Erasable Ink Scam

Someone goes door-to-door, soliciting contributions to a charity. He prefers a check -- it's safer for you, after all. But he offers his pen for you to sign your check, and the pen is filled with erasable ink. Later, he changes both the payee and the amount, and cashes the check.

This surely isn't a new scam, but it's happening in the UK right now. I've already written about attackers using different solvents to wash ink off checks, but this one is even more basic -- the attacker gives the victim a bad pen to start with.

I thought checks were printed with ink that also erased, voiding the check. Why does this sort of attack still work?

Posted on November 28, 2006 at 12:30 PM • 46 Comments

Comments

gigs94November 28, 2006 1:02 PM

Since [s]he gives you the pin: could it be the ink isn't washable... it's the dry up to nothing kind so [s]he never washes the check. Of course, the signature would dry up to so he would probably have to trace it with real ink before it vanished then wait for the other part to disappear before changing everything else.

AnonymousNovember 28, 2006 1:05 PM

Bruce> Why does this sort of attack still work?

Maybe because banks don't even look at checks any more.

On multiple occasions I've had checks paid by my bank in the wrong amount, despite the correct amount's being clearly written in both the numeric and text field. When I've visited them to fix it they've told me it was an "encoding" error and that it happens all the time. In response to my assertion that, given that correct handling of monetary amount is the primary function of a bank, this kind of error is unacceptable, a shrug.

As far as I can tell, the banks all stick checks in an OCR/scanner machine and that's the end of it as far as they're concerned. If they don't notice an incorrectly "encoded" paymount amount, they certainly aren't doing anything to inspect the security features of the check.

Add to that most banks are delivering only fax-quality electronic scans of the checks (and many are pushing customers to online statements), so the paper record is lost and the electronic one is too degraded to prove to anyone that an alteration occurred.

In this particular scam, if the con refrains from changing the amount, the mark may well never even notice the transgression, since a lot of folks just make sure the amount in their registers matches the amount reported on their bank statements, which is still true if only the payee is modified.

Andre LePlumeNovember 28, 2006 1:07 PM

"Just make the payable to 'Citizens Alliance to Save Humanity', or just abbreviate it. Thanks!"

Steve CNovember 28, 2006 1:15 PM

The checks generally reveal erasure only if the fibers/suface lines are physically distrubed by the physical process of erasing. The ink in this case is bsed on a opto-chemical change and leaves the paper undisturbed except for the initial indentation in the paper due to the pen pressing on it, so felt tips are preferred by these con-artists. Most people would never think about invisible/disappearing ink being in the pen. This is one case where "the paper it is written on" IS more valuable than what is written on it.

Maybe we should make sure the banks checks are printed on this paper instead (lol).
http://hardware.slashdot.org/article.pl?sid=06/...
Just make sure the paper "recycles" faster than the ink!

bobNovember 28, 2006 1:18 PM

Similar concept: people at a checkout signing credit card receipts with their own pens (I typically do so cause its in my pocket and handier for me to get at, as well as to avoid sharing germs) but with disappearing ink.

Of course the credit card companies dont require signatures, they expect you to pay even when they have no signature and a merchant fantasized the transaction, so this scam probably would fizzle pretty quickly.

fraud guyNovember 28, 2006 1:21 PM

They wouldn't even have to trace the signature in the U.S.; almost all banks do not verify signatures on checks under $5,000.00, which would pretty much cover most personal transactions. Once the bogus amount/payee check is cashed, the consumer is responsible for the overdrafts until they can file a complaint. Even if the bank decides to reimburse the customer the amount of the bad check (which is not a certainty, and at least one bank has successfully used the "it's too small of amount" defense for processing checks with bogus signatures under $25K), the downstream effects for the consumer can get pretty severe. The bank has up to 30 days to review the claim, and the consumer is in the meantime trying to cover their legitimate checks and fend off various late/bounce/overdraft fees from those accounts.

In a similar situation, a bank stopped payment on a sizeable check that I had deposited from their consumer, claiming "double posting." What happened was that the check processing bank (which was separate from the depository bank) had posted the payment to the depository bank twice while I only received one payment. The depository bank correctly (in their eyes) issued the stop payment, and the check processing bank, instead of noting the one pay/two post situation, forwarded on the stop payment to my bank. The reason I won that dispute was not because the banks realized their error (because my bank's records of one deposit were not "sufficient proof"), but because they filed the stop payment more than 30 days after the check cleared, and had lost the right to stop payment for that particular reason.

Finally, since most fraudsters can easily obtain commercially available check stock and check printing programs for their home computer, they don't need to go through all this; they can simply obtain account numbers (and preferably a near current check number) and print their own checks.

RealistNovember 28, 2006 2:07 PM

@Bruce
"Why does this sort of attack still work?"

I certinly wouldn;t be surprised to see this work on the "specialty" cheques one can purchase from magazines (the ones that print pictures of your family, special interest themes, etc.) -- as they do not use the same robust security measures as most bank-issued cheques.

RSaundersNovember 28, 2006 2:09 PM

I was the fraud officer at my company credit union in the late 80's. Folks don't fake many checks because they get caught too easily. Not by the bank, by the customer. The bank can't afford to spend (aka waste) resources on verifying checks. It's lots cheaper to have the customers do it. You don't have to worry about scaling to a large number of accounts or about agenda. Each account has its own customer, and they all want to avoid being robbed.

The bank accepts all the checks, the customers complain about the bad ones, you give those customers their money back, as a cost of doing business. No problem. You put the local cops onto the bad checks, and let them pay for the CSI types.

TanukiNovember 28, 2006 2:10 PM

Makes me more and more convinced that the only answer to door-to-door solicitors of any form involves pointing a weapon at them and telling them "get off my land".

Here in the UK there's a big problem with "charity-muggers" - or 'chuggers' - who accost you in the street/mall and try to get you to sign up to making monthly payments to some supposedly-worthy cause. Seems that these slime are operating on front-loaded commission and of the first year's monthly payments you make, the charity sees very little.

Alexandre Carmel-VeilleuxNovember 28, 2006 2:11 PM

A few years ago, a common way of handling checks for banks was to have clerks using a system called TWS (hardware reader and software) to have a human read the amount and the reader OCR the magnetic ink strip and the application would match the amount and strip. This would go into an Oracle database.

Once in the database, a machine called a DP-500 would write the amount on the check in the same OCR font with magnetic ink. The machine would also sort the cheques based on financial institutions.

The hardware was sold and supported by Unisys. Throughput was abour 400-500 deposit envelopes per hours per operator (about 1000 items (cheques, cash, proofs and/or payments) or so).

Joe PattersonNovember 28, 2006 2:54 PM

The thing I'm baffled by is why they would prefer a check? Wouldn't a credit card imprint + CVV be just as good? And I'd imagine that cash would be acceptable, although that would be hard to change the amount of... but it's *cash*. The crook doesn't get as much, but it sure is a lot easier to anonymize.

KevinNovember 28, 2006 2:54 PM

This would not be a problem if banks were 100% liable for fraudulent transactions (much like credit card companies are today).

If I deny authorizing a transaction involving my checking account under any circumstances, the bank should be legally obligated to
1) refund my account immediately, plus pay some fixed penalty percent (5% or so) and
2) reimburse me for any interest or penalties I incurred as a result of this fraudulent transaction.

Of course, it must be illegal to falsely deny a transaction or to instigate a false transaction - both enforced with stiff penalties.

This would quickly eliminate "identity theft" as well as scams such as this stupid check scam.

L8ShiftNovember 28, 2006 3:29 PM

I deposited a computer generated $300 check from a major financial institution into my checking account with a 'blank' deposit slip (maybe not so bright) via a real/live teller. When I checked the deposit receipt later that evening it only showed $100 got deposited. (I did NOt request cash back). I checked my account online and it showed the proper deposit. I've actually refrained from manually writing/printing checks... Maybe 8 checks per yr., else I use plastic

Clive RobinsonNovember 28, 2006 3:36 PM

The place it happened is a little to close to home for my likeing (same place as the Smart Water Bruce bloged about some time ago). So,

"pointing a weapon at them and telling them "get off my land"

Sounds good. Then reality strikes and you realise that the UK has realy severe gun laws these days (still does not stop drive bys though).

@Chuck

"biting hard into my finger and writing in blood"

In the UK all DNA samples are greatfully received, cataloged and put on a Gov computer DB just for the fun of it (or is it kick backs into political party funds...)

gfujimoriNovember 28, 2006 3:37 PM

Why are checks still used, what an outdated technology? There's this thing called wire transfers that can be done via the Internet - even on an unsecured network like the Internet, the protocol is safer, easier, and better.

Davi OttenheimerNovember 28, 2006 3:50 PM

This reminds me of a recent pub incident I had. A woman carrying a can walked through asking for donations for breast cancer.

She wore a tag around her neck and carried a yellow can that just said "Melody".

While many people unwittingly gave her their change, often not even looking at the woman or the can, I felt I had to ask "who or what is 'Melody' -- is that you?"

The woman scowled, said "look it up online" and rushed out of the pub.

So, sure enough, I found it online:
http://www.melody.org.uk/

The site's registered in Dorset "56 St Clements Rd, Boscombe, Bournemouth, Dover, BH1" but has no contact info other than phone and email. Wonder if they are operating out of that warehouse, or the church:

http://maps.google.co.uk/maps?...

I suppose it could be just a variant on the same scam without the need to re-write signed checks...and even if you did write a check to them it would presumably be to "Melody", which seems to have no public records or identity.

Sad how people prey on others' goodwill. That seems to be the real weakness -- human susceptibility to social engineering -- and so the countermeasures are perhaps less about things like pen and paper and more about identity and relationships.

David Dyer-BennetNovember 28, 2006 4:36 PM

I've wondered about the invisible ink issue at house closings. They insist I use their pen, presumably because mine might have invisible ink. But really, why should I trust them any more than they trust me? Because they're a "company"? Yeah, right, pull the other one.

MaltheosNovember 28, 2006 4:53 PM

Modern checks have solid security, but are vulnerable to a "known ink attack". By using a special ink that has a pigment that can be removed by a solvent that has no affect on the check / made non visible easily by chemical means/ that breaks down under UV light( or over time via chemical means) they can bypass the the security measures that are intended to protect against people doing the same thing but versus 'conventional' inks. It is dificult if not impossible for the printers of checks to protect against this without encountering usability issues for the typical user.

The moral of the story is always use your own pens if you are in an insecure environment.

RG3November 28, 2006 5:01 PM

@gigs94

Drying up ink would work fine - I have a friend whose parents have picked up his chequebook by mistake and written out cheques (with their own signature, obviously). The cheques went through (which is how he discovered this) and when he complained, he was told that they don't check the signatures on cheques under £10,000.

Bruce SchneierNovember 28, 2006 8:32 PM

"I've wondered about the invisible ink issue at house closings. They insist I use their pen, presumably because mine might have invisible ink. But really, why should I trust them any more than they trust me? Because they're a "company"? Yeah, right, pull the other one."

That's a good point. The safest option would be to sign twice, once with your pen and once with their pen. But there's already too much signing at a house closing.

Fredrik StaxängNovember 29, 2006 12:54 AM

In the original check case, the person
writing the the check should use their
own pen for amount and payee. But it
should be signed used the accepting
person's pen.

Jarrod FratesNovember 29, 2006 12:55 AM

@L8shift:

This is normal. Most banks will credit you the first $100 of check deposits (or ATM deposits of any sort) each day, and then provide you the full amount when it can be verified. This usually happens overnight, but occasionally will happen mid-day.

MichaelNovember 29, 2006 4:07 AM

I dont want to be rude, but are you still using checks as a payment method in UK and US? This possibility has ceased to exist in sweden many years ago, due to many reasons (high cost, security,...)

Secure transactions with credit card is the solution, not spending time on who to solve a problem with an out-to-date technology

DamonNovember 29, 2006 7:22 AM

Bruce said:
"That's a good point. The safest option would be to sign twice, once with your pen and once with their pen. But there's already too much signing at a house closing."

In house closings, the signator should be suspicious of the printer, not the pen used to sign.

Clive RobinsonNovember 29, 2006 7:28 AM

@Michael

"This possibility has ceased to exist in sweden many years ago"

Yup and if I remember correctly from what I was told six years ago you also have 2% savings tax on capital as well as further tax on any interest earned.

I like cheques for a number of reasons most of which are the same as why I do not like Direct Debit Cards and to a lesser extent Credit Cards.

With a cheque I have a greater degree of legal protection and control, and more importantly verification that can be presented / tested for any legal action (including fairly well understood forensic techniques).

Effectivly the criminal has in the UK to obtain a cheque from your book, and forge your signature, and for most cheques (crossed) also pay it into an account, which leaves two financial institutions liable if a fraud is commited.

Forging the cheque is at best difficult and each is unique (unlike Credit Card slips) and I have control over them.

My signature likewise needs to be forged, which is a bit harder than getting a copy of a four digit pin number.

Also I can put a cheque in the post to companies without endagering anything other than my signiture, which is not true for Credit or Debit Cards.

Electrons still cannot be tested for fraud in any meaningfull maner, and please do not talk about digital signatures most implimentations are not worth the paper their specs are writen on.

To a certain extent the Legal System in the UK still has faith in this concept, of a unique financial instrument endorsed with a persons signature, and it's implicit and testable safe gaurds.

Even these cheques that have had invisable ink used, will still leave evidence that can be tested for fairly easily, and a court will accept that it has been tampered with and is no longer valid. It is then upto the Bank to prove who has commited the fraud.

C GomezNovember 29, 2006 8:06 AM

Obviously, fraud happens, and people get away with it and other people get hurt.

I think...

Several years ago I was the victim of debit card fraud and credit card fraud (just a few months apart). After making a few phone calls, going to the bank to fill out a report, and putting fraud holds on my credit... nothing bad happened. The money was all returned or transactions removed, and I presume the banks or credit company ate the fraud. Perhaps they chased the perps, but probably not, because I was never called to testify.

So, I'm not sure that banks aren't taking 100% liability for it. This was a large national bank chain and a large national credit card company.

ChrisHNovember 29, 2006 9:31 AM

Bruce, My company's bank has cashed a photocopy of a check on several occasions.

The banks don't look at checks anymore and they are not required to keep physical copies either. In fact, the bank is not even required to receive a physical copy of a check (in the US) for cashing. A company (a merchant) can scan your check and send the image of the check to their bank for cashing. The fact that a merchant can cash an electronic image of a check and then destroy the physical check leaves the consumer open to various kinds of fraud.

J.D. AbolinsNovember 29, 2006 10:14 AM

Re: "Just make the payable to 'Citizens Alliance to Save Humanity', or just abbreviate it. Thanks!"
---

In the US, there have been warnings about writing out Internal Revenue Service tax cheques payable to "IRS". The reports claim that criminals can add three strokes to turn the IRS into MRS and, then, add whatever name they want. I am still looking for statistics on how often this has this really happened.

By the way, the IRS->MRS reference can be found on a Uni-ball pen news release concerning identity theft fraud at http://uniball-na.com/main.taf?p=5,8

XellosNovember 29, 2006 2:20 PM

I'm with Clive on the use of checks, but there's one additional factor for me that he didn't mention. I use carbon-copy checks, which provides the dual benefit of giving me a permanent paper trail for record-keeping and vastly upping the bar for fraud.
Not that the actual checks are any more difficult to fake, but given that I packrat receipts and have carbons of the check, it's much more difficult for the bank to make me eat any error/fraud. Nothing similar is available for any electronic method, particularly in the US, since we're sadly behind in all sorts of financial security areas.

SandmanNovember 29, 2006 2:42 PM

In the UK I'm not sure I could notice anyone attempting to use this to defraud me.

My Bank doesn't show the payee on my statement for cheque transactions only the cheque number. Chnaging this would at least make it possible to the qccount holder to detect the scam.How many people check their statements is another question.

Of course in lieu , of this chnage electronic transactions are possiblly more secure. In fact this week I detected a number of fraudalent transactions made on my buisness partner's debit card against our company account - purely becuase I knew he wouldn't have made any purchases from those outlets.

The bank have promised to refund all the fraudulent transactions which is good news. Less good is AFAICT from other web fora it seems to depend on having a good relationship wiht your bank.

jayhNovember 29, 2006 2:59 PM

@michael
"I dont want to be rude, but are you still using checks as a payment method in UK and US? This possibility has ceased to exist in sweden many years ago, due to many reasons (high cost, security,...)

Secure transactions with credit card is the solution, not spending time on who to solve a problem with an out-to-date technology"

Personal transactions are not suitable for credit card, one needs a commercial credit card account to receive payment, and there is a charge of several percent.

Checks are preferrable to cash for individuals because they provide some level of receipt.

jayhNovember 29, 2006 3:01 PM

A while back I received a payment check from my medical insurance company after a review of a claim (normally they pay the doctor directly).

The check looks like it was done in a laser printer or photo copier, because despite plain wording on the check about confirming the color transitions and water mark, there was no such characteristic.

I called to confirm that this was the actual check and not a receipt, and they assured me it was. I deposited it, and it was never questioned.

HermanNovember 30, 2006 4:24 AM

"Why does this sort of attack still work?"

Because Americans still use antiquated stone-age payment systems like checks. What is wrong with cash for smaller payments and direct bank account-to-bank account money transfers for larger sums?
Checks are completely outdated, an anachronism from hundreds of years ago.
And don't get me started on plastic money. Why involve a third party in a transaction involving two legal entities? Said third party certainly doesn't do what it does because they are such nice people. They do it to earn money, increasing the price that everyone (even those that refuse to use credit cards) has to pay. And they collect data which is then totally out of your hands and is sold to anyone willing to pay for it (including the government).
"But it's oh so CONVENIENT!" you say? Yeah whatever.

AnonymousNovember 30, 2006 4:28 AM

> Because Americans still use antiquated stone-age payment systems

Let me correct that statement: Apparently Americans AND Brits....

erasmusNovember 30, 2006 4:55 AM

@Clive Robinson "With a cheque I have a greater degree of legal protection and control, and more importantly verification that can be presented / tested for any legal action"

Spot on, also, as a small trader, you know you have been paid (... yes, I know...)
but the conditions associated with 'new' electronic methods have allowed UK Banks & UK Gov to reduce/externalise their liabilities and costs.
Bet they'll try to charge us for chequebooks next...

perianwyrDecember 3, 2006 11:54 AM

Earlier:

As far as I can tell, the banks all stick checks in an OCR/scanner machine and that's the end of it as far as they're concerned. If they don't notice an incorrectly "encoded" paymount amount, they certainly aren't doing anything to inspect the security features of the check.

Checks are handled in an extremely labor-intensive process.

Checks submitted to a bank go through the bank's proof system, which involves a person in front of a machine typing in totals and verifying them against totals defined by the tellers that take in the checks. Tellers are generally responsible for check security, though proof personnel might notice flaws (as they do look at all fields on the check.) Some large receivers of checks perform their own encoding. Once the proof room is finished with a batch of checks, it goes to the sorter to make sure that said check goes to the clearing facility. Check 21 allowed the post-sorter process to occur electronically, so that the physical checks no longer must be flown to their destination. (This is why you do not get your physical checks back in the mail from the bank like you used to, although I think you can still ask for it in some places.) Once the data reaches the payor bank, the payor bank then transfers funds to cover the check amounts to the payee bank. Accounts on either side are reconciled to match the new balance.

There's a lot more that goes on in checks than a simple OCR (indeed, given how most people write, OCR is almost impossible!) I personally wish we were rid of the things, but that's just because I look at all the payroll that goes into processing them :)

Daniel MartinDecember 4, 2006 1:59 PM

At my Real Estate closing, a representative of the abstract company (at whose offices the closing was held) had an unopened bag of cheap ballpoint pens that they opened when all the signing was going to begin and then passed out to everyone. I thought it was just good planning for details, but now I wonder if it wasn't done to prevent this "what about invisible ink?" issue.

DaedalaDecember 4, 2006 2:19 PM

I have lots of erasable ink pens. Most are like felt-tip markers. They're for marking fabric while sewing. The ink disappears through water, heat, or simply air exposure.

bradJuly 28, 2009 2:35 AM

i have reason to believe my ex wife got me to sign a document to change my daughters name and used disappearing ink to do it, i say this because the document i signed in front of a notary was just to add a middle name to my daughters name, which would give her four names, now after we have gone to court about this that same document shows three names, with the difference being her last name which was changed to my ex wifes boyfriends last name, is there any way to detect if she used disappearing ink that day? Please someone answer it will mean alot

RogerJuly 28, 2009 5:57 AM

@brad:
First, the scenario you present is kind of puzzling, because in most US jurisdictions (and indeed elsewhere in the world), the custodial parent does not require the permission of the non-custodial parent to change the name of a minor child. In some cases a court order is required, and the opinion of the non-custodial parent is considered in that case, but it rarely carries much weight. So if you are not involved in the care of your daughter, you are straight out hosed, buddy, and it doesn't matter what you did or did not sign.

Anyway, a forensic document examiner will certainly be able to prove if a document was tampered with in this way. However in a small case like a name change hearing, you may not be able to afford such services.

If the court will allow you to do your own test in court (which they probably won't, as this normally requires that someone be recognised as an expert witness), two simple tests that might work are a UV lamp, and ammonia vapour. The UV lamp is your best bet and might work because many chemicals fluoresce slightly in UV light, so it is a very broad-spectrum test for "something different" to the rest of the paper.

The ammonia vapour may work because the most common type of "disappearing ink" works through an acid-base reaction. The ink is made of a base (usually a weak caustic soda solution) and a special dye. The dye turns blue in the presence of a base, and is otherwise colourless. As the ink dries, carbon dioxide from the air neutralises the caustic soda, so the colour fades. The time taken depends on the strength of the caustic. This can be reversed with anything that is a stronger base than the strength of carbon dioxide as an acid, and ammonia vapour is such a material. It also conveniently does not require wetting the paper.

Even if the judge allows you to try such a test, practice it carefully at home, as they won't be amused if you stink up the place with too much ammonia, which is fairly irritant. And of course, it simply may not work if that isn't the type of ink used.

Clive RobinsonJuly 28, 2009 7:51 AM

@ brad,

First question, did you or the notary photocopy the document you signed?

If so then there is a reasoable chance the changes will be easy to demonstrate by simple visual comparison, not just if the document has been tampered with but also if it is a fake (which is more likley).

Secondly if you can get access to the original, simple visual inspection by tipping through the light etc might be enough to see impressions or differences in surface reflectivity in the paper or show unusuall word/letter spacing indicating that something is "hinky".

The are "traditionaly" two "acid tests" for disputed documents one uses fine powder (like laser printer toner) and an electrostatic charge (called the "esda test") which is the current in vogue test.

The other is much older and simply called the Iodine Vapour test, it was (supposadly) discovered by the FBI and worked on all known secret inks, and due to the re-evaporation of the iodine it (supposadly at the time) was undetectable after use so could be used to check suspect corespondance in transit.

Neither test is particularly difficult to do however there are a whole bunch of gotchers to do with them so proffesional testing by a recognised / accredited organisation is an absolute must.

Importantly the esda test does not work reliably after most if not all latent finger print tests, and in some cases even atmospheric water vapour can diminish it's effectiveness.

Both tests find differences in the surface of the paper that can be caused by many many things (so might obscure what you are looking for).

For instance the Iodine Vapour test is also used to find latent finger prints, so anything that comes up will be under any and all fingerprints in the area of the document you are looking at, or oils or other contaminants even aftershave.

Likewise the powder used in the esda test has a habit of sticking to latent prints and other surface contaminates.

Oddly there is a simple test using various wavelengths of light in combination with filters that can show traces of now invisable to the eye ink or differences in ink fairly readily (looks like a cross between the "lumalite" you see on CSI and a photocopier/scanner).

Then there are other tests such as super glue vapour, and scanning electron microscopy.

Most of these other tests involve damage to the document and are not going to be approved for ordinary use.

However as Roger noted the real question is not if a change can be detected but if it has any value to you.

In theory if you are the biological father in many parts of the world you have to give consent to such things as name changes. However in WASP countries the courts usually align themselves with the biological mother unless there are reasons not to (such as adoption or court orders etc).

If there is a good reason not to align wih the mother such as "flight risk" or the child is not a natural citizen of the country where they are, then there is generaly special provision unless the child is a ward of court for some reason.

Your story sounds odd as why would the mother wish to change the child's name to that of a "boyfriend" technicaly he is not a relation to the child nor to the mother.

So unless the child is living with the boy friend for some reason in an officialy recognised capacity the court should require sufficiently compeling reason to agree to such a change (even if you have signed a consent in the past).

So you need to find out the real reason for why the change is being made before making alegations of document tampering to the court.

This is because the real hurdle you have to jump is one of "credability" if you go around making an allegation of document alteration without sufficient prior proof or sufficient cause then you are not going to do yourself any favours, now or in the future.

The first question you must ask yourself is "are you absolutly sure you signed the document you think you did?"

I'm not questioning your honesty or memory but it would be a lot lot easier and safer for the mother to switch all or part of the document on you just prior to signing or fake your signature than make small in page changes to a document or use disapearing inks.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..