Hacker
Professional
- Messages
- 1,044
- Reaction score
- 813
- Points
- 113
This article was written for educational purposes only. We do not call anyone to anything, only for information purposes! The author is not responsible for your actions.
The collection of biometric data is now actively developing. Banks collect and transmit biometric data of their clients to the Unified Biometric System (UBS) only at the request and consent of the client. With its help, you can use banking services remotely: open accounts, transfer money from one card to another, receive other services. What is biometric data? Each person has unique physical characteristics. Some of them are obtained from birth - DNA, fingerprints, hand geometry, vein patterns, iris. Others are acquired over time and can change throughout life - gait, voice intonation, signature. All these characteristics are not repeated in any of the inhabitants of our planet, which means that a person can be identified by them. How it works? Banks usually record the client's voice as biometric data, take a photo of the face, then a special program reads the distance from the nose to the eyes, from the nose to the lips, which is individual for each person. It is also possible to record fingerprints, drawing of the veins of the palm, retina and others. If the bank does not have a biometric standard, then it is impossible to identify you. One of the parameters is not enough to identify a client: it is always a symbiosis of data, for example, a face and a voice, and when recording a voice, not one "yes", "ready", "agree" and other words are used, but a special sequence of phrases, numbers, and so on.
This is a unique key that cannot be counterfeited. Access to money by voice and face Recently, there has been a surge in the activity of fraudsters who, in order to increase customer confidence, use tricks in the form of copying the tone and script of the client manager's conversation, substituting a phone number that will be identified in the smartphone as a bank number. Banks are obliged to inform their customers about security rules and possible threats, attacks and other incidents that could potentially cause financial damage. Forewarned is forearmed. But communication is important not only for customers. Raising customer awareness of the rules for the safe use of electronic means of payment lowers the fraudsters' chances of success, which, in turn, increases trust and loyalty to the bank. Arming customers with instructions for action, the bank creates conditions under which it can receive signals about such threats as quickly as possible, localize them and take action. Can fraudsters get a loan? Biometric algorithms are much more difficult to deceive than humans. The unified biometric system has a very high recognition accuracy - it will only allow one person in 10 million to pass. Do not forget that additional security is guaranteed by an account on "Gosuslugi". So it is almost impossible to open an account remotely using biometrics in your name.
If the system made a mistake and took a person for another, and the bank issued a loan: who is responsible? The unified biometric system has a recognition accuracy of over 99.99%. Considering the need for preliminary verification by login and password from the State Services, the system identifies a person much more accurately than other existing methods. But at the same time, biometrics is not the only factor by which banks decide to open an account for a particular client. The unified biometric system sends the bank the percentage of similarity between the biometrics of the person applying for the service with his template. In addition to biometrics, the bank uses scoring procedures, KYC, etc., making a decision based on a combination of all factors. Thus, the responsibility for making the decision falls on the bank. Can I delete my data from the system myself? Yes, this can only be done on the "Gosuslugi" portal or directly contact Rostelecom. However, if you want to receive any services again using biometrics, you will need to submit the biometrics again. Is it safe to use biometric data? How are they protected from scammers? Biometrics is a much more advanced financial protection system than PIN codes and SMS from a bank. Scammers cannot steal your face, voice and fingerprints. The biometric systems themselves are also always seriously protected from hacking, theft and data forgery. Information is stored in closed systems, access to which is limited. For example, biometric data for remote identification is encrypted and stored impersonally. The collection of biometric data is allowed only with the consent of the person. For example, at the visa application center you will be asked to sign the corresponding application. The same goes for banking services. In the financial sector, for reliability, multifactor authentication is most often used - that is, according to several criteria.
For example, a PIN or one-time password plus biometrics. Attackers will not be able to fake the client's video because the user is asked to pronounce a unique combination of numbers. To use the system, the client first needs to leave a reference voice recording in the bank. Shopping in a cafe at a glance, transfers literally with one finger, loans and deposits without leaving the couch have already become available, but not everywhere. It will certainly take some time before biometric technologies are used even in the smallest stores in all regions. At the very least, for this you need to have the Internet throughout the country. How to protect yourself? In order not to become a victim of fraudsters, I advise you not to enter into a conversation with unknown persons who call you on the phone on behalf of employees of banks, other financial or government agencies. Call the official bank number and check if everything is in order with your account and card. Even if a familiar bank number is displayed on your phone, in no case make a call back to it. Basic security rules to counter phone scammers: Be wary of any calls from people who claim to be bank employees. The real representative will not object to the end of the conversation, and the fraudster will do his best and will not disdain psychological tricks to continue the conversation; invent a code word in such a way that it is convenient to pronounce it in public places (so that it is difficult for others to understand that at the moment you are pronouncing the code word); do not follow dubious links from SMS or messages in messengers; under no circumstances should anyone and never share CVV and one-time codes from SMS or push notifications; in case of any suspicion, immediately hang up the phone and call back to the bank yourself at the number indicated on the back of the card. Should I take biometrics or not? In theory, this is a voluntary procedure, but bank employees can disguise it as mandatory. To hand over or not is twofold. This is convenient: many transactions can be confirmed without a physical visit to the bank. It should also be understood that in the next 15 years everything will change a lot and perhaps already in 2035 we will pay for purchases only with a glance: to confirm the operation, you will just need to look and nod at the camera. Do biometrics need to be updated? A biometric template is not permanent. Its shelf life is three years. Due to the fact that the face and voice change over the years, be prepared for the fact that after three years you will again have to come to the bank and retake your biometrics.
The collection of biometric data is now actively developing. Banks collect and transmit biometric data of their clients to the Unified Biometric System (UBS) only at the request and consent of the client. With its help, you can use banking services remotely: open accounts, transfer money from one card to another, receive other services. What is biometric data? Each person has unique physical characteristics. Some of them are obtained from birth - DNA, fingerprints, hand geometry, vein patterns, iris. Others are acquired over time and can change throughout life - gait, voice intonation, signature. All these characteristics are not repeated in any of the inhabitants of our planet, which means that a person can be identified by them. How it works? Banks usually record the client's voice as biometric data, take a photo of the face, then a special program reads the distance from the nose to the eyes, from the nose to the lips, which is individual for each person. It is also possible to record fingerprints, drawing of the veins of the palm, retina and others. If the bank does not have a biometric standard, then it is impossible to identify you. One of the parameters is not enough to identify a client: it is always a symbiosis of data, for example, a face and a voice, and when recording a voice, not one "yes", "ready", "agree" and other words are used, but a special sequence of phrases, numbers, and so on.
This is a unique key that cannot be counterfeited. Access to money by voice and face Recently, there has been a surge in the activity of fraudsters who, in order to increase customer confidence, use tricks in the form of copying the tone and script of the client manager's conversation, substituting a phone number that will be identified in the smartphone as a bank number. Banks are obliged to inform their customers about security rules and possible threats, attacks and other incidents that could potentially cause financial damage. Forewarned is forearmed. But communication is important not only for customers. Raising customer awareness of the rules for the safe use of electronic means of payment lowers the fraudsters' chances of success, which, in turn, increases trust and loyalty to the bank. Arming customers with instructions for action, the bank creates conditions under which it can receive signals about such threats as quickly as possible, localize them and take action. Can fraudsters get a loan? Biometric algorithms are much more difficult to deceive than humans. The unified biometric system has a very high recognition accuracy - it will only allow one person in 10 million to pass. Do not forget that additional security is guaranteed by an account on "Gosuslugi". So it is almost impossible to open an account remotely using biometrics in your name.
If the system made a mistake and took a person for another, and the bank issued a loan: who is responsible? The unified biometric system has a recognition accuracy of over 99.99%. Considering the need for preliminary verification by login and password from the State Services, the system identifies a person much more accurately than other existing methods. But at the same time, biometrics is not the only factor by which banks decide to open an account for a particular client. The unified biometric system sends the bank the percentage of similarity between the biometrics of the person applying for the service with his template. In addition to biometrics, the bank uses scoring procedures, KYC, etc., making a decision based on a combination of all factors. Thus, the responsibility for making the decision falls on the bank. Can I delete my data from the system myself? Yes, this can only be done on the "Gosuslugi" portal or directly contact Rostelecom. However, if you want to receive any services again using biometrics, you will need to submit the biometrics again. Is it safe to use biometric data? How are they protected from scammers? Biometrics is a much more advanced financial protection system than PIN codes and SMS from a bank. Scammers cannot steal your face, voice and fingerprints. The biometric systems themselves are also always seriously protected from hacking, theft and data forgery. Information is stored in closed systems, access to which is limited. For example, biometric data for remote identification is encrypted and stored impersonally. The collection of biometric data is allowed only with the consent of the person. For example, at the visa application center you will be asked to sign the corresponding application. The same goes for banking services. In the financial sector, for reliability, multifactor authentication is most often used - that is, according to several criteria.
For example, a PIN or one-time password plus biometrics. Attackers will not be able to fake the client's video because the user is asked to pronounce a unique combination of numbers. To use the system, the client first needs to leave a reference voice recording in the bank. Shopping in a cafe at a glance, transfers literally with one finger, loans and deposits without leaving the couch have already become available, but not everywhere. It will certainly take some time before biometric technologies are used even in the smallest stores in all regions. At the very least, for this you need to have the Internet throughout the country. How to protect yourself? In order not to become a victim of fraudsters, I advise you not to enter into a conversation with unknown persons who call you on the phone on behalf of employees of banks, other financial or government agencies. Call the official bank number and check if everything is in order with your account and card. Even if a familiar bank number is displayed on your phone, in no case make a call back to it. Basic security rules to counter phone scammers: Be wary of any calls from people who claim to be bank employees. The real representative will not object to the end of the conversation, and the fraudster will do his best and will not disdain psychological tricks to continue the conversation; invent a code word in such a way that it is convenient to pronounce it in public places (so that it is difficult for others to understand that at the moment you are pronouncing the code word); do not follow dubious links from SMS or messages in messengers; under no circumstances should anyone and never share CVV and one-time codes from SMS or push notifications; in case of any suspicion, immediately hang up the phone and call back to the bank yourself at the number indicated on the back of the card. Should I take biometrics or not? In theory, this is a voluntary procedure, but bank employees can disguise it as mandatory. To hand over or not is twofold. This is convenient: many transactions can be confirmed without a physical visit to the bank. It should also be understood that in the next 15 years everything will change a lot and perhaps already in 2035 we will pay for purchases only with a glance: to confirm the operation, you will just need to look and nod at the camera. Do biometrics need to be updated? A biometric template is not permanent. Its shelf life is three years. Due to the fact that the face and voice change over the years, be prepared for the fact that after three years you will again have to come to the bank and retake your biometrics.
