How does the Unified Biometric System
Since the beginning of July, a single biometric system, established by Rostelecom under the initiative of the Ministry of Digital Development, Communication and Mass Communications and the Central Bank of the Russian Federation, has started operating in some banks. In this post we will describe in detail how the new system works, and in the comments we will try to answer your questions related to it.
321 Order of the Ministry of Communications of June 2? 2018
Lists of requirements [/b]
A photo or video camera with a resolution of at least 1280x720 pixels
Equivalent focal length: from 31 to 100 mm when the user is located at a distance of 0.3-0.5 m from the camera; from 28 to 100 mm - at a distance of ???-1.0 m
Automatic adjustment of the white balance should be included
Sources of illumination should create in the face area illumination: for photo-cameras without automatic correction of illumination - not less than 300 lux; for photo-cameras with automatic illumination correction - not less than 100 lux.
The colors of the pixels of the front-end images must be represented in a 24-bit RGB color space, in which each pixel has 8 bits for each color component: red, green and blue;
Rotation of the head should be no more than 5 ° from the front position
The inclination of the head should not be more than 5 ° from the frontal position of
The deviation of the head should not be more than 8 ° from the frontal position of
The distance between the centers of the eyes should be at least 120 pixels
If the distance between the centers of the eye is 120 pixels, the size of the face image should be at least 640x480 pixels
Do not overlap the hair or foreign objects of the face across the entire width from the eyebrows to the lower lip
Only one person should be present in the image; presence of other persons, fragments of other persons is not allowed
The facial expression should be neutral, the mouth closed, both eyes open normally for the user (taking into account behavioral factors and (or) medical diseases)
The face should be evenly lit so that there are no shadows and glare on the image of the face
Do not use retouching and image editing
You can crop the image
In the case of photographing a person wearing glasses, sunglasses and bright light artifacts or flash reflections from the glasses
are not allowed.
The face image must be saved in the .jpeg or .png format; compression code: jpeg (0x00), png (0x03).
For microphone and voice recording:
Condenser microphone without automatic gain control
Signal to noise ratio: not less than 58 dB
Frequency range: from 40 to 1?000 Hz
Sensitivity: not less than -30 dB
The shape of the radiation pattern: omni-directional, cardioid, supercardioid or hypercardioid
Signal to noise ratio for recording: not less than 15 dB
Depth of recording quantization: not less than 16 bits
Recording frequency: not less than 16 kHz
The voice recording must be saved in RIFF (WAV) format
Compression code: PCM /uncompressed (0x0001)
Number of channels in the voice recording: 1 channel (mono)
Do not use noise suppression
The voice must contain the voice of one person
It is prohibited to receive a voice recording by transcoding phonograms recorded with the help of technical means of the public telephone network
The message delivered by the subject must correspond to the sequence of letters and /or digits generated by the information system software of the organ or organization
The voice recording should contain the specified sequence completely and should not be interrupted by
When recording a voice, the emotional-psychological state of the subject should be normal, not excited, without obvious signs of diseases that prevent speaking of the necessary message or capable of disrupting the timbre /sound of the voice
The message mentioned above must be pronounced in Russian
The library for quality control of collected data (BCC) checks and evaluates the samples collected in banks before they are sent to the Unified Biometric System. Using our "Assistant" module to remove biometrics, you can make sure that the necessary conditions are met when photographing. In real time, the "Assistant" evaluates the inclination of the head, the angles of rotation, the illumination, the position of the eyes, and in some cases the facial expressions of the person.
How to use the system
To use the services of banks working with the system, you need to go to the site /application of the bank, authorize through the State Services and agree to the transfer of personal data to the bank, and biometric data - to the Unified Biometric System. Then you need to say the text from the screen - usually it's a random sequence of numbers. To ensure that there is a live person in front of the camera, the system will ask the user to turn his head, wink or smile.
Then the data is transferred to the system, compared with the samples, and if the sample corresponds to the original data, the user starts working with the remote banking system.
About retake of biometric data
Changing the hairstyle, growing a beard, wearing glasses do not affect the person's recognition of the system. However, biometric data must be updated every three years. Early data update is necessary if the user performed a plastic surgery on the face or was injured. You can update the data in all branches of banks that collect biometrics.
On the cost of services for customers and banks
For users, the Unified Biometric System is completely free of charge, while banks pay 200 rubles for each new customer who came using the system. This money is distributed between Rostelecom, the bank that registered the person, and vendors of biometric technologies. This distribution stimulates other banks to actively collect biometrics.
On the access of banks to biometrics
Banks do not have access to biometric data of users, they are all stored centrally in the Unified Biometric System. With remote identification of the client, the bank sees only a percentage of the similarity of the samples and, on the basis of this, decides whether to render the service or not. To enable banks to connect their remote banking systems to the system without problems, we developed a special API.
On the protection of data
We are responsible for the safety and security of users' biometric data. Security Operation Center (SOC) "Rostelecom" constantly monitors the security of the system. Biometric templates are stored in anonymous form in secure storages, separate from personal data, which are located in the databases of federal authorities. Encryption and storage of biometric data fully complies with the requirements of the FSB and FSTEC.
Of course, all biometric algorithms have their shortcomings and weaknesses. That's why we use the multivendor approach: it's possible to crack one algorithm, but maybe when there are several of them and they change all the time, it's much more difficult to do this.
In addition to the fact that the system compares the control pattern with that obtained during identification, it simultaneously starts checking the video with the help of other biometric algorithms. If one or more of them did not identify the citizen, then the "anomaly module" is included in the work: he analyzes the reasons for the discrepancies and sends a notice to the bank when fraudulent activity is detected. This check takes only a few seconds.
A bunch of biometric identification with identification on the site of the State Service is another barrier for intruders. In addition, in the mobile application "Key to Rostelecom" we will protect the communication channel between the client's phone and the database so that information can not be intercepted.
How to use the system
We invite users of Habr to test the Single Biometric System and tell us about their experience. To do this, you need to register the biometric data in one of the departments (the list on the map is Here is ). After successful registration and binding of biometrics to your account on the State Services, you will receive confirmation of the possibility of remote identification. At the moment, you can test it, you can open an account with the Post Bank through their Internet bank or make a loan at Home Credit Bank for goods from online-samsung.ru. In the future, the number of usage scenarios will, of course, increase.
For more information about the system, see order Ministry of Communications on biometric data. Or in the comments - we are ready to answer your questions.
It may be interesting
I am overwhelmed by your post with such a nice topic. Usually I visit your blogs and get updated through the information you include but today’s blog would be the most appreciable. Well done!
Took me time to understand all of the comments, but I seriously enjoyed the write-up. It proved being really helpful to me and Im positive to all of the commenters right here! Its constantly nice when you can not only be informed, but also entertained! I am certain you had enjoyable writing this write-up.