The list of threats to biometric personal data when processing outside the Unified Biometric System has been approved by the Ministry of Digital Development of the Russian Federation

The corresponding order is published on the portal of legal information. The list of threats compiled by the ministry includes:

• violation of integrity, including substitution and deletion of personal data (PD);
• violation of the confidentiality of biometric personal PD;
•  threat of illegal access to data components, including through software vulnerabilities;
• violation of data availability due to a failure in the operation of software and hardware processing.

The ministry clarified that financial market enterprises have been removed from the list of organizations that work with biometric PD. The list of information security threats that banks should take into account when collecting, using and transferring PD is formed by the Bank of Russia.

Original (in Russian)