Over the past couple of years in Russia, the topic of biometric identification of citizens has been in the focus of public and
В частности, Центробанк уже довольно давно endeavors to encourage banks to use such identification systems. Banks are trying: for example, Sberbank has deployed a pilot zone in Moscow with ATMs capable of recognizing a client by face. The benefits seem obvious: for example, to open a deposit, you do not need to worry about having a passport, you just have to come to the branch and present yourself, and when communicating with an ATM you do not need a plastic card.
What is biometrics?
Commonly known examples of biometric data arecharacteristic patterns of the iris or papillary lines on the fingertips. However, it is worth noting that biometrics includes not only physical, but also behavioral indicators, such as gait or individual characteristics of typing on a keyboard.
However, whatever type this data may be,they are in any case inseparable from a person and therefore can guarantee a very high reliability of the identity document - provided that the readers are difficult to deceive. In general, biometric equipment is now developing in this direction, increasing resistance to photographs of faces and fingers printed on 3D printers.
Main requirements for biometriccharacteristics can be called "three U": versatility, uniqueness, stability. In other words, in order to become a criterion for personality recognition, each person must have a parameter, be different in each case, and remain relatively unchanged over time. There are several related requirements: for example, the characteristic must be easy to measure, including the public acceptance of the procedure.
There are GOSTs for the following methods:
- fingerprint image,
- face image,
- image of the iris of the eye,
- image of the vascular bed,
- hand contour geometry,
- signature dynamics,
- DNA data.
In addition to these methods, a number of others are known or discussed, including quite exotic ones:
- sound of voice,
- retinal image,
- facial heat map,
- individual character of typing on the keyboard.
What are the problems with biometrics?
At the same time, the method has its drawbacks.Thus, a notable theoretical problem is the uniqueness requirement, which, according to some measures, cannot be fully satisfied. In this regard, two concepts are introduced: false acceptance rate (FAR) and false rejection rate (FRR).
The first parameter reflects the probability that, based on user A’s data, user B will be identified/authenticated - for example, as a result of a match between their indicators.
The second parameter is, on the contrary, the probabilitythe fact that the system does not recognize the user, considering him an unauthorized person. According to some reports, if the average FAR for fingerprints is 0.01%, then for the face and voice (the very parameters that will be used by domestic banks) it can reach 1-2%. That is why there is an opinion that biometrics is not suitable for mass adoption: if one authentication attempt out of a hundred ends in unauthorized access, then nationwide this will result in millions of incidents.
The practice of using biometrics in Russia:
Historically, the first form of work withBiometric data can easily be called the collection of information about offenders as part of the work of law enforcement agencies. Fingerprints, for example, are classic evidence in crime investigations. When working with suspects and convicts, law enforcement agencies record a person’s height and characteristic features of his appearance.
Moreover, if in conventional biometric systemsthe data are depersonalized, then here, on the contrary, an exact connection of the measured parameters with a specific person is established. In the previous section, considering the legislation on personal data, we noted that in connection with the administration of justice or operational-search measures, the consent of the subject for the collection of biometric PD is not required; these provisions emphasize the special nature of such information.
Mentions of biometrics in our reviewlegislation began with foreign passports. Indeed, the main document of a Russian citizen abroad remains to this day one of the main areas of application of biometric technologies. A microcircuit in such a product can store not only general information about the owner (for example, name, photograph, etc.), but also a pattern of the iris or a fingerprint.
Strictly speaking, a passport with biometrics is notis mandatory, but people are trying to stimulate people to obtain just such a document - in particular, doubling its validity period. There are sometimes concerns about the reliability of biometric passports and their resistance to counterfeiting, as well as the ability to read data remotely; however, in general, it can be said that identity card using biometrics is more credible - to the point that some countries are ready to allow entry only for this type of document.
What can you do with biometrics in Russia?
- remote registration in banks
- open your account, make a deposit or apply for a loan
- pay for purchases in some stores, coffee shops and gas stations
- withdraw money from an ATM.
Why do Russian banks collect biometrics?
Working on a storage and use systemdata began back in 2017. On July 1, 2018, the Unified Biometric System was launched - a database in which citizens’ biometric data is stored. At the same time, several large banks began accepting biometrics - Sberbank, Alfa-Bank, VTB, Post Bank, Raiffeisen and others.
The developer and operator of the system isRostelecom - it processes data and ensures its secure storage. Now you can submit a voice recording and facial image to the biometric system. Using this data, you can identify a person both in the department and remotely - for example, by phone or through a mobile application. Perhaps in the future other parameters will be stored in the system - fingerprints or iris images.
Biometric system should make work easierbanks and the process of issuing financial products for their clients. Now, to determine the identity of a client, it is not necessary to require a passport - it is enough to match the voice and face with the records in the database. A bank customer can order any of his products - for example, a deposit or a loan - at any time and anywhere by phone or in the Internet bank. Banking services will become more accessible to people from remote regions where the choice of banks is limited or absent.
How to pass biometrics?
Find out where in your city you can cast your voteand face, you can use a card on the Central Bank website. Here you can find a list of bank branches with addresses and opening hours. The list is constantly expanding, new branches and banks appear in it.
To submit your data you only need a passport,SNILS and account on State Services. After you sign consent to processing, the bank employee begins collecting biometrics. The process consists of recording a voice and an image of a face. At the first stage, you need to read the numbers out loud three times, for example, from 0 to 9, then from 9 to 0, and in random order. At the second stage, the employee takes a photograph of the face as if it were a passport.
Please note that biometric collection may vary from location to location.
Is it safe to take biometrics?
Immediately after the first news about the beginning of the collectionWith biometrics banks, people appeared who began to doubt the reliability of their data storage. On the one hand, they feared that fraudsters - including dummy people in banks - could use holes in the system to apply for loans to outsiders. Others fear that the system will not be able to correctly recognize a person due to changes in voice (for example, with a cold) or in appearance (for example, after plastic surgery or injury).
The EBS developers take these issues into account andtry to keep them to a minimum. Biometric data are recorded in the EBS without reference to personal ones - full name, age, passport number and series, SNILS number and others. For their safe storage, modern encryption tools certified by the FSB and FSTEC are used. Information transfer occurs via secure communication channels. Voice and facial image are checked simultaneously for many different parameters. According to Rostelecom experts, the probability of an error is 1 in 10,000,000.
Of course, already now you can quite accuratelysimulate the appearance of any person and even fake his voice. To recognize and dismiss imitations, the EBS introduces additional methods of identity verification. She pays attention to facial expressions, camera position, intonation and other parameters that can indicate that the client himself is accessing the system, and not imitation. Sometimes you will need to answer security questions or take additional actions, such as touching your earlobe. This will additionally confirm the fact that a real person interacts with the system.
Read also:
There may be universes in black holes. We tell you about the new discovery
On day 3 of illness, most COVID-19 patients lose their sense of smell and often suffer from a runny nose
Research: 15 million tons of microplastics found on the ocean floor