Trial Login

Products

Newsroom

Home > Newsroom > Top Stories > Russian Digital Development Ministry gradually disabling SMS verification for logging into Gosuslugi from mobile devices
Top Stories
5 Dec 2025 21:27

Russian Digital Development Ministry gradually disabling SMS verification for logging into Gosuslugi from mobile devices

MOSCOW. Dec 5 (Interfax) - The Digital Development Ministry said it is abandoning SMS for logging into the Gosuslugi (Public Services) portal due to growing instances of fraud.

Currently, this only concerns logging into the resource via mobile devices, it said.

"Due to the growing number of cases of fraud where Gosuslugi users unintentionally hand over SMS codes for logging into the portal, it was decided to gradually abandon logging into the portal with confirmation via SMS. For now, this decision only concerns logging into Gosuslugi via mobile devices," the ministry's press service said on Friday.

"Two-factor authentication effectively protects information resources from unauthorized access. On Gosuslugi, one can choose from several options for verifying login," the ministry said.

The following can be used as a second security factor: a one-time code in the Max messenger, a one-time code from a special application, biometrics, and SMS (only for users of the desktop version of Gosuslugi), the ministry said.

An advantage of the code in Max is that "this method has additional protection against social engineering - before receiving the code, the chatbot will ask questions that help identify a malicious actor," the Digital Development Ministry said. "If the answers raise suspicion, it will not issue the code and will issue a warning. One can connect a one-time code in Max as a second security factor on the banner when logging into the portal or in the Gosuslugi application," it said.

Other options for additional protection - a one-time code, which will be generated only in the application you install on your device, or login via biometrics - can be chosen in the Security section, it said.

"Please note, entering a login, password and a second security factor is not required each time you log into the mobile Gosuslugi application. A session lasts for six months," the ministry said.

On Friday, users on social networks began complaining about the inability to log into the Gosuslugi application without authorization via the Max messenger.

At the end of May, Digital Development Minister Maksut Shadayev said that the ministry is studying options for moving away from restoring a user's access to their Gosuslugi account using a code from SMS, which is often used by fraudsters. "The position of the Digital Development Ministry as a technical regulator is that any code that comes in an SMS is now a problem. It is clear that this is the main transmitted factor that allows fraudsters to gain access [to an account]," he said.

Company Information Compliance with the rules Computing & Information Technology Crimes Gosuslugi government departments Ministry Russia Verification

News and other data on this site are provided for information purposes only, and are not intended for republication or redistribution. Republication or redistribution of Interfax content, including by framing or similar means, is expressly prohibited without the prior written consent of Interfax.

© 1991—2026 “Interfax Information Group” www.interfax.com. All rights reserved.