DigiLocker is a Ministry of Electronics and Information Technology (MeitY) flagship initiative launched as part of the Digital India Programme. DigiLocker is a secure document repository created for the use of Indian citizens and businesses to store and retrieve important identifying documents easily.
It also assists in maintaining a secure digital record of the original documents in the cloud and makes them available for various authentication reasons as requested by the user. The app is hosted per ISO 27001 standards to protect personal and financial information. The program also employs 256-bit SSL (Secure Socket Layer) certifications, which ensures that the data you supply to issue papers is secured. To get papers from the government or registered issuers, users must verify themselves using their Aadhaar data.
Compliance in the financial services industry largely comes in the form of KYC and AML procedures. For any financial services offerings, organisations need to process ‘Know Your Customer (KYC)’ as mandated by regulatory authorities.
DigiLocker is used by regulated financial institutions (FIs) to conduct KYC verification before customer onboarding. DigiLocker KYC, as this process is known, involves integrating with DigiLocker to retrieve and verify KYC documents after obtaining the customer’s consent. A mobile native KYC journey is critical to reduce friction points as part of customer onboarding and prevent drop-offs.
How do financial institutions complete KYC using DigiLocker?
They partner with a ‘requestor’. A requestor is an authorised entity registered with the Digital Locker directory. It pulls out KYC documents such as Aadhaar & PAN from a user’s DigiLocker account, authenticates them, and uses them as Proofs of Identity & Address.
As per DigiLocker, it shall be used by the requester to –
(a) register on the Digital Locker directory;
(b) access documents uploaded by the subscriber on the Digital Locker portal;
(c) use authorised gateway providers to access these documents stored across repositories;
(d) access subscriber’s State or Central department or agency or body corporate issued documents based on the URI; and
(e) take consent from the subscriber to access documents available in the subscriber’s Digital Locker account
4 Critical points to consider when looking for a ‘requestor’ for DigiLocker KYC
1. Compliance with DigiLocker norms
A DigiLocker-based KYC journey must follow certain rules as per the DigiLocker norms. As per UIDAI, MeiTY & other regulators, the following aspects must happen for a compliant DigiLocker flow:
- Customer must be mandatorily redirected to the DigiLocker page
- Customers must enter their Aadhaar details, OTP, and captcha themselves
- Take consent from the subscriber to access documents available in the subscriber’s Digital Locker account
- The verification must be performed by a requesting partner registered with DigiLocker
2. Ability to create DigiLocker accounts on the fly
A customer may or may not have a pre-existing DigiLocker account. For such cases, your KYC partner must be able to create one for the customer on the go with their consent to be able to pull the relevant documents
3. Smooth customer experience
It’s no news that Financial Institutions face heavy competition when acquiring customers. Hence, when choosing a KYC partner, thinking about your customer’s journey is basic hygiene. A smooth customer onboarding experience sure gives you an edge over your competitors.
4. Ease of integration
The requestor should have an API bus which Financial institutions can simply plug into to facilitate a DigiLocker KYC journey for their customers.
How can CARD91 help issue various card-based payment instruments using DigiLocker-based KYC?
CARD91 is a full-stack card issuance Technical Service Provider. We work closely with financial institutions such as Banks & NBFCs, and Fintechs to help them launch new-age card programs across card-based payment instruments such as prepaid cards, credit cards, forex cards etc. For issuing these various types of cards to the end customer, KYC is mandated by all financial institutions. We have been working closely with our banking partners to incorporate & promote mobile native DigiLocker-based KYC for a complete end-to-end digital experience for the customers to get their hands on these different types of card-based payment instruments. Some advantages of adopting a DigiLocker-based KYC methodology are as follows –
- An end-to-end mobile native digital journey for the end customers that helps reduce drop-offs and increase the number of cards issued.
- A faster turnaround time for the card issuing entity (Banks) to validate and verify the customer and take approval decisions on issuing cards to these customers.
- Get a full KYC limit of up to INR 2 lac per card per month in case of pre-paid instruments.
- Help promote financial inclusion & digital payments for New to Credit and New to Bank customers who can apply for a pre-paid instrument with no or thin file financial history with financial institutions.
Bhushan Sawant, Director – Partnerships & Sales at CARD91
