.”

Worldwide attentionThe monthly magazine spinoff of the US daily finance newspaper American Banker, Bank Technology News (BTN), listed CECA as one of the ‘Top 10 Companies and Technologies of 2009’. Firma Digitalizada has also been shortlisted for the 2010 awards of UK finance-IT magazine Financial Sector Technology in the Best Use of IT in Retail Banking (International) and Security/Anti-fraud Strategy of the Year categories.

CECA is about to achieve its goal of

creating the de-facto standard for eSigning throughout Spain in financial and other sec-tors. Clients will have the reassurance of hav-ing the same signature process whether they go to their bank or to the shop next door.

The savings bank Avila pioneered Firma Digitalizada. From February 2010 it is fully deploying the solution in 14 of its 45 braches. A further 11 savings banks are set to roll it out this year, along with more than 70 cooperative and retail banks. Since the start of the project more than 17 million electron-ic documents have been signed digitally, and by the end of 2010 this figure is expected to exceed100 million.

It has already attracted a lot of attention outside the finance sector. Contract manage-ment is a hot topic for a lot of industries. Firma Digitalizada is being investigated by telecoms firms, retailers, temporary employ-ment agencies and the public administration sector including tax authorities.

Significant cost reductionsCECA estimates that introducing electronic signing for banking transactions in bank branches saves its 45 members up to 26 mil-lion euros every year. This is based on paper savings alone. Additional savings are expected as paper forms disappear from the internal workflow, cutting the cost of printing, stor-ing, preparing, signing, routing, shipping, scanning, indexing and physical archiving.

The solution’s componentsPrior to CECA’s Firma Digitalizada there were no packaged solutions providing such capabilities in the European market. Today CECA offers a highly customised solution for the financial sector and its transactions and contracts. Capturing and reading a sig-nature involves a user terminal with a signa-ture pad attached which can scan biometric signatures or read the client’s smart card. CECA has integrated SOFTPRO’s SignPad eSignio and the SignWare Software Development Kit into its document work-flow solution.

The technology has been packaged and is not only sold to CECA members but to other Spanish and international financial institutions, plus firms outside the financial sector in fields such as telecoms, retail, public administration and so on. Today the signa-tures of customers and employees of Spanish

savings banks are digitised immediately during the writing process. The technol-ogy captures the time and location and the pressure used, and an individual signature profile is created. Hence a signed document includes more than initially meets the eye. As well as the signature image, it also contains biometric characteristics. Software compo-nents cater for the authenticity and integrity of the electronic documents. The captured data is linked with the signed document con-tent. An electronic signature is created based on the individual biometric signing charac-teristics, and any document modifications after the eSigning are recorded to protects its integrity.

Keeping the auditing department happyAudit processes can be simplified since signa-ture review can be carried out with a simple query against all databases. Automatic archiv-ing in a centralised digital custody allows instant recovery of original documents (not just a scanned copy). Ex-ante compliance checks can be executed at the click of a but-ton: Who (required number of signatures) signed transactions, contracts, agreements, etc what where (track of the signature location) and when (time stamp control).

These improved audit processes allow the requirements of the Markets in Financial Instruments Directive (MiFID) and the Anti Money Laundering (AML) regulations to be met. There is no longer a need to rely on tellers/agents as signatures can be automati-cally checked prior to formalising contracts or executing transactions with pre-embedded automatic signature verification.

Creating a green workflowLast, but not least, electronic signing is a vital element of CECA’s overall corporate social responsibility strategy: the organisation and the environment benefit from a signifi-cant reduction in paper usage with the crea-tion of this truly green workflow. Less paper means less pollution, saving trees and reduc-ing water waste.

This feature was supplied by Joerg Lenz, PR manager, SOFTPRO. He can be contacted at tel: +49 7031 66 06 55, email: joerg.lenz@softpro.de, Web: www.softpro.de

FEATURE

About CECAThe Spanish Confederation of Savings Banks is the national association of Spain’s 45 savings banks. All of them are involved in the Firma Digitalizada project. They have 25,000 branches in the Spanish territory and process more than one billion transactions/contracts per year.

Confederación Española de Cajas de Ahorros, CECASantiago Uriel AriasVicesecretario Tecnológico/ Vicesecretaría TecnológicaCalle Alcalá 2728014 MadridSpainPhone: +34 9 1596 5028suriel@ceca.eswww.ceca.es