This material will describe the Unified Identification and Authentication System (ESIA) portal. This is a special system that operates in the Russian Federation. Through this solution, authorized access of various participants to state information resources is ensured.
Main functions
Conventionally, a unified system of identification and authentication (ESIA) can be given the name "electronic passport" of a citizen of the Russian Federation. With the help of this tool, authorization is carried out on the following resources: “Russian Public Initiative” and “State Services”.
In order to use the support service of the unified system of identification and authentication or to join the project by creating an entry on it, the user must verify his identity by providing passport data of SNILS and TIN. The main functional capabilities of the project include: authentication, identification, data management, authorization of authorized representatives of the executive branch, provision of information. Rostelecom is responsible for the creation of this portal. The following companies were directly involved in project development tasks at different times: “Reak Soft”, “RT Labs”, R-Style, AT Consulting.
Tasks
A unified system of identification and authentication provides the customer with a single account. Thanks to it, the user has access to significant state information systems. Officials also use this tool. The project provides them with access to basic resources. Authentication and identification of government representatives during interagency interactions takes place. We will talk further about how this project was created.
Story
A unified system of identification and authentication was created in 2010. Initially, the project provided an opportunity for registration of persons at PSU. Authentication and identification was carried out using a password. By 2011, the project provided access to regional portals that provide public services, as well as electronic government applications.
Soon, a unified system of identification and authentication became available not only to individuals, but also to officials and legal entities. Individual entrepreneurs have joined this list. The portal began to support a new way of authentication and identification - electronic signature. In 2012, as part of the project, its creators launched a registry system. It includes a list of officials representing the authorities, indicates their authority. In 2013, a special government decree was adopted.
This document provides for the creation in the registry system of organizations and bodies that have the right to create and issue an electronic signature key. Through this approach, municipal and state services are provided. In 2014, another government order was issued that was important for the development of the system that interests us. According to the document, the official websites and portals of federal authorities, as well as the corresponding resources of the constituent entities of the Federation and local self-government, are integrated into the project. In 2015, the list of data displayed in the user profile was significantly expanded. Added here: military ID, compulsory medical insurance policy, passport.
Now you can specify information about children. Added the function of self-registration of relevant state organizations.Non-credit financial organizations now have the opportunity to connect to the system. The interaction of various information units with the project is carried out through special electronic messages that comply with the OpenID Connect 1.0 or SAML 2.0 standard.
The user can contact the regional portal of public services or departmental. The system sends a request for authentication. Next, it checks if a particular client has an open session.
Criticism
The unified system of identification and authentication was accused of insufficient security at the initial stage of development of this project. A number of critics have argued that logging in with a password and login is not reliable. Thus, the user is exposed to additional risks. During the modernization of the system, this drawback was eliminated.