Are there existing web sites that use a photo as a electronic signature?

Question

The use case: to sign a electronic document, users view the document, and if they agree take a picture of themselves with their webcam (done through Flash from the browser). Then a PDF is generated containing the document and the picture in place of signature.

This is a biometric signature, which is not as strong as a digital (cryptographic) signature, but stronger than having users draw their signature, as a photo is harder to forge than a drawn signature.

Has anyone seen this technique being used on an existing web site?

Answer 1

This idea isn't secure by itself. When talking about digital signatures, we are looking for these properties:

1. It is easy to verify that the signature is authentic.
2. It is nearly impossible to forge a signature
3. The signature applies to a certain document (or message), and cannot be transferred to another document.

Your method fails at all three:

1. It is hard to verify a signature, unless you already know the signer visually (also take into account that blind people do use computers)
2. It is very easy to forge a signature.
3. The signature can be easily transferred to another document, and it isn't possible to verify that the signature and the allegedly signed document match (since there is nothing that binds the signature to the document. PDF is not secure in any way!).