Designed for simplifying service access for individuals and creating an ecosystem in the country wherein institutions can thrive through a free flow of information, Aadhaar covers 100% of the population in the country as of September 2022.
Revolutionizing Access to Services
Unique in approach and multi-dimensional in potential, the mainstreaming of Aadhaar enabled public and private service providers to reimagine account onboarding like never before. Direct access to individual biometrics helped bypass complex manual identity verification practices, reducing turnaround time from days to mere seconds.
However, in the wake of an ensuing privacy debate, the Supreme Court of India quashed section 57 of the Aadhaar Act, debarring private entities and corporates from using Aadhaar unless pursued under any law. In line with the directives, Aadhaar and Other Laws (Amendment) Ordinance 2019 amended the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act 2016 and associated legislation to balance a citizen’s need for information security and enjoying the inherent benefits of Aadhaar.
Balancing The Demand For Privacy & Convenience
The ordinance indicated an offline verification of Aadhaar, leading the Unique Identification Authority of India (UIDAI) to define the Aadhaar Paperless Offline e-KYC process using Aadhaar XML. Interestingly, a series of Amendments to Master Direction (MD) on KYC by the RBI in 2019 and 2020 doubled down on ensuring data privacy and authenticity by institutions as they adopt the offline e-KYC process route.
Understandably as the offline e-KYC pushes much of the verification workload onto the service provider’s end, the liability on such agencies to have streamlined systems for verifying and onboarding accounts has increased manifold. It is where a comprehensive Aadhaar XML Authentication Application Programming Interface (API) suite comes into play. With tools like Aadhaar XML Download API and Aadhaar XML Verification API, it can automate the KYC journey to a large extent, lifting the burden off the service provider’s shoulders.
But what is Aadhaar XML verification, and how has it improved things for both the service providers and consumers?
What is Aadhaar XML Verification?
The Paperless Offline e-KYC process using Aadhaar XML was designed to strike at the root of the data privacy, security, and inclusion concerns that has entailed the usage of Aadhaar since its inception. The online verification of the Aadhaar provides instant confirmation of the identity of the Aadhaar number holder. However, this approach may not always be suitable due to several reasons like the absence of reliable connectivity, lack of technical infrastructure for online e-KYC, reservations of consumers to share biometrics with the service providers, and so on.
Instead, a consumer desiring an offline verification of Aadhaar can generate a digitally signed Aadhaar XML file from the UIDAI resident portal in zipped format and protect it with a password or share phrase. It is a machine-readable document containing the Name, Address, Photo, Gender, and DOB of the Aadhaar card holder. The phone number and registered email address are encoded in a hash. While the Name and Address are mandatory, the consumer can choose from the other five demographic details to be included in the XML file.
The service provider extracts the XML using the share phrase and validates the digital signature using a hashing logic available on the UIDAI website to complete the KYC process. While an offline verification of other documents like PAN or Passport may be vulnerable to fraud, the digital signature on the Aadhaar XML file makes it resistant to such attempts during the Paperless Offline e-KYC process.
What is the Aadhaar Verification XML API?
However, the verification process mentioned above still involves a consumer going through the hassle of visiting the myAadhaar portal and generating the Aadhaar XML file for the Paperless Offline e-KYC. On the other hand, an Aadhaar XML Verification API and Aadhaar XML Download API simplify the process by adding a call and retrieve function into the e-KYC system of the service provider.
With these APIs, a customer seeking offline e-KYC only has to enter the KYC information and the Aadhaar number as inputs. The APIs automate the entire process of downloading the XML file, extracting, parsing, and validating the UIDAI-assigned digital signature to establish the authenticity of the demographic information about the Aadhaar holder.
The process flow can be explained in five easy steps:
– The consumer enters the Aadhaar number and is immediately prompted for consent to fetch the Aadhaar XML file
– On providing the consent, an OTP is triggered to the Aadhaar-linked mobile number of the consumer
– The Aadhaar XML file is generated and downloaded by the service provider
– The consumer is asked to enter the share phrase and the OTP sent to the Aadhaar-linked mobile number to decrypt and extract the content of the Aadhaar XML file
– The digital signature on the Aadhaar XML file is verified using the certificate from UIDAI
– Once authenticated, the retrieved demographic information is used to validate the client’s KYC
What Are the Challenges of Aadhaar Verification During Onboarding?
The use of Aadhaar XML Verification API and Aadhaar XML Download API can surely address the accessibility barrier for private entities while providing an almost instant and zero-touch onboarding experience for consumers. While today a business looking for an Aadhaar XML authentication API suite is spoilt for choice, there can be certain downsides to using run-of-the-mill products. A few of them can be:
Data security: Using sub-optimal Aadhaar XML Verification API and Aadhaar XML Download API, it can become difficult to ascertain how consumer consent is maintained within the system. Also, it is essential to ensure that the downloaded XML file is neither stored nor shared by the system, failing which may attract penal provisions.
Customization: Often, off-the-shelf products have a limited scope of customization, making them incompatible with the seamless extensibility of the e-KYC system of the service provider.
Cross-platform compatibility: It is essential for the Aadhaar XML Verification API and Aadhaar XML Download API to smoothly integrate and operate across mobile platforms like Android, Windows, and iOS. As Business Correspondents in India take financial services to the consumers’ doorsteps, failing to have such capability will defeat the case of financial inclusion.
User experience: An Aadhaar XML Authentication API Suite should essentially put the power to initiate and complete verification in the hands of the consumer. An API-driven service that is complex and difficult to use may prove repulsive for a consumer.
What is the Aadhaar Authentication API Suite By Perfios?
As the FinTech leader in India, Perfios ingenuity and technical acumen have long been trusted for providing due diligence solutions that are simple, secure, and well ahead of their time. It inspired us to develop an Aadhaar XML authentication API suite that helps businesses and consumers enjoy the benefits while almost intuitively addressing the challenges of using an Aadhaar XML Verification API and Aadhaar XML Download API.
Perfios award-winning Aadhaar authentication API portfolio is cross-platform compatible and fully customizable. It has been known to successfully automate Aadhaar verification with a simple-to-use API function and AI-powered customer authentication. It includes functions like:
Aadhaar XML Download (Consent-based): Aadhaar XML Download (Consent-based) API explicitly prompts for user consent for the operation. It provides a user-friendly interface where The Aadhaar card holder can enter their name and assign a case ID. The consent to access the Aadhaar information can be given by simply ticking the boxes below each demographic information field. The Aadhaar holder can set the share phrase for the KYC system to access the downloaded XML document.
Aadhaar XML Download (SDK): As an alternative to Aadhaar XML Download API, Aadhaar XML Download (SDK) provides the service provider with a complete set of tools for custom-building integrated Aadhaar XML Download functionalities within their own web or mobile applications. It can accept the Aadhaar card number from the consumer, download the Aadhaar XML file and extract the information to complete the KYC verification process.
E-Aadhaar Download (UIDAI-Based): Like an Aadhaar XML file, E-Aadhaar also saves the hassle of carrying physical documents. However, with the E-Aadhaar API, a service provider can make the KYC journey more convenient. It plugs the system directly into the UIDAI database. With proper consent, API downloads the E-Aadhaar file and extracts the demographic information for the KYC verification. Since the API does not store data, there is no chance of using the E-Aadhaar in any way other than its intended purpose.
Aadhaar XML Upload & Verify: Sometimes, an Aadhaar card holder may find it more convenient to upload a copy of the Aadhaar or share it with the account onboarding executive. In that case, the Aadhaar XML Upload & Verify first extracts the demographic information from the document using an AI-based OCR technology, populating a KYC form. Then, it downloads the Aadhaar XML file from UIDAI to match the available details, completing the verification process.
We Would Love To Hear From You
Aadhaar has been a revolutionary step forward for India, simplifying identity verification and democratizing service access. It is important to perceive this innovation in the right spirit and make every effort to keep it transparent, affordable, and accessible for institutions and individuals alike.
