Georgian Electronic Scientific Journal: Computer Science and Telecommunications 2005 | No.1(5) 18 Visually & digitally signed Smart card Nazar Elfadil College of Engineering, Sultan Qaboos University Muscat, Sultanate of Oman. Tel: +968-9523864, Fax: +968-513454.Email: gazoli@mailcity.com or nazar@squ.edu.om Abstract This proposal develops the concept of integrating a smart card and visual and digital signature into an overall PKI in Oman. The purpose of this proposed solution is to fulfill the cultural gap between traditional digital signatures and current smart card digital certificate/signature through the integration of culturally relevant built-in features for increasing the acceptability of digital signatures and smart cards in global egovernment, while maintaining the security features of current digital signature/certificate schemes. The paper contribution will be mainly in two areas; namely: modified the X.509 authentication information extension, and added the visual and digital signature capability. Keywords: e-commerce, digital signatures, digital certificates, security, verification, and smart card.1 1. Introduction Nowadays, the shift towards e-commerce is an inevitable trend. Digital signatures [1] are designed in e-commerce to fulfill the functions of traditional signatures for authentication, data integrity, and non-repudiation purposes. Historically, documents always relied on a recognizable visual stimulus for verification. However, one of the primary problems with current digital signatures is that a digital signature does not “feel” like or resemble a traditional signature to the human observer, as it does not have the same sense of visualization. Because digital signatures are appended to a document as a stream of binary data. These binary data are then displayed in a hexadecimal nature form which appears to the average user as a long incomprehensible string of random characters offering no sense of identity or ownership. Moreover, digital signatures change each time they are applied, unlike traditional signature that are constant personal identifiers associated with individual signatories to facilitate verification. The current digital signature overlooks the importance of visualization and sense of personal identity and ownership in many cultures. To overcome the cultural gap between the traditional signatures and digital signatures, this work investigates signature cultures in the context of digital signatures, identifying the need to develop a new culturally friendly, visual digital signature that could be imbedded into smart cards. The purpose of this work is to increase the acceptability of digital signatures and give a sense of trust to a normal user using the system in global e-commerce while maintaining the security features of the current digital signature by using extra biometrics features that embedded into smart card. 1.1 Digital Signatures with Cultural Issues Fillingham [2] believes traditional signatures will not be completely replaced by digital signatures, given the limitations of digital signatures. These limitations include for instance, long-standing retention issues in terms of the deterioration of the associated storage media, obsolescence of the data format and the evolution of cryptographic algorithms, related standards and certificate validation. He also maintains that digital signatures will never be used in ceremonial or historical events, although this may be accepted. Lutterbeck [3] states digital signatures fail to meet high