Banks have opposed the new transaction confirmation rules that they want to enshrine in the Anti-Fraud 2.0 bill. According to the plan, all "significant actions" of clients will have to be confirmed in two ways at once - via SMS and the national MAX messenger.
But the market is not thrilled. Participants in the financial sector have already appealed to the Central Bank and the government with a request to revise the norm: in their opinion, it will not strengthen protection, but will sharply increase costs.
The main complaint is double confirmation. Banks call it redundant and expensive. In fact, you will have to pay twice for each transaction. On the scale of the entire system, this can result in billions of rubles a year - and ultimately hit users through increased tariffs.
There are also technical issues. For example, MAX is not always able to send messages to a client without his prior request - which means that it will simply be impossible to confirm some transactions.
Separately, experts point to risks: if you make the messenger a mandatory element of the system, it will become a single point of failure. Any failure or attack - and online transactions throughout the country may stop.
At the same time, the effectiveness of the measure is also in doubt. Fraudsters have long been working through social engineering - they lead the victim for weeks and calmly receive the necessary confirmations. An additional code in SMS or messenger does not change the situation.
Security experts add: modern alternatives already exist - push notifications, one-time codes and biometrics work more reliably and do not depend on the mobile network.
As a result, banks propose not to impose one scenario, but to give a choice of technologies - and at the same time regulate the cost of messages so as not to shift the costs to customers.
