Providers were asked to identify citizens using bank data
[ad_1]
The Ministry of Digital Development has finalized the draft resolution regulating the procedure for verifying the identity of clients of hosting providers. It is proposed to include authorization using a phone number, bank card and SBP – options used when concluding a public offer. Until now, we have been talking about EBS, an account on State Services, or personal provision of documents. Identification is needed to ensure the security of the IT infrastructure. But companies are wary of the additional costs of launching new mechanisms and emphasize the persistence of the issue of identifying foreign clients.
“Kommersant” got acquainted with the updated draft resolution of the Ministry of Digital Development on the identification of clients of hosting providers (provide services for virtual hosting of data and websites). The new version of the document, published on October 9, proposes to consolidate the ability to identify clients using the Fast Payment System (FPS) and bank cards. In this case, the company will have to store data about the date and place of payment, the amount for which the transaction was made, and the payment identifier (UIN, unique accrual identifier) for the duration of the provision of services. There is also an option for identification by phone number.
The draft resolution is among the by-laws to the amendments to the laws “On Communications” and “On Information” adopted in July. The obligation of hosters to establish the identity of clients will appear from December 1, other by-laws oblige providers to connect to the GosSOPKA cyberattack detection system controlled by the FSB, etc.
The Ministry of Digital Development says that by adding to the list, it took into account the opinion of the industry and interested departments: “These methods are already used by providers when concluding offer agreements and will not entail additional costs, but will increase the security of the infrastructure.” The original version of the document included identification through Gosuslugi, EBS, using an enhanced qualified electronic signature, as well as through personal presentation of documents. In September it became known that the Ministry of Digital Development was studying the possibility of introducing “simplified identification”, including for foreign clients (see “Kommersant” dated September 27). The changes were the result of this work, among other things.
In the first version of the document, there were no identification options used when concluding a public offer, as well as using a telephone number, and this “caused confusion in the ranks of Russian providers,” notes Nikita Tsaplin, CEO of the hosting provider RUVDS. The idea of transparency of all processes in the chain of operations from the customer to the final contractor looks logical, admits Georgy Banchikov, CEO of the developer company Ingry.Tech, but it will create an additional burden on the company – infrastructural and financial. For large providers this is not a problem, but small players may not be able to cope with the new working conditions, the expert believes.
The amendments introduced by the Ministry of Digital Development solve the problem of the quality of identification of Russian clients by providers, notes Art Engineering director Artem Stenyushkin: “Authorization using a phone number or bank card confirms that the client is the actual owner of this data.”
However, Mr. Stenyushkin emphasizes, the amendments do not solve the problem of identifying foreign users.
For example, he explains, in order to use the SBP, the client must register in the system and confirm his identity using a special code that is sent to his mobile phone – otherwise additional authorization is required to access hosting services. Foreign clients really have different identification methods (foreign cards and phone numbers), confirms Georgy Banchikov, so the amendments make their life easier only if they have Russian accounts and numbers.
[ad_2]
Source link