MOSCOW, August 6. /Basereporter.com/. Credit institutions in the implementation of biometrics needs to take into account threats such as spoofing of biometric data of customers and breach of confidentiality. This is stated in the message of Bank of Russia.
“The Bank of Russia established the list of information security threats which banks will have to consider when collection, use and transfer of biometric personal data of its customers. These threats are compromising the integrity of (substitution, deletion), accessibility (blocking transmission) and confidentiality of biometric information about the customer”, – stated in the message.
The relevant list contained in the indication controller which is registered by the Ministry of justice and published on the website of the CBR. The instruction will enter into force after 10 days from the date of its official publication.
The document was developed by the Bank of Russia jointly with the FSB and the Federal service for technical and export control (FSTEC).
The Bank of Russia emphasizes that credit institutions will have to consider possible threats when opening the Deposit or account, credit, money transfer and other services to its customers.
“Given that credit institutions will need to conduct a number of organizational and technical measures to implement the requirements of the instructions, the Bank of Russia has established the postponement of the application of Supervisory measures for non-compliance with these requirements,” – said in the Central Bank.
The mechanism of remote biometric identification began to work in a number of Russian banks with 30 June 2018. Starting today, every customer who came to their offices, to decide whether he wants to spend a few minutes on the voice recording and video person, then to have the opportunity to open a Deposit or take out a loan from any spot of the globe. To appear in the Bank it will only take once to give my biometrics and to sign the necessary documents. After that, the Russians will be able to use mobile apps and Internet banking system as a full-fledged Bank self-service. Moreover, passing the biometrics in one Bank, people will be able to use the services of other banks connected to the platform.
The first remote biometric identification started in the Mail Bank and Sovcombank. Another week is in the Bank “Tinkoff”, Alfa-Bank and Gazprombank. Sberbank will begin collecting customer data by September. By year-end biometrics should appear 4 thousand offices of credit institutions, and the system will be fully deployed by the end of 2019. By 2021, according to calculations of the Central Bank, banks will be able to provide on its base not only financial, but also government services.
The development of the platform remote biometric identification led of the Central Bank and the members of the Association of FINTECH. Technological implementation of the project took over “Rostelecom”, which was to ensure its integration with a Unified system of identification and authentication (ESIA). ESIA already contains the personal data of the majority of Russians, or otherwise use the services of the state. Now it will get access to banks, but to provide public services until they can not meet the requirements of information security of the FSB and FSTEC.