Important Notice:
These guidelines or any or all additional documentation or examples do not constitute a warranty about the performance, security, or legal acceptability of SigPlus software in any specific use or implementation. To the extent that SigPlus is used to achieve regulatory or other specific objectives within an industry, you must consult competent experts or regulatory officials together with your own plan to achieve your desired business objectives using the Topaz tools
Statement regarding patents, and warning against modification of Topaz products:
Topaz products are covered under US patent 6,307,955. Patent work is ongoing. Use of Topaz's products in accordance with our instructions, to the best of our knowledge, does not infringe any patents. However, be aware that there are many patents out there, and modification of our products, or use of our products for other than their intended purpose, could run afoul of these patents. It is the responsibility of Topaz customers to honor relevant patents. U. S. Patent Nos. 5,120,906; 5,195,133; 5,227,590; 5,297,202; 5,322,978; 5,544,255; 5,647,017; 5,818,955; 6,064,751; 6,091,835; 6,381,344; 6,539,363 and others are patents that users of Topaz products should consider if modifications are to be made to our products or if our products are to be used for other than their intended purpose. These patents may be obtained at http://www.uspto.gov. Only as examples, without first considering these patents, you should refrain from storing within the signature information (.SIG file or .SIG data):
1. A reason for signing or a statement of importance of the signature together with a set of measurements relating to the handwritten signature and either an indication of the signatory or means for comparing said measurements with a set of statistics of a genuine signature to obtain a similarity score.
2. A visual representation of a signature together with a document checksum, , or receipt, and the claimed identity of the signatory.
3. A set of measurements relating to biometric information together with a document checksum, hash, or receipt, and the claimed identity of the user.
The foregoing statement is not intended to be an interpretation of the patents or their application to any particular product or implementation.
It may be possible that Federal (FDA) and state digital signature regulations become violated if techniques in 1, 2, and 3 above are employed, so rest assured, Topaz software does not do any of them. Note the information below:
1. The FDA regulations state that "Signed electronic records shall contain information associated with the signing that clearly indicates all of the following ...printed name ... date and time ... The meaning ...". (see FDA guidelines section 11.50) The FDA regulations treat electronic records and electronic signatures as different entities (Section 11.70). Therefore, you should refrain from modifying the Topaz system on your own to store any of the name, date and meaning data in the signature file.
2. State regulations such as CA code of Regulations, Title 2, Division 7, Chapter 10 for example, require that the signature be bound to only the single message that is signed and not to any other message. Therfore you should refrain from modifying the Topaz system on your own to place a checksum in with the signature data and then adding other information in with the signature, and then encrypting them to a secret key. If your were to modify the Topaz system to do this, you would be binding the signature to multiple-messages which is prohibited by the state regulations.
3. State regulations require that the signature data be capable of verification by a forensic document examiner. (CA regulations paragraph 220003(b)(3)(B) for example). Some of the techniques in 1-3 above appear at odds with "lengthy process of handwriting analysis" required by state regulation (see state of CA FAQ section). With the Topaz system, you are assured of the most accurate forensic handwriting analysis results, since the Topaz .SIG file is saving all of the original signature data.
In addition, there are potential security and refutability issues if too many things are crammed in with the signature. Leave the document data, reason for signing, receipt, and identity information in the document as SigPlus is designed to work, and as complies with FDA and state regulations. That way, the signature is bound to all of the data, not just to part of the data. It is very easy to create all kinds of standard image files of the signature using SigPlus software. Please contact the factory if you have any additional questions or would like more information about your rights concerning patents as a customer or developer using Topaz products.
Important Notice:
This software or any or all additional documentation, guidelines, or examples do not constitute a warranty about the performance, security, or legal acceptability of SigPlus software or the SigPlus control in any specific use or implementation. To the extent that SigPlus or SigPlus are used to achieve regulatory or other specific objectives within an industry, you must consult competent experts or regulatory officials together with your own plan to achieve your desired business objectives using the Topaz tools.
_____________________________________________________________________
Copyright 1995 - 2005, Topaz Systems, Inc. All Rights Reserved, Patent Pending
Topaz Systems, Inc., 650 Cochran Street, Unit 6, Simi Valley, CA, USA, 93065
Phone: 805 520-8282 Fax: 805 520-0867 www.topazsystems.com