Eyenetwatch.com - The UK's top Biometric Reseller
Fingerprint Scanner Hardware Fingerprint Scanner Software
Buy Hardware Buy Software
> Biometric Security
> Applications
> Technology
> Biometric Consultancy
 
> Fingerprint Hardware
> Fingerprint Software
> PDA Products
> BioWeb Server
> Secure USB Hard Drive
> Iris Scanner Range
> Signature Products
> Lock Down Products
> Encryption Software
 
> View Order
> Home
> Contact Us
> Resources
 
 
 
Application Solutions:
> Access Control
> Time & Attendance
> PC Security & Logon
> User Authentication
> Data Storage/Encryption
 
Biometric Information
> Int'l Biometric Society
> Int'l Biometric Group
> The Biometric Consortium
> Biometrics Research
> UK Government WG
> Organisations using Biometrics
 
Tech Overview «» SIGNificant «» PenDocs «» Demos

Wondernet Technology Overview

The engine behind WonderNet's entire product line is the Penflow client-server application which allows easy and secure signature authentication process based on three main stages:

Enrollment

    

The whole process is initiated by a user registration using an intuitive graphical user interface. The enrollment wizard requires three initial signatures and another three signatures for training purposes. Using a digital pen and tablet, the user naturally signs their personal handwritten signature, exactly the same as using a wet-ink pen and ordinary paper.

   enroll_six.jpg 
     

Signature Profile Creation and Handling

    

Each signature is analyzed by the Penflow engine, and converted to a template. These templates are then processed to form the user’s signature profile. The profile is a robust structure that contains the knowledge of the signature’s dynamics and is not influenced by user’s external factors. The signature profile database can be managed by an authorized system administrator using the Penflow server comprehensive management tool. The administrator can perform series of operations per user profile including: suspend, reset or delete the profile.

   graph.bmp
     

Signature Verification

    

Each time a user uses the application to add his signature; the server compares current signature to the pre-enrolled profile. Upon each authentication the server continues to learn and fine-tunes the user’s profile. This enables the system to track gradual shifts in the handwritten signature over time.

   valid_success.jpg

 

System Requirements
  • Tablet and digital pen - to capture the handwritten signature strokes
  • Computer - running any application that requires biometrics authentication
  • API – WonderNet’s SDK contains a simplified ActiveX/Com API seamlessly connecting your application with the Penflow technology
  • Server - the server contains the comparison engine which compares a user’s signature to its pre-enrolled profile using Penflow technology, providing the authentication result
  • Database - the server can be associated with any supported database (ODBC, native SQL, Smart Card, various “keys”, etc.)

Encryption and Data Security

Essentially being an enabling technology for trusted communication and authentication, Penflow is based on the most progressive and strict security standards. Encryption and data security are in the heart of Penflow's signature verification process, covering these main phases:

Enrollment and Authentication
Once the user enrolls, a biometric signature file is being created and kept together with the user details on the Penflow server. This signature profile is encrypted using a Triple DES (3DES) cryptosystem. The Penflow server then creates a pair of asymmetric keys, using an RSA algorithm- a private key and a public key. The private key is kept on the Penflow server while the public key is sent to the user as part of the Electronic Certificate. The Penflow private key (or any other certificate authority acknowledged by the user) signs the user Electronic Certificate.

Signing a Document
Completed document information is converted into a sequence of numbers in a process called hashing, generated by an MD5 or SHA1 algorithm. It is practically impossible to reconstruct a document out of its hash and the probability of different documents getting the same hash value is close to zero. When the creator digitally signs the document using an electronic pen and a tablet, his biometric signature profile is sent along with the document hash value. After authenticating the user identity, the hash value is encrypted using the user's private key. Whenever the hash value is different than the original signed value, implying the document has been altered, the signature becomes invalid.

The communication channel between the Penflow server and the client (user) is encrypted using SSL (Socket Secured Layer) technology based on an RSA protocol.

 
Eye Net Watch is a division of Romsey Associates Ltd - Copyright Romsey Associates Ltd 2001