The head of InfoWatch Group of Companies Natalya Kasperskaya said that before the launch of the Unified Biometric System (EBS), Rostelecom (the operator of the EBS) had to conduct independent testing, which would show the level of its security.
Mikhail Oseevsky, President of Rostelecom, emphasized last week that the Unified Biometric System, developed by his company, is fully protected, developed in accordance with current information security requirements, therefore, biometric data leaks are excluded from it.“
Before launching a system that would store biometric data of citizens of the Russian Federation it was necessary to conduct independent completely open testing. A hackathon could be organized for testing purpose during which “white” hackers would be offered to find vulnerabilities and errors in the system. The reward would be 1 or 10 million rubles. Hence, that Russian “white” hackers could try to hack the EBS, steal data from it and get unauthorized access.
Of course, all this had to take place in a separate sandbox with model data. Biometric information is very sensitive data, so the systems that store it must have the highest level of security. Therefore, I would like to make sure publicly that the Unified Biometric System is secure, and not just believe the words of the developers. Holding hackathons of this kind is a worldwide practice implemented by the world’s largest companies, ”said Natalya Kasperskaya.
The head of InfoWatch also clarified that if attempts to hack the “Unified Biometric System” are not successful within the hackathon. This will indicate a high level of security of the system, so experts and citizens of Russia will be able to be sure of its quality.