Russia’s CBR Is Setting up a Network of Biometric Data Storage
Russia’s CBR is establishing a network of biometric data storage, with the data collected in the United System of Identification and Authorization (USIA). The Central Bank has published a map where one can search for a local branch to opt in to their biometric data service. This include a voice sample and a 3D facial scan. The “service” is available in more than 100 cities across the country. The announcement first appeared on the Regulator’s official website.
Subscribe to the Bitsonline YouTube channel for great videos featuring industry insiders & experts
Russian Central Bank Wants a Sauron-grade Database
Russian banks started collecting the voices of clients and their facial 3D images at the end of June, sending the data to the United Biometric System (UBS). Such a service will allow citizens to confirm their identity without showing a passport. While significantly invading users’ privacy, the system will allow users to remotely open accounts, place deposits, obtain credit, and perform faster payments within any bank.
At the same time, hackers love such centralized databases, as it is easier for them to break in and steal large packets of personal data. It is not a big secret that personal data is not something valuable to the local government. It is not ready to take care of the leaks. This is especially troublesome for HIV-infected Russians, whose personal data once did become an object for sale.
This is not to mention the recent intelligence scandal where passports of secret agents were found in an open database available on the internet. However, these concerns will not stop the CBR from creating a centralized vault of the most sensitive and expensive information in the world.
Convenient Services in Exchange For Your Liberty?
Such measures look decidedly Orwellian, but do offer a good service. Let’s look, for example, at the ability to pay within any bank using biometric authentication. Imagine an old man entering a bank branch and authorizing his personal safety deposit box with his voice or fingerprint. Sounds cool, eh? But there is a lack of any exploration of questions of privacy, credibility, and the necessity of such identification measures.
Bank accounts are not large metal boxes hidden underground. A four-digit PIN and SMS confirmations are all we need, right?
Still, Russian authorities understand that they cannot waste time anymore with their plans, because cryptocurrencies are gaining in popularity. The government is slowly beginning to understand that. If the authorities don’t act quickly enough to add their citizens to a centralized database, people may realize they can actually reject the established system and use the internet, bitcoin, and other distributed technologies as they see fit.
Bankers Are Not Data Security Experts
It is impossible here to fail to mention the Indian Aadhaar centralized identity system, which managed to leak the biometric data of 130 million people through four different government websites. The service known as “the world’s most enhanced biometric data authenticator” had many problems with the law, hackers, and data breaches.
Handing over the responsibility to store sensitive data to bankers is inappropriate. According to the UIDAI, the Aadhaar database was available for hackers on at least 200 government websites at one point. This is not to mention that local agents were trying to collect data from the company and use the stored fingerprints to locate criminals.
Everything is Already Much Simpler in Crypto
In the world of bitcoin and altcoins, you don’t even have to have a wallet to control your coins–just your private key. Alternatively, one can remember the seed and never write it down on paper. And after two to three days of studying cryptography, you’ll even learn how asymmetric encryption can authorize anything without third-party data exposure.
This is an unprecedented volume of freedom compared to what the Russian Central Bank wants to impose. Interestingly, many experts say the current identification systems work well and there’s no need for a new one.
Identity Handling Using Decentralization
The market of decentralized and secured biometric apps is rapidly being established. Companies like Civic and Microsoft have started developments in this new area of technology.
Using Civic, you can store your personal information in a safe, distributed database. The biometric control is handled using fingerprint scanning technology that is embedded in many top-notch devices, such as SONY Vaio netbooks or iPhones.
The platform provides multi-factor authentication without using passwords, tokens, devices, or third-party apps. It also provides 24/7 US-based online support to help clients resolve problems in case of identity theft. Furthermore, Civic is ready to invest up to $1 million USD to hire the necessary lawyers and similar staff to help you with losses caused by identity theft. This insurance option is available forever, for free, for all clients.
As for a place to store sensitive biometric and other data, Civic uses end-to-end encryption and the data is stored only on your own device, inaccessible to Civic staff or hackers. While the option is not perfect and does not allow for storing voice samples, it looks like there is little need for such deep data collection in a world where secured technologies can be combined to bring sophisticated solutions to the market.
Will Russia’s CBR maintain data security well? Can it offer a new and sustainable way of storing the data? Is there any hope of avoiding the abuse of power concerning personal databases? Let us know what’s on your mind.
Images by Jeff Fawkes, Pixabay