I\'m familiar with the basics of multi-factor authentication. Now I\'m trying to

Question

I'm familiar with the basics of multi-factor authentication. Now I'm trying to understand how a physical signature, as written on, say, a check or a credit card receipt, would be classified:

- Is it a knowledge factor (something you know), in that you know how to write your signature (and someone else can learn it)?

- Is it a possession factor (something you have), because it's physically encoded in the muscle memory in your brain cells and the way your hand holds a pen?

- Is it an inherence factor (something you are), because the ability to produce it can't be taken away from you and it's (sort of) hard to change?

Explanation / Answer

I would consider a physical signature a biometric, albeit a pretty weak one. It isn't really something you have, since unlike a physical token, it cannot be stolen, or given to another (or, under most common circumstances, lost). It isn't really something you know either, even if an attacker knows exactly what your signature looks like, he cannot necessarily reproduce it.

The idea behind a signature is individuals have different idiosyncrasies in their handwriting that is relatively difficult to replicate. Unfortunately "relatively difficult" is very far from impossible.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.