29.01.2026 17:51:00
Дата публикации
The Agency for Regulation and Development of the Financial Market has approved new rules for biometric authentication, now mandatory for banks, organizations with specific banking operations, and microfinance institutions. The document replaces the previous norms from August 2024 and introduces stricter requirements for client identification.
To confirm identity, a simple facial image is no longer sufficient. A “reliable current image” must be obtained via secure software on a smartphone or computer. This approach aims to prevent the use of outdated or fake photos and increase trust in the authentication process.
Clients will also be asked to perform additional actions — such as blinking or turning their head. If a person fails three times, authentication is deemed unsuccessful, and access to the service is denied.
After receiving the current image and the client’s IIN, the second stage begins — comparison with a reference photo. The reference may come from the state image database or from the provider’s verified photo base, ensuring flexibility and reliability of verification.
All verification results, including process details, are recorded in a separate electronic document, signed with a digital signature and stored by the requesting bank or microfinance organization. This creates a legally significant record confirming the correctness of the procedure.
The new system defines key roles: the biometric authentication provider captures and compares the image; the requester is the bank, MFI, or organization; the authenticated person is the client undergoing identification.
Each participant is responsible for storing and protecting biometric data. Information transfer between systems is carried out exclusively through encrypted communication channels, minimizing risks of leaks and unauthorized access.
The previous biometric identification rules from August 2024 are officially repealed. The new document requires registration with the Ministry of Justice and publication on the agency’s official website for public access.
The updated norms will come into force in the coming days.
To confirm identity, a simple facial image is no longer sufficient. A “reliable current image” must be obtained via secure software on a smartphone or computer. This approach aims to prevent the use of outdated or fake photos and increase trust in the authentication process.
Clients will also be asked to perform additional actions — such as blinking or turning their head. If a person fails three times, authentication is deemed unsuccessful, and access to the service is denied.
After receiving the current image and the client’s IIN, the second stage begins — comparison with a reference photo. The reference may come from the state image database or from the provider’s verified photo base, ensuring flexibility and reliability of verification.
All verification results, including process details, are recorded in a separate electronic document, signed with a digital signature and stored by the requesting bank or microfinance organization. This creates a legally significant record confirming the correctness of the procedure.
The new system defines key roles: the biometric authentication provider captures and compares the image; the requester is the bank, MFI, or organization; the authenticated person is the client undergoing identification.
Each participant is responsible for storing and protecting biometric data. Information transfer between systems is carried out exclusively through encrypted communication channels, minimizing risks of leaks and unauthorized access.
The previous biometric identification rules from August 2024 are officially repealed. The new document requires registration with the Ministry of Justice and publication on the agency’s official website for public access.
The updated norms will come into force in the coming days.
