Evaluating the Security of Handwriting Biometrics

Ongoing interest in biometric security has resulted in much work on systems that exploit the individuality of hu- man behavior. In this paper, we study the use of hand- written passphrases in the context of authentication or cryptographic key generation. We demonstrate that ac- curate generative models for a targeted user's handwrit- ing can be developed based only on captured static (of- fline) samples combined with pen-stroke dynamics learned from general population statistics. Our work suggests that such automated attacks are nearly as effective as skilled human forgers and hence deserve serious consideration when evaluating the security of systems that use handwrit- ing as a biometric.