To sign or not to sign?
May 20, 2006 8:07 PM   Subscribe

When you sign for your credit card, do they save the digital signature? (A little more to it, too)

So, a friend of mine who works in retail had a customer that refused to sign a digital stylus after a credit card purchase. They would, on the other hand, sign a paper copy (after doing an "old-fashioned" slider machine with carbon copy).

Question is... your digital signature isn't saved in any way is it? Or does it vary from system to system? Wouldn't it be less secure (assuming they refused the digital stylus for security reasons) to sign a paper copy (that could be stolen and has all your credit card info on it minus security code)?
posted by starman to Grab Bag (20 answers total) 1 user marked this as a favorite
I don't have any retail experience, but this is how I understand the system to work: if you contest a charge made to your card, the credit card company can ask the retailer for the signature given at the time of purchase. If they can't provide it, the charge is presumed fraudulent.

Companies have moved to digital signatures to avoid the management issues associated with lots and lots of little sheets of paper.

So, it's probably stored somewhere, and might even live on in system backups for a very long time. That's why my signature on one of those systems always looks like a very generic squiggle.
posted by lalas at 8:19 PM on May 20, 2006

I think I saw it here on metafilter, but there's a guy who published his increasingly absurd signitures that eventually became, I don't know, little landscapes and grids of hashmarks, and they were all accepted.
posted by StickyCarpet at 9:00 PM on May 20, 2006

Your friend has a point, though it proves moot so long as credit card users check their statements on a regular basis. Credit card companies take fraudulent charges very seriously and I imagine that your friend's belief that he/she is "protecting him/herself" is more paranoia than based on a substantial threat to their identity.
posted by SeizeTheDay at 9:00 PM on May 20, 2006

The old 'knucklebusters' are a pain and are probably less safe than a digital version.

The digital version may be stored on a computer somewhere, with date of purchase, what was bought, etc.

The pen & paper version?

At the store where I work currently, it's stored in a cardboard box in the backroom that's labeled 'CREDIT CARDS' and then the month and year.

Which do you think is safer? An encrypted digital file or a cardboard box?
posted by aristan at 9:12 PM on May 20, 2006

The solution to the problem is to never sign with your regular signature. No one ever checks. Most times I don't even use my correct hand to sign. Just a couple of loops.
posted by any major dude at 9:18 PM on May 20, 2006

I believe this is what StickyCarpet is referring to.
posted by danb at 9:37 PM on May 20, 2006

At the store where I work currently, it's stored in a cardboard box in the backroom that's labeled 'CREDIT CARDS' and then the month and year.

Don't forget the bank has a copy too.

I used to be a temp in a bank and there was a similar, if rather more organised, back room. I could not only find a copy of half the signatures in the state, but I could have cross-referenced them, if I wanted, with transations made in strip clubs and brothels.
posted by AmbroseChapel at 9:41 PM on May 20, 2006

I refuse to sign digitally because I just don't want my signature in a database somewhere. I'll sign a piece of paper and if they decide to digitize that, oh well. At least it was a hassle for them to do so. Signatures have a pesky way of mysteriously migrating to unrelated documents; why make it incredibly easy for an "attacker" to pull your signature up and reuse it?
posted by evariste at 10:27 PM on May 20, 2006

here's the thing though... what good does it do someone to have your signature? as everyone seems to agree above, signatures are never verified during transactions, check cashing, etc... so if someone wanted to steal your identity to get into your accounts and use your money, why go through the trouble of finding your actual signature when just writing your name any which way would do?
posted by ab3 at 11:55 PM on May 20, 2006

I usually sign my receipts as "I rock". The cashiers that read it usually laugh.
posted by special-k at 1:20 AM on May 21, 2006

So evariste, when you're at an establishment that has a digital signature capture device and you refuse, what happens? Do they just let you have the stuff w/o or refuse to sell it to you.

I've always assumed the signature is attached to that receipt as a bitmap so that if challenge later, the retailer/bank can pull up that invoice number and see the signature without having to go through a bunch of slips of paper in the back. AMEX, at least they used to, scan the charge slip and reprint it in your bill.

I always make a random squiggle anyway since it invariably the stylus is attached to make it difficult for a lefty to sign it anyway. My signature on paper receipts is more of a squiggle as well. It is quite a rare occurrence where a clerk will compare my signature with the signature on the back of my card. Rare as in it hasn't happened in at least 10 years. These days this practice has been replaced with asking for photo ID.

It seems the big ticket items are going to electronic signature devices and little ticket items are going to skipping requiring a signature at all.
posted by birdherder at 5:42 AM on May 21, 2006

Once your signature is digitized, what's to stop it being stolen? My credit card signature says "Please ask for photo ID." Only half of clerks bother to read it.
posted by theora55 at 6:18 AM on May 21, 2006

I used to use the "Please ask for ID", but the credit card companies say that is invalid and some places (the post office for instance) won't accept a card with that on the back of it.
posted by willnot at 6:55 AM on May 21, 2006

My credit card signature says "Please ask for photo ID."

Note that merchant agreements generally prohibit the merchant from accepting credit cards that are so marked. Although merchants hardly ever stick to this either.
posted by grouse at 6:55 AM on May 21, 2006

The "See ID" thing technically makes your card invalid -- see right there below the signature strip where it says "Card not valid unless signed"?

Besides, it's a bad idea to rely on the clerk checking for ID. As a clerk myself, I hardly ever check ID unless the purchase is for a large amount.

Regarding the digital signature pads, my signature usually comes out completely illegible on them, because a) I'm a lefty, and b) my signature has a bunch of up/down action on it and there usually isn't room on the pad for that.
posted by neckro23 at 7:32 AM on May 21, 2006

For what its worth, I've had my bank call me up (my credit card is through them) and ask me to verify purchases made with the credit card because the electronic signature didn't match up very well. So maybe there's automated checking, maybe there's spot checking, maybe using my CC a couple times in the same day triggered it, whatever... but someone out there watches some of the time.
posted by devilsbrigade at 10:51 AM on May 21, 2006

Sign the card, and then in the corner, write SEE ID PLEASE.

If you sign the sales draft with a signature that matches the signature on the back of your card, and there is no other reason to suspect fraud, the merchant is prohibited from asking for your ID, regardless of annotations added by the customer. So this really doesn't mean anything.
posted by grouse at 11:17 AM on May 21, 2006

birdherder-it's never been a problem, they always just print out a paper receipt for me to sign. I assume they have to have a back-up procedure in place in case the little box is broken anyway.
posted by evariste at 12:52 PM on May 21, 2006

Response by poster: Ok, so far we've learned:

Digital signatures probably ARE saved somewhere on most if not all systems.

The degree of security of digital signature capture is unknown.

Depending on the store, the paper-copy system may be very insecure.

Some people don't bother signing their real signature,

But it doesn't matter anyway since most retailers don't check for it.

And in the end, signatures for credit card purchases seem more like a formality, so it doesn't really matter what you do.

...and my general take on it is if someone *wants* your signature bad enough and plans to do illegal things, they're probably just going to forge it anyway. If you are involved in an identity theft case or there is a disputed charge, the signature might come into play, but as a pre-emptive means of deterring theft, it doesn't do much good. Which might suggest you should always use your real signature so there isn't any confusion if you do have to prove a case of identity theft (bank:"it looks like your typical signature- just a horizontal line." you:"no, that wasn't me!")
posted by starman at 1:30 PM on May 21, 2006

A few months ago I had a harrowing Wal-Mart shopping experience. I used the self checkout line and signed the little box with IH8Wal-Mart.

Pretty much every time I pay at Wal-Mart now, a screen comes up directing the cashier to check the signature with the one on the back of my card.

I guess Wal-Mart just doesn't want to know if you hate them.
posted by Sheppagus at 8:22 AM on May 22, 2006

« Older a country between us   |   Suffrin' Safari Newer »
This thread is closed to new comments.