InfoWatch president and co-founder of Kaspersky Lab Natalya
Kasperskaya recommended that Russians not submit biometric
data because of the high risk of leaks. My personal
recommendation: do not submit biometric data in any way, do
not be carried out for convenience. They will be stolen, sold,
merged with almost a guarantee, "she said, suggesting first to
wait for an explanation of" how this data is planned to be
protected, including from their employees. " Biometric data,
unlike any other used for identification, is an integral part of a
person, you have one for life. Unlike the password, phone
number and even surname used now, you cannot change your
face, retina, shape, fingerprints, or ear shape in the event of a
data leak or compromise. That is, this is supersensitive, but at
the same time unchanging data, which is enough to steal once
and for all. Now let's think: in order to identify a person, you
need to store this data somewhere. Where? Obviously in the
database like everything else. Now let's remember how many
leaks from user databases there were over the past year. In the
Russian banking segment alone, there were more than 200 such
cases, and the leaked records - personal and payment data - were
486 million. The number of data leaks in all areas is constantly
and steadily growing. And this is not a technological problem:
most leaks are due to human factors. Therefore, when introducing
biometrics, the main danger is that it is not yet clear how to
protect and verify this data. Citizens submit fingerprints and
photographs of faces, their faces are taken without their
knowledge and consent on the streets, in transport, in offices and
shopping centers, and then such information can be "leaked",
stolen, intercepted and used, for example, in large real estate
transactions, when managing a bank account, when entering
closed objects and the like.
