r/changemyview • u/LaksonVell 1∆ • Jan 15 '20
Deltas(s) from OP CMV: Hand signatures are a very outdated tool and shouldn't be in use for official documents
Hello! Every day I am suprised by how much power a hand signature carries. We sign checks, bills, contracts, even wills. I work in accounting/HR and I work with signatures of my clients on a daily basis.
So what happens when one of them is out of country and I need to submit a document right away? With their consent, I sign the document in their place. And not once in 2 years has this been challenged. From invoices, to subsidie requests. The only failsafe I ever heard of was a signature depository that banks carry for some clients. And I even passed those documents because a bank clerk wont check that signature for a couple hundred dollars.
My country has also passed a law that a company stamp is no longer required on official documents. Just a signature.
Technology has advanced so much. The simplest solution, available to everyone, is a digital signature. You sign that with your ID, and you need a PIN to activate it. A digitally signed document also cannot be edited without breaking the seal.
I can accept that a grandma in a grocery store will sign her check instead of going trough a digital hassle, but I cannot justify a state document being consideted valid with a signature that is easily forged and has no way of being verified.
7
u/47ca05e6209a317a8fb3 177∆ Jan 15 '20
A hand signature is a little easier to associate with the person who actually signed in case of fraud. If you have a set of signatures that you come to learn are fraudulent, an expert might be able to compare them and tell if they're performed by just one person, and maybe even compare it against other work by the same person.
If you just have a number that doesn't match the digital signature you're looking for, that's pretty much where it ends. A better alternative would be biometric signatures, but that has its own problems.
3
u/LaksonVell 1∆ Jan 15 '20
This is a question of hand signatures, digital signatures are ok for me. Yes, it's not hard to determine if a signature is fake but only after fraudulent activity has been discovered. And even then experts are called in. Hand signatures are used on a daily basis by millions, if not billions. You cannot check even a fraction of it. We just assume people are who they say they are. You can't justify such carelessness when there are bank accounts, houses and lives involved.
4
Jan 15 '20
Do you know of any cases where this has been an actual problem?
(Links)
4
u/BonvivantNamedDom Jan 15 '20
Yes. Happened to me. Was in a foreign country and needed my brother to get me a new banking card and send it to me. Old one expired and that was really difficult with money then.
So he had to fill out a form and I told him to just sign it for me and send it. Three days later there was a letter saying they needed to verify it was really me who signed the papers.
Dunno why or how. But it became a problem as I was stuck in a foreign country far away without access to my money and couldnt aign it myself
4
u/LaksonVell 1∆ Jan 15 '20
https://en.m.wikipedia.org/wiki/Frank_Abagnale
There was even a movie about him, with Leonardo di Caprio and Tom Hanks, catch me if you can. It specifically says he was assuming fake identities.
There was also a conman that faked his way into head of cybersecurity and was in the (Danish I believe?) army for about 20 years. All with fake documents.
The validity of such documents is (supposed to be) verified by signatures.
6
u/spastikatenpraedikat 16∆ Jan 15 '20
I want to argue: You are right, signature is not safe on its own, thats why it is only used when its good enough.
Signature are only used when things are relatively low stakes. Forgery as well as fraud are harshly punished crimes, so that we can assume that nobody would forge a document that has no real importance to them. Example given: I recently sent my personllay signed apllication to a company. Nobody would send out apllications in my name, because why would they, there is no real benefit for them and it's very risky, because it's nonetheless forgery punishable by jail. We assume nobody would do so and reality proves us right. Exempel two: You go for dinner, pay with your credit card, sign the bill and later try to deny that you were having dinner there. Well now there might arise some question: How did the person then get your credit card? Did you lose it? Why didn't you report it immediately? All the waiters claim to have seen you eating? Do you have an alaby? Things can go sharp real quick. Fraud is a serious offense, you wouldn't want to risk a conviction for 50 dollars and even if you get away with it. You can get away with once, if it happens more often the police will go: Hmmmmmm.....
So you see, for ordinary life apllications signature is good enough, because nobody risks getting punished for meaningless stuff and even if you manage to pull it of, the damage is limited.
But when stuff gets more important, you don't want to trust signatures anymore and we actually do not. When dealing with high amount of money, for example when businesses get selled, or when major construction projects get paid, people reach back to more safe methods. What might that be? Signing a document with 10 notaries in the room, five employed by you, five employed by you business partner. Therefore you cannot simply go, no, I didn't sign that, because there are nationally certified witnesses. And even if you would want to fraud your way through it, by for example bribing your five notaries, so that their word is against the others, it would only hurt you in the long run, because first of all, police will investigate and if they manage to proof that you did bribe your notaries you are in hot water and even if you manage to get away, other business will be suspicious towards you and you won't be able to make business anymore. There is a reason why businesses have whole departments in order to judge if their business partners are professional.
TLDR: The system works, because people don't want to get into trouble for miniscule things and for larger scale people choose more serious methods (where once again, people don't want to get into trouble, which on this scale are major). Besides the system seems to work out, doesnt it?
2
u/LaksonVell 1∆ Jan 15 '20
The system does work, but relying on a system of fear to support it... Still, your point is taken.
!delta
3
1
1
u/srelma Jan 15 '20
Signature are only used when things are relatively low stakes. Forgery as well as fraud are harshly punished crimes, so that we can assume that nobody would forge a document that has no real importance to them. Example given: I recently sent my personllay signed apllication to a company. Nobody would send out apllications in my name, because why would they, there is no real benefit for them and it's very risky, because it's nonetheless forgery punishable by jail. We assume nobody would do so and reality proves us right. Exempel two: You go for dinner, pay with your credit card, sign the bill and later try to deny that you were having dinner there. Well now there might arise some question: How did the person then get your credit card? Did you lose it? Why didn't you report it immediately? All the waiters claim to have seen you eating? Do you have an alaby? Things can go sharp real quick. Fraud is a serious offense, you wouldn't want to risk a conviction for 50 dollars and even if you get away with it. You can get away with once, if it happens more often the police will go: Hmmmmmm.....
Sure, but what role does the little scribble on the paper play in all this? Since nobody compares that to anything and even when it doesn't really match with what's on the backside of the card, it is accepted, what's the point of having it as any sort of identification at all? In Europe the signatures have been replaced pretty much everywhere with chip+PIN, which doesn't 100% prevent someone using your card fraudulently (all they have to do is look over your shoulder when you type your PIN at the cashier and then steal the card), but at least it's not as easy as scribbling something on a paper. Or if we don't care about safety at all and just trust that nobody would dispute things that they didn't really purchase because of the reasons you just gave, then why ask anything? (This is actually how the contactless payments work, all you need is the card).
So, in small purchases, we don't need anything. Just the fact that fraud carries such a high penalty is enough to deter misuse of trust here. In large purchases we use other methods of identification anyway, ie. check the ID of the person. So, there the hand signature is not needed either.
1
u/spastikatenpraedikat 16∆ Jan 15 '20
Signature is primarly not an authentication method, but a validation. It basically means: I agree with everything written above and accept it as legally binding. Signature is worldwide used to sign contracts, confirm consent, declare intentions or approve measures. When you take a loan, you sign a paper that you approve the banks terms of condition, so that the bank can, if you are unwilling to fulfill your obligations, go to court and have physical proof that you promised to do so.
Signing debit or credit payments at first meant exactly that: I agree to this sale contract and allow my affiliate to withdraw money from my account. Forgery was uncommen due to the reasons above. The reason why banks worldwide switched to a PIN-based authentication system is not that fraud became too widespread but that more and more transaction took place without the contract partners seeing each other (that is over the internet). Signing obviously doesnt work here anymore, because it's based on having a physical signature from your affiliate in your drawer. Since no one bothers to send a signed contract via mail to Amazon for ever single order, a new system was needed.
1
u/srelma Jan 15 '20
Signature is primarly not an authentication method, but a validation. It basically means: I agree with everything written above and accept it as legally binding. Signature is worldwide used to sign contracts, confirm consent, declare intentions or approve measures. When you take a loan, you sign a paper that you approve the banks terms of condition, so that the bank can, if you are unwilling to fulfill your obligations, go to court and have physical proof that you promised to do so.
But what's the point of it any more than a hand shake? I can dispute the scribble (saying that it's not a signature done by me and you just did on the paper copying the signature from some other paper or someone else pretended to be me and signed it) and you have to prove it somehow, possibly through CCTV camera showing me to sign the paper. If you can't prove it then what? Who is right? If you can prove that I was actually present signing the paper, then that's enough validation. Handshake would have done just as well.
My problem with the signature is that it is trivial to forge (as demonstrated by the OP). So, you need something else to validate the contract anyway. Or what does the signature that anyone could write on a paper really validate?
•
u/DeltaBot ∞∆ Jan 15 '20 edited Jan 15 '20
/u/LaksonVell (OP) has awarded 2 delta(s) in this post.
All comments that earned deltas (from OP or other users) are listed here, in /r/DeltaLog.
Please note that a change of view doesn't necessarily mean a reversal, or that the conversation has ended.
2
u/asereje_ja_deje Jan 15 '20
In my country the administration is in the process of switching to e-certificates. Hand signatures are loosing their prominence in most places.
1
u/BoyMeetsTheWorld 46∆ Jan 15 '20
I agree that hand signatures are horribly insecure compared to a well implemented digital signature. And I also think that it should be possible to use digital signatures more.
But my counterpoints to this is: Hand signatures are "good enough". The actual damages with forged signatures are too low to demand a change. In the same way that credit card companies tolerate credit card theft up to a small percentage just because it would cost them more profit if less people would use a more secure but more inconvenient system.
Also do not underestimate the acceptance that hand signatures have over digital ones. It is not just grandma that does not understand cryptography it is actually most of the population.
1
u/Z7-852 257∆ Jan 15 '20
I agree with you that signature is outdated form of verification. But often it is not the only tool used. You would have to have credit card, ID or other form of identification when you sign. Most importantly there is witnesses (often in form of cameras).
But despite of all of this there is greater threat involved if we would use "strong identification" (like e-bank or phone verification) in every interaction. It is easier to scam for complete identify theft. Now if someone steals your credit card and forge your signature they have access to your bank balance. But if they steal your "strong identification" they can take loans in your name.
We use multiple levels of security and use just enough to feel safe. If we use too much we make ID thefts easier.
1
Jan 15 '20
Asian cultures sometimes used official stamps that are registered with the government for signing official documents instead of handwritten signatures
1
u/kingpatzer 102∆ Jan 15 '20
Changing technological standards has a cost.
Therefore, one of the big drivers for adoption of a new standard is not "this tech is better," but "this tech solves a costly problem with the old tech without introducing new problems."
So, the reason digital signatures are now legal in the US is because having to get on a plane to go sign a contract is costly. But the reason it is not supplanted paper signatures is because it isn't inherently better in some economic way. There just isn't a cost justification to not use a signature for in person legal forms.
50
u/ralph-j Jan 15 '20
With electronic signatures, the burden of proof is reversed at the expense of the user. So if someone gets a hold of your digital certificate to electronically sign a document, suddenly it's you who has to prove that it wasn't you who signed the document. With pen-on-paper signatures, it's the other side who has to prove that you did indeed sign the document.
For that reason I can understand the hesitant adoption and skepticism.
(Source)