RBI’s latest amendment of master directive on KYC, allowed regulated entities including banks to use offline Aadhaar for identifying and verifying their customers as required by PMLA act. This meant all private sector companies that had lost, an easy to use method of KYCing with eKYC, can now use Offline Aadhaar which is very similar to ekYC to KYC their customers.
In this article we try to figure out what Offline KYC is and how it could be much better than eKYC.
To begin with let us fist understand, what eKYC and Offline Aadhaar KYC are?
Here we go,
KYC or Know your customer, simply put is the process of identifying a customer with a goal of detecting and avoiding fraud in financial transactions, as such it is legally binding to financial institutions including banks and NBFC’s.
What is eKYC?
eKYC is a paperless Know Your Customer (KYC) procedure, wherein the identity and address of the user are verified electronically through Aadhaar authentication i.e. companies could use Aadhaar API’s and the Aadhaar number of a customer to verify the identity of the said customer.
We have extensively written about Aadhaar eKYC. You can read about it in our article
Using an API meant companies could forgo the paper based KYC method they’ve speeding up on-boarding & KYC process and bringing down operational costs associated with KYC by almost 80%.
Though post the supreme court verdict in September of 2018, access to Aadhaar APIs for private companies all but seized, pushing back the entire process to pre-eKYC era.
What is Offline Aadhaar?
UIDAI in the wake of the Supreme court’s judgement on Aadhaar pushed for the usage of Offline Aadhaar to replace Aadhaar eKYC as means to verify customers.
Offline Aadhaar allows residents to share their details with agencies or organisations that want to KYC them. This can be done using
- Offline Aadhaar XML
- QR Code
Customers now with their consent could give a copy of their Aadhaar to a service provider who could then use it to verify the customer’s identity. This method wherein a company could use Offline Aadhaar without having to use Aadhaar APIs to verify their customers is what is called Offline Aadhaar KYC.
Clearly, eKYC is easy to use and would be the best choice to KYC your customers though current restrictions on its usage all but eliminated any possibility of gaining access to these APIs.
Having said that we believe offline Aadhaar KYC is better than eKYC and here is why,
One of the major benefits of using offline Aadhaar is that you as a service provider don’t have to pay anything to use the data that comes with offline Aadhaar. Unlike eKYC where you are charged for every transaction (Rs 20), you incur almost no cost for using Offline Aadhaar for KYCing your customers provided customer shares this data with their consent.
You don’t need a license
Using eKYC requires you to have an AUA/KUA license from UIDAI before you could even access the API, this is in addition to the infrastructure that needs to be built before you can use and store Aadhaar data for KYC. The license itself comes at a price of Rs 25 lakh plus security deposit in addition to the per transaction charges and infrastructure costs.
Like in case of eKYC, Offline Aadhaar has a UIDAI signature based authentication. This allows you as a service provider to verify the authenticity of the Aadhaar XML/eAadhaar provided to you by your customer. Making Offline Aadhaar as secure and trustworthy as eKYC. Though in case of eKYC this authentication is done online, Offline Aadhaar’s UIDAI signature within the document/XML file provides the same level of security from tampering and misinformation.
Offline Aadhaar specifically Aadhaar XML can be downloaded in real time from UIDAI website. Aadhaar XML and eAadhaar (QR code) are signed with UIDAI certificates and encrypted using public keys making it nearly impossible to tamper the data provided via them.
Availability of Hashed mobile number and email address
Unlike eKYC where UIDAI doesn’t share your customer’s mobile number and email address, offline Aadhaar KYC comes with hashed number and email id i.e. you can use this hash value to match and verify the number and the email id provided by the customer. Additionally, Offline Aadhaar KYC comes with all the information that an eKYC provides apart from UID Token.
Multiple supported formats
eKYC is dependant on APIs to access the data required for KYC and any downtime affects the functionality of the entire process. While Offline Aadhaar KYC solely due to the reason it’s offline provides some level of insulation from system downtimes. Offline Aadhaar itself can be accessed in 3 distinct ways that includes Aadhaar XML, eAadhaar and QR code. Counting in the physical Aadhaar itself, there are 4 different ways a customer can share her information with you, a service provider for KYC.
In the current regulatory environment where Aadhaar has become a privacy issue and using Aadhaar APIs have been restricted it makes sense to find an alternative that is not bound by the limitations as eKYC and provides the same level of flexibility. Offline Aadhaar KYC provides both at a negligible cost (which is usually some tech resource) while being reliable and completely within regulatory norms.