About eKYC


The Aadhaar eKYC is similar to the Authentication transaction of verifying the customer, except that it returns with the Name, Address, Gender and Date-of-Birth and Face-photo of the Aadhaar-holder electronically. It does NOT return the mobile number or email id of the Aadhaar holder.

eKYC privacy provisions under the Aadhaar Act
  • Consent of the Aadhaar holder needs be procured for conducting an eKYC transaction.
  • The Aadhaar holder needs to be adequately notified of the purpose for which his eKYC transaction is being conducted.
  • The Aadhaar holder needs to be notified as to the agency/company on whose behalf the eKYC transaction is being conducted.
  • The agency that conducted the eKYC transaction cannot share it with any third party, without the consent of Aadhaar resident.
eKYC flow
  • e-KYC front-end application captures Aadhaar number + biometric/OTP of resident and forms the encrypted PID block
  • KUA forms the Auth XML using the PID block, signs it, uses that to form final e-KYC input XML and sends to KSA
  • KSA forwards the KYC XML to Aadhaar e-KYC service
  • Aadhaar KYC service authenticates the resident and if successful responds with digitally signed and encrypted XML containing resident’s latest demographic and photograph information
  • E-KYC response (containing demographic data and photograph), by default, is encrypted with KUA public key
  • KSA sends the response back to KUA enabling paperless electronic KYC EKYC will perform using two ways 1. OTP 2. Biometric