After you enrolled for an Aadhaar and got your Aadhaar card home most of you would have used it for something or the other – such as getting a new mobile connection, opening a bank account or to get your LPG gas cylinder etc. The service provider might have talked about doing an Aadhaar “KYC” or an “Authentication”, and you might have wondered what these term meant – wonder no more, we will demystify these technical terms for you.
Since Aadhaar is here to stay it is essential that we understand the terms associated with it especially since these terms could be used by your bank, insurance company or ration shop – to perform an important transaction for you.
Aadhaar at its essence is an Identity(ID) management system. But unlike other IDs such as Voter ID, Driver’s Licence, Ration Card etc it is not limited to one specific service (be it voting, driving or buying food rations), but is meant to work across various use cases – central, state and local. After enrolling for an Aadhaar your fingerprints and irises are used to de-duplicate your record and issue a unique Aadhaar number. The Aadhaar system ensures one-person-one-Aadhaar across the entire population.
After the above Aadhaar enrollment, the way you can use your Aadhaar number is by 2 methods – Authentication and KYC.
What is Aadhaar Authentication?
The above cartoon in the New Yorker magazine sums up the crux of the authentication problem. On a online digital system it is difficult for a services provider (such as a bank, ration card system etc) to establish you as a bonafide user/account-holder in the system in order perform your services.
Authentication deals with proving “You are who you say you are”. For instance when you try to login to your Gmail account online, you have to prove who you are by entering your UserID and Password – this constitutes authentication at its most basic form.
Since only about 12% of Indians speak English and a large portion remains illiterate a largely English UserID/Password mechanism would not work for most Indians hence Aadhaar offers a much simpler form of Authentication – by simply entering your Aadhaar Number(user-id) and your fingerprint(password) to get access to a particular service. This by the way is Aadhaar Authentication!
Types of Authentication
Now let’s talk about the various types of Authentication:
To prove who you are there is some secret thing that only you know or have that can be used to authenticate yourself. For instance your ATM pin is something only you know. For instance a credit-card with your name is something only you have. These things that only you know or have can be used to “prove who you are” or authenticate yourself. There is yet another factor that can be used besides what you know and what you have, it is what you are – using biometrics.
To summarize the above there are 3 ways you can authenticate yourself:
- Something you know – ATM PIN, Password etc.
- Something you have – Aadhaar Card, Credit card etc.
- Something you are – fingerprint, iris, face photo etc.
What is Aadhaar KYC?
KYC or Know your Customer, simply put is the process by which a service provider or business verifies the identity of its client and assesses the potential risk of illegal intentions for the business relationship. Various industries are mandated by regulation to perform KYC such as Banks (by the RBI), telecom operators (by TRAI) and so on. The use of Aadhaar to perform KYC verification be it for banking or telecom is called Aadhaar KYC.
In order to perform KYC, the service provider needs to collect certain information from the client as well as check the veracity of the information submitted. Prior to the availability of Aadhaar online KYC Banks and telecom companies needed to physically verify the customer’s address or take another proof-of-identity document to check the photo with the person etc.
KYC verification process consists of 3 parts:
- Document Verification – Verify the authenticity of the document provided
- Identity Verification – Verify the identity of the person who is being KYC’d
- Address Verification – Verify the address provided in the document
These verification checks using existing ID documents (such as Driver’s license, PAN card etc) and physical verifications were cumbersome and expensive. The Aadhaar KYC was able to perform the KYC entirely digitally and online.
Aadhaar KYC from a customer’s standpoint looks very similar to Aadhaar authentication. The customer will need to input his/her Aadhaar number followed by say a fingerprint on a device (Iris biometric can also be used). The key difference is not only does Aadhaar KYC verify the Aadhaar number of the user and his/her fingerprint matches, but it also returns the details of the Aadhaar details of the customer (Name, Address, Gender and Date-of-birth) to the service provider. The service provider will store the customer details before offering the service – such as opening a bank account or issuing a SIM card for a mobile connection.
There are several significant advantages to the Aadhaar KYC solution:
- A high assurance biometric verification of the customer was being performed through an Aadhaar fingerprint or iris match (face match is to be added to this shortly).
- The demographic details of the customer – Name, Address, Gender and Date-of-birth was being returned from the customer’s Aadhaar record, with high confidence w.r.t the accuracy of details.
- The photo of the face is also returned from the Aadhaar database in order to match against the customer, or compared against photo submitted during a service application/registration.
- All of the above being done within a matter of a few seconds online real-time.
- Consequently reducing the cost of KYC from a few hundred rupees in the case of a traditional KYC to a few rupees for an Aadhaar KYC.
Types of Aadhaar KYC
Aadhaar supports both online and offline methods of KYC.
Aadhaar supports 2 different types of online KYC
- Biometric KYC: Where the customer enters his/her Aadhaar number followed by a fingerprint or iris.
- OTP based KYC: Here the customer enters Aadhaar number which results in an OTP being sent to the customer’s mobile number. The customer then enters the OTP on the KYC client/device to complete the KYC transaction.
Aadhaar also offers a few variants of offline KYC
- QR Code Scan: In this method, a smartphone can scan the QR code on the Aadhaar Card and extract the Name, Address, Gender and Date-of-Birth information simply from the QR code on the Aadhaar card, without the need to access the Aadhaar database.
- mAadhaar App: Using the mAadhaar app a user can transfer the demographic details to a requesting party
- Aadhaar Portal: allows its users to download a copy of their Aadhaar in the form of e-Aadhaar or a secure XML packet that they can share with service providers with consent.
Aadhaar also offers a few variants of offline KYC. The difference here is that the customer submits Aadhaar data to the requesting entity directly, and direct ping to the UIDAI Server is involved.
- QR Code Scan: In this method a smartphone can scan the QR code on the Aadhaar Card and extract the Name, Address, Gender and Date-of-Birth information simply from the QR code on the Aadhaar card, without the need to access the Aadhaar database.
- mAadhaar App: Using the mAadhaar app a user can transfer the demographic details to a requesting party
- Aadhaar Paperless Offline KYC: In this method, customer can download Aadhaar XML from UIDAI Portal protected using a “share code” and share it with the requesting entity. Aadhaar XML contains Name, Address, Gender, Date-of-Birth, Photograph, and hashed mobile and email
In conclusion, Aadhaar offers a comprehensive set of online APIs for both Authentication of KYC in many variants to suit the varied needs of service providers. They key is to judiciously choose the specific solution based on the use-case, online access, device/sensor availability and the level of assurance required for the transaction.