Digital Signature RisksIf you sign on a digital signature pad, you are putting yourself at great risk. Your signature, once stored in a database with millions of others, is likely to be stolen. Once your digital signature is stolen, it can be sold like credit card numbers are already. However, your signature, once stolen, can't be easily replaced. And your signature can be used to forge documents in your name. Avoid these major risks: Don't Sign On Digital Signature Pads
Digital Signature PadsDigital Signature Pads (also called signature capture pads) have become common in retail stores. At checkouts where customers used to be asked to sign paper slips, now pads or touch-screens are becoming common. These digital signature pads capture your signature and in many cases completely replace paper slips. Your signature may be printed on a receipt or displayed on the cashier's computer screen.
In all cases, your signature is stored as a digital image in a computer database. The retailer needs a record of your signature in order to prove to the credit card company that you were present and authorized the purchase. ("To provide charge-back defense", in the language of digital signature technology providers.) The database of signatures is likely kept in one central location -- it wouldn't make sense for a company to keep multiple separate partial databases in different locations. Indeed, promoters of digital technology talk about large signature databases tied to credit card numbers without mentioning security at all.
Thefts From Digital Financial DatabasesDigital financial databases are tempting targets for information thieves. Thieves have already made mass thefts of credit card information. Credit card numbers can be easily canceled and replaced. However, once your signature is stolen, could you change your signature? Once a criminal has your digital signature, he can easily create legal documents that have your real signature on them. How would you prove that you didn't sign the document? It is your signature after all.
This is not a hypothetical risk. 40 million credit cards were exposed to theft at Card Systems in June of 2005. What if they had been storing digital signatures too? How long before the signature repository at a large retailer (or the credit card companies themselves) is stolen? Do you want your signature in the database when hackers access it? Just don't sign!
Just Don't SignYou don't have to sign on signature pads. Almost all retailers offer the option to sign on a paper slip. All you have to do is ask. Say, "I'd like to sign on a paper credit slip". Many cashiers know how to do it, some may need to get a supervisor. You may have to insist. Don't back down! Remember what is at stake: your signature and your identity! Don't let hackers have the one piece of information that provides your unique legal identification.
I have put together a cheat sheet on how to get a paper credit slip at several major retailers.
To Retailers: Avoid the Risk of Identity TheftRetailers, are you considering implementing an electronic signature capture program? Remember what happened to Card Systems when they stored lots of vital customer information. The information was stolen and subsequently they have suffered a major loss of business. Do you want to face this sort of liability and the chance of bankruptcy? Avoid storing digital signatures. Your customers will thank you and your shareholders and investors will appreciate your foresight.
Copyright © 2014 Andrew Oliver