Major Russian banks, among them Sberbank and Binbank, in the next 2 years plan to introduce biometric identification of clients (by fingerprints; retina; identification photograph; voice authorization). About this “news” told in credit institutions.
Official representatives of Sberbank said that the Bank is exploring different means of biometric customer identification and their applicability in various service channels.
— Currently the Bank is implementing a project for students — a service that allows you to pay for meals in the dining room and to go to school identify on the palm, — explained in the state Bank. — Payment is due to “lock-in” the palm of the child to the parent’s card. In the moment of touching the special sensor to the palm of money debited from the account. In this case, parents receive an SMS with information about what the child ate, — a healthy lunch or sweets.
Head of digital business unit of the Bank Dmitry Kashtanov said that the Bank will combine proven security and innovation, which is not yet very common.
— Let’s start with biometrics in mobile applications, because it helps customers to conduct identification and authentication, and also use a smartphone “without hands,” — said the expert. — Identification of clients on the retina of the eye is also in the plans of the Bank, but it’s not a priority. Probably need to start with a voice authorization and facial recognition (photos).
Dmitry Kashtanov pointed out that the Bank is not planning to introduce biometric method of payment for goods/services due to poor infrastructure in the country and low demand from customers.
Citizens do not trust this method of payment, — the expert explained. Plus of this method is speed. Cons — errors in recognition. Risks — fraudsters, such as when a crook grabbed a copy of your fingerprint. Of course, vendors of such devices provide protection against copies, but nonetheless the risk of challenge of such an operation is great.
Strategies of banks expect that in the future, biometric data will be attached to the customer’s account (debit/credit), and payment of goods/services will be the same as for contactless cards (Visa PayWave and Mastercard PayPass) or smartphones with NFC chips. In this case, the POS terminal citizens will put a finger (or look in the device scan of the retina), the purchase amount will be deducted from the account.
Biometric technologies are used in the world for a long time (in forensics, when issuing visas and passports), their application in the financial sphere is a promising direction, given that we live in the era of smartphones. According to expert estimates, about 50% of Americans in control of his financial transactions with your smartphone using biometrics, and in European countries the average use of mobile banking among mobile phone owners is 41%.
The head of the Zecurion Analytics Vladimir Ulyanov sure that the penetration of biometric identification in the banking system of Russia prevent recognition errors, change of biometric parameters (for example, a finger injury could prevent correct determination of the fingerprint), the risk of fraud (talking about those same fingerprints is models, copies and even dead fingers), but the most important is the psychological factor.
— Most people relate to biometric authentication with a huge grain of salt — said Ulyanov. — The logic is roughly this: I’m not a criminal, why should I leave your fingerprints or photographing the retina of the eye? Where and how they will use my data? Big brother is watching us!
According to Vladimir Ulyanov, biometric data is stored in electronic form, they do not need to buy new servers or modify your storage.
— Therefore, common elements of protection is the encryption of databases of biometric data, the delineation and control of access and prevention of leakage by persons who have access to this data, the spokesman said.
According to the Deputy head of the laboratory of computer forensics and malware research Group-IB Sergey Nikitin, any biometric identifier can serve as only one element of the system of protection, in any case not the only one.
— We leave their fingerprints, we say, and our eyes are available for photographing. Even modern cameras allow to take a picture of your fingers with sufficient resolution for the forgery of fingerprint — said Nikitin. — Even after turning off the iPhone when it is turned on, except mark, will need to enter a code or password to unlock.
Leading expert on information security InfoWatch Maria Voronova agree that the best option is the use of multifactor authentication.
For example, if you pay a small amount (which is not critical to lose) — only print (for payments on contactless cards — 1 thousand roubles), for large transactions — fingerprint and password (PIN) or SMS validation or the use of biometrics in conjunction with any electronic media, — says Maria Voronova.