Find out by voice: a database of biometric data of scammers will appear in Russia
A database of biometric data of fraudsters will appear in Russia. The corresponding instruction was given by Prime Minister Mikhail Mishustin. According to sources, it will include samples of the voices of telephone criminals who deceived citizens. Izvestia found out how the new system can work and why it is needed.
A new method of struggle
A database of biometric data of fraudsters will be created in Russia. This instruction was given by Prime Minister Mikhail Mishustin.
The database will be developed by the Ministry of Finance, the Ministry of Internal Affairs and Roskomnadzor with the participation of the Bank of Russia. According to the document, it should be created before April 1, 2026. At the same time, the ministries need to "assess the possibility of using artificial intelligence technologies by telecom operators with the consent of citizens to block fraudulent phone calls."
For the first time, the government's plans to create a database of biometric samples of fraudsters were reported in November 2024, specifying that it would contain, in particular, samples of fraudsters' voices. Maksut Shadaev, Minister of Digital Development, Communications and Mass Media, said that a large package of anti-fraud measures is being discussed in Russia, and the database is included in the list of measures. In addition, operators may be given the opportunity to use AI in phone calls.: This way they will be able to detect attempts to influence subscribers and break the connection.
At the same time, the Vedomosti source clarified that the attackers' biometrics samples would be transferred to the Ministry of Internal Affairs if the subscriber wrote a crime report. At the same time, the operator must have a recording of the conversation with the fraudster.
Izvestia sent a request to the Russian Interior Ministry, the Ministry of Finance and Roskomnadzor. The Ministry of Finance reported that the initiative is now "under development."
— Previously, the ability to maintain a database of fraudsters' numbers and a database of their vote vectors was provided for in the first package of measures to combat cyberbullying. However, the initiative was not included in the final document," the press service explained. — Now such an opportunity and its parameters are being worked out with interested departments and the industry as part of the second package of measures to respect the rights and interests of citizens. It can significantly help in the fight against cybercriminals.
What is a biometric database?
The database being implemented is a system designed to store and process biometric data that is unique to each individual and used to identify them. These may include fingerprints, the iris of the eye, voice, face, as well as user behavior, such as typing methods, Ekaterina Edemskaya, a cyber expert and analytical engineer at Gazinformservice, explains to Izvestia.
— A biometric database is necessary to increase the level of security and simplify identification processes in various spheres of life. It can be used to prevent fraud, protect against unauthorized access, as well as to combat crime," the expert notes.
For example, she explains, such databases can be used to verify identity when logging in, at the border, or when making financial transactions. They can significantly improve the accuracy of identification, as biometric data is difficult to fake.
In this case, explains Alexandra Shmigirilova, GR director of the Security Code Information technology company, it's about collecting voice data from intruders on a single platform and connecting telecom operators to it. In this case, it will be possible to display information about a potentially fraudulent call, alerting users. At the same time, data analysis and systematization can be based on AI technologies.
How the system will work
As Ekaterina Edemskaya explains, in general, the process of creating databases begins with data collection: using specialized sensors or devices such as fingerprint scanners, cameras or microphones. After that, the data (in this case, the timbre and frequency of the voice, the manner of speech) is converted into unique digital templates that are stored in the database.
— When a person re-accesses the system for authentication or verification, their biometric data is read again and compared with already saved templates. If the data matches, the system confirms the user's identity. This process allows you to identify a person very accurately and quickly and, as an option, turn off the call," says the interlocutor of Izvestia.
At the same time, experts believe, when creating such a database, there is a high probability of encountering a number of difficulties, both technical and legal. The first may include ensuring the accuracy and reliability of the system.
— Biometric data can change with age, illness, or other factors, which can make it difficult to identify a person, especially if the system cannot adapt to such changes. For example, fingerprints may become less clear, and voice recognition may be erroneous in the presence of extraneous noise," says Edemskaya.
Another possible problem, the expert calls the fact that modern scammers are increasingly using messengers and other online platforms to contact victims rather than phone calls. To solve this, it may be necessary to develop additional measures to collect biometric data from voice messages in instant messengers. This may include creating mechanisms for recording and analyzing the voices of users who interact through such platforms.
— However, it is important that these measures do not violate laws on privacy and personal data protection. For example, you will need to take into account the need to obtain consent from messenger users to collect their biometric data and clearly define how this data will be used. And the companies themselves should cooperate with law enforcement agencies to ensure that voice messages can be analyzed," the expert explains.
The Beeline press service explained to Izvestia that the creation of a biometric database is aimed at developing an effective self-learning mechanism to counter telephone fraud. The current approach of operators involves the use of large language models (LLM), which determine the context of conversations and initiate subscriber protection only after detecting signs of potential fraud. This slows down the system's response, as identifying new scenarios requires additional time.
— A promising technology should provide the ability to quickly identify the voices of intruders through an integrated biometric database. Such a system will allow you to instantly recognize previously recorded cases of fraud and promptly respond to unknown deception schemes. The self—learning model will increase the effectiveness of the fight against crime by promptly analyzing and blocking suspicious calls," the source said.
The implementation of this approach involves a number of technical difficulties and the need for a thorough review of the proposed solutions. It is assumed that if the caller's voice matches the voice of a known fraudster, it is proposed to inform the subscriber by voice message and automatically interrupt the call, providing additional user security.
The legal aspect
Another problem that may arise when creating a database is related to legal aspects. Firstly, lawyer Sean Betrozov explains to Izvestia, it is unclear on what basis the alleged fraudsters will get there.
— In Russian law, there is a presumption of innocence — a person cannot be considered a criminal until the court has pronounced a verdict. If you start including those who are only suspected of a crime in the database, it will violate the Constitution. Even if there is a record, its use must be strictly in accordance with the law. That is, there must be a guilty verdict to be entered into the database," says the lawyer.
So far, it is assumed that voice samples will be sent to the Ministry of Internal Affairs after the person complains about fraud, and the operator saves the call recording. The voice will be processed by a special program and the template will be saved. But both the transfer and storage of the record require legal grounds — and there are no such rules yet. As there is no separate procedure that will determine the storage period of data in the database and the conditions for deleting information if a person suddenly gets into the database by mistake.
In addition, the expert adds, it is important to take into account that an automatic call filtering system by voice can lead to unexpected consequences. For example, if a person previously involved in fraud calls his family for legitimate reasons, his voice will still be recognized as suspicious. The system can block a call, even if the content of the conversation is not related to a crime. This creates risks of unjustifiably restricting communication.
— Technically, it is impossible to distinguish fraud from a personal conversation by voice. Therefore, when developing such a system, it is important to introduce exceptions and provide that a citizen can independently allow receiving calls from certain numbers, even if they match the template from the database," the Izvestia interlocutor notes.
At the same time, the lawyer believes, technically the system can be launched by the spring of next year — Russia already has experience working with biometrics in banks. But in order for the database to work in practice, laws, by-laws and a well-thought-out system of system protection are necessary.
A necessary measure
One way or another, experts call the introduction of the measure necessary. The problem of telephone fraud in the country is still gaining momentum: according to the Prosecutor General's Office, last year the number of registered crimes increased by 15% and amounted to 130 thousand (in 2023 it was 110 thousand). At the same time, 3.2 billion spam and fraudulent calls were blocked, which is 48% more than a year earlier, MTS estimated.
Sberbank estimated that in 2024, fraudsters stole at least 295 billion rubles from Russians. A record number of calls was recorded in March — it was up to 20 million per day. By the beginning of 2025, the figure had decreased to 5-6 million calls per day. At the same time, experts noted a huge number of risks and threats: not only on the phone, but also in messengers and social networks.
This year, Kaspersky Lab reported, almost every second Russian has already encountered traditional phone fraud (43%, +3% compared to the first quarter of last year). At the same time, the share of Kaspersky Lab's app clients who received calls from intruders on WhatsApp (owned by Meta, a company recognized as extremist and banned in the Russian Federation) increased 3.5 times, indicating a growing trend towards criminals switching to messengers.
According to lawyer Sean Betrozov, the idea of creating a biometric database is aimed at making it more difficult for phone scammers. If their voice can be recognized and blocked automatically, the effectiveness of the old schemes will decrease dramatically. But this will not stop the scammers completely: they will continue to use AI and switch to new communication channels.
At the same time, Ekaterina Edemskaya points out, other measures taken by the state to combat fraudsters are already demonstrating effectiveness. For example, the Antifraud system has reduced the share of fraud involving spoofing telephony from 30% to 2% of the total number of connections in 2024. In January 2025 alone, it prevented 32.9 million calls from replacement numbers.
Переведено сервисом «Яндекс Переводчик»
