RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
2021/10/27 16:21:31

Commercial biometric systems in Russia

Content

Biometric identification (Russian market)

Unified Biometric System (EBS)

Main article: Unified Biometric System (EBS)

2021

Mishustin allowed taxi and car sharing to collect biometric data of drivers

In October 2021, Prime Minister Mikhail Mishustin signed a decree of the Government of the Russian Federation, which approved a list of cases in which non-financial organizations will be able to collect and process personal biometric data of individuals in information systems.

As Vedomosti writes with reference to this document, published on the official portal of legal information, the authorities allowed to collect biometrics when passing into the territory of organizations and participating in meetings of a civil law nature, with the exception of cases related to the military-industrial, fuel-energy and transport complex. In this list, taxi and car sharing services are separately mentioned.

Mikhail Mishustin allowed taxis and car sharing to collect biometric data of drivers

The publication interviewed market participants. Yandex reported that the company will analyze the possibilities of biometrics for taxis and car sharing. The representative of BelkaCar believes that the use of biometrics can simplify the registration process, but integration can be difficult. The Maxim taxi plans to identify drivers in the biometrics application.

Gett in Moscow has been operating the KIS "ART" system for more than two months, which ensures that drivers do not recycle and undergo a medical examination. To do this, they hand over "data that allows them to identify" and minimize the use of fake documents.

The Ministry of Digital Affairs assured that the government decree describes the situation when taxi or car sharing owners, on their own initiative, use commercial biometric systems. They will be able to provide biometric identification services only if there is accreditation for compliance with information security requirements and the storage of biometric personal data. It will be carried out by the Ministry of Digital Affairs from 2022.[1][2]"

Ministry of Digital Affairs to extend biometrics collection standards to banking systems

On August 18, 2021, it became known about the plans of the Ministry of Digital Affairs to extend the standards for collecting biometrics to commercial systems. So far, requirements are imposed only on those who enter information into the Unified Biometric System (EBS).

According to Kommersant, the Ministry of Digital Affairs has prepared a draft government decree that establishes requirements for collecting data in the EBS and extends it to "other information systems that ensure identification using biometric personal data."

Ministry of Digital Affairs plans to extend biometrics collection standards to banking systems

Data-gathering companies will have to coordinate with the Ministry of Software, the model and type of equipment for data collection and storage. It must be certified by the FSTEC, and the relevant employee must confirm his authority with an enhanced qualified electronic signature.

In addition, the document regulates the process of data collection. In particular, the image should include the entire head of a person, including the ears, the facial expression should be neutral, retouching and framing of the photo are not allowed, there should be no foreign objects, highlights and shadows on the image. When recording a voice, a person will have to read the text in Russian, while the voice should sound normal, that is, without unnecessary intonations, there should also be no diseases that affect the sound of the voice.

Any company collecting biometric data for identification falls under the new regulation, explains the executive director of the Big Data Association (unites Yandex, Mail.ru Group, Sberbank, Gazprombank, Tinkoff Bank, MegaFon, Rostelecom, oneFactor, Qiwi, etc.) Alexey Neyman. In his opinion, large business already spends significant resources on ensuring the security of its own systems, as well as on their licensing, but such regulation will add costs to small and medium-sized ones.[3]

Notes