Janus-Faced Handwritten Signature Attack: A Clash Between a Handwritten Signature Duplicator and a Writer Independent, Metric Meta-learning Offline Signature Verifier

Abstract

Signature verification is a popular research area. SigmML, a new system for offline, writer-independent verification, has been developed, offering a unique approach outside typical Euclidean network learning methods. This verifier operates in the space of symmetric positive definite matrices and has demonstrated promising preliminary state-of-the-art results in intra and cross lingual dataset experiments. However, any offline automatic signature verifier faces a potential vulnerability: susceptibility to massive attacks using synthetic signatures. This concern becomes more pronounced given the significant advancements in handwritten image generation techniques. To evaluate the threat level of synthetic attacks to the original version of SigmML, we assess its performance under several attack profiles involving the duplication of synthetically questioned signatures, which are used during the test stage. These profiles advance the threat level to the SigmML verifier by refining the output of the duplicator with a quality control mechanism which intuitively adapts the a-priori knowledge of the intra-variability of each writer. In our experiments, we considered signatures written in various countries and styles, including specimens in Western, Devanagari, and Bengali scripts. Quantitatively, we demonstrate this delicate security issue in the context of signature verification. The proposed attack profiles significantly degrade the performance of SigmML, surpassing the results obtained against skilled forgery experiments by more than double.