DigiLocker is a Ministry of Electronics and Information Technology (MeitY) flagship initiative launched as part of the Digital India Programme. DigiLocker is a secure document repository created for the use of Indian citizens and businesses to store and retrieve important identifying documents easily. 

It also assists in maintaining a secure digital record of the original documents in the cloud and makes them available for various authentication reasons as requested by the user. The app is hosted per ISO 27001 standards to protect personal and financial information. The program also employs 256-bit SSL (Secure Socket Layer) certifications, which ensures that the data you supply to issue papers is secured. To get papers from the government or registered issuers, users must verify themselves using their Aadhaar data.

Compliance in the financial services industry largely comes in the form of KYC and AML procedures. For any financial services offerings, organisations need to process ‘Know Your Customer (KYC)’ as mandated by regulatory authorities. 

DigiLocker is used by regulated financial institutions (FIs) to conduct KYC verification before customer onboarding. DigiLocker KYC, as this process is known, involves integrating with DigiLocker to retrieve and verify KYC documents after obtaining the customer’s consent. A mobile native KYC journey is critical to reduce friction points as part of customer onboarding and prevent drop-offs.

How do financial institutions complete KYC using DigiLocker?

They partner with a ‘requestor’. A requestor is an authorised entity registered with the Digital Locker directory. It pulls out KYC documents such as Aadhaar & PAN from a user’s DigiLocker account, authenticates them, and uses them as Proofs of Identity & Address.

As per DigiLocker, it shall be used by the requester to –

(a) register on the Digital Locker directory;

(b) access documents uploaded by the subscriber on the Digital Locker portal; 

(c) use authorised gateway providers to access these documents stored across repositories; 

(d) access subscriber’s State or Central department or agency or body corporate issued documents based on the URI; and

(e) take consent from the subscriber to access documents available in the subscriber’s Digital Locker account 

4 Critical points to consider when looking for a ‘requestor’ for DigiLocker KYC

1. Compliance with DigiLocker norms

A DigiLocker-based KYC journey must follow certain rules as per the DigiLocker norms. As per UIDAI, MeiTY & other regulators, the following aspects must happen for a compliant DigiLocker flow:

• Customer must be mandatorily redirected to the DigiLocker page
• Customers must enter their Aadhaar details, OTP, and captcha themselves
• Take consent from the subscriber to access documents available in the subscriber’s Digital Locker account
• The verification must be performed by a requesting partner registered with DigiLocker

2.  Ability to create DigiLocker accounts on the fly

A customer may or may not have a pre-existing DigiLocker account. For such cases, your KYC partner must be able to create one for the customer on the go with their consent to be able to pull the relevant documents

3. Smooth customer experience 

It’s no news that Financial Institutions face heavy competition when acquiring customers. Hence, when choosing a KYC partner, thinking about your customer’s journey is basic hygiene. A smooth customer onboarding experience sure gives you an edge over your competitors.

4. Ease of integration

The requestor should have an API bus which Financial institutions can simply plug into to facilitate a DigiLocker KYC journey for their customers.

How can CARD91 help issue various card-based payment instruments using DigiLocker-based KYC?

CARD91 is a full-stack card issuance Technical Service Provider. We work closely with financial institutions such as Banks & NBFCs, and Fintechs to help them launch new-age card programs across card-based payment instruments such as prepaid cards, credit cards, forex cards etc. For issuing these various types of cards to the end customer, KYC is mandated by all financial institutions. We have been working closely with our banking partners to incorporate & promote mobile native DigiLocker-based KYC for a complete end-to-end digital experience for the customers to get their hands on these different types of card-based payment instruments. Some advantages of adopting a DigiLocker-based KYC methodology are as follows – 

1. An end-to-end mobile native digital journey for the end customers that helps reduce drop-offs and increase the number of cards issued.
2. A faster turnaround time for the card issuing entity (Banks) to validate and verify the customer and take approval decisions on issuing cards to these customers.
3. Get a full KYC limit of up to INR 2 lac per card per month in case of pre-paid instruments.
4. Help promote financial inclusion & digital payments for New to Credit and New to Bank customers who can apply for a pre-paid instrument with no or thin file financial history with financial institutions.

Bhushan Sawant, Director – Partnerships & Sales at CARD91

PPI stands for Prepaid Payment Instrument, PPI is a method that facilitates the purchase of goods and services against the value stored on such instruments. The value stored on such instruments represents the value paid for the holder, by cash, by debit to a bank account, or by credit card.

The prepaid instruments can be issued as smart cards, magnetic stripe cards, internet accounts, online wallets, mobile accounts, mobile wallets, paper vouchers, and any such instruments used to access the prepaid amount.

Some of the common examples of PPIs include Paytm and Gpay, gift cards, and debit or credit cards. In today’s piece, we take a look at three types of prepaid payment instruments.

• Closed System PPIs
• Semi-Close System PPIs
• Open system PPIs

Closed System PPIs:

These are PPIs issued by an entity for facilitating the purchase of goods and services from that entity only. No cash withdrawals are permitted. These instruments cannot be used for payment or settlement for third-party services. The issuance and operation of such instruments are not classified as a payment system and do not require approval/authorization from the RBI.

Semi-Closed PPIs: 

These are PPIs issued by banks (approved by RBI) and non-banks (authorized by RBI) for purchase of goods and services, including financial services, remittance facilities, etc., for use at a group of clearly identified merchant locations/establishments which have a specific contract with the issuer (or contract through a payment aggregator/payment gateway) to accept the PPIs as payment instruments. These instruments do not also permit cash withdrawal, irrespective of whether they are issued by banks or non-banks.

Open System PPIs: 

These are PPIs issued by banks (approved by RBI) for use at any merchant for the purchase of goods and services, including financial services, remittance facilities, etc. Cash withdrawal at ATMs / Points of Sale (PoS) terminals / Business Correspondents (BCs) is also allowed through these PPIs.

How can a business benefit from PPIs?

Prepaid payment instruments in the form of mobile wallets, multipurpose, multicurrency, prepaid cards can accelerate sales, customer loyalty, and profitability. You can earn significant revenue for every transaction made through mobile wallet-enabled prepaid cards you issue.

Businesses must leverage PPIs to tap into the gigantic 760 million smartphone users base in India, who will most likely shop online and pay using mobile apps and wallets.

Using prepaid instruments, you can enable bank-like domestic and cross-border payments, but with greater efficiency, flexibility and security. Armed with the ground-breaking PPI reforms announced by the Reserve Bank of India (RBI), every business in India must ride the PPI wave to reap the utmost benefits.

The following are significant measures announced in the 2021 RBI monetary policy review, applicable from March 31, 2022.

1.  PPIs can offer Real-Time Gross Settlement (RTGS) and National Electronic Funds Transfer (NEFT) facilities to their users.
2. Interoperability of full KYC PPIs is mandatory.
3. The maximum balance of mobile wallets doubled to INR 2 lakhs from INR 1 lakh.
4. Cash withdrawals enabled for full-KYC PPIs of non-bank PPI issuers (in addition to bank issuers)

These reforms have the potential to level the playing field between banks and non-banks, incentivize full KYC PPIs, and drive greater financial inclusion. Businesses that accept payments and remittances through prepaid payment instruments will experience higher customer acquisition, retention, and loyalty, increased customer lifetime value, and long-term profitability.

Who can issue PPIs?

The following entities can issue PPIs post authorization/approval of RBI.

Non- Banking Entities

• They must be incorporated in India
• Minimum paid-up capital — more than INR 5 crores
• Minimum positive net worth — INR 1 crore at all times

NBFCs

• Maintain an escrow account with any scheduled commercial bank in India

Banks

• Compliant with PPI eligibility criteria established by the RBI

RBI’s new addition to PPI-Small PPIs can have cash upto ₹10,000 loaded per month

The Reserve Bank of India on 27/Aug/2021 issued Master Directions on Prepaid Payment Instruments (PPIs) with the fresh classification of the instruments.

“Keeping in view the recent updates to PPI guidelines, it has been decided to issue the Master Directions afresh,” the RBI said.

No entity can set up and operate payment systems for PPIs without prior approval or authorization of the RBI, it stated.

The master directions classify PPIs into two categories – small PPIs and full KYC PPIs. They were earlier classified as closed systems, semi-closed systems, and open system PPIs.

“Small PPIs: Issued by banks and non-banks after obtaining minimum details of the PPI holder. They shall be used only for the purchase of goods and services. Funds transfer or cash withdrawal from such PPIs shall not be permitted,” the RBI said.

PPI Classification

Small PPIs can have cash up to ₹10,000 loaded per month, not exceeding ₹1.2 lakh in a year.

Full-KYC PPIs will be issued by banks and non-banks after completing the Know Your Customer (KYC) of the PPI holder.

“These PPIs shall be used for the purchase of goods and services, funds transfer or cash withdrawal,” it further said, adding that the amount outstanding should not exceed ₹2 lakhs at any point in time.

The RBI has also said that the PPI issuer shall have a board-approved policy for PPI interoperability.

Where PPIs are issued in the form of wallets, interoperability across PPIs should be enabled through UPI. Where PPIs are issued in the form of cards (physical or virtual), the cards should be affiliated to the authorized card networks, it said.

PPI for mass transit systems should remain exempted from interoperability, while Gift PPI issuers (both banks and non-banks) have the option to offer interoperability.

“Interoperability shall be mandatory on the acceptance side as well. QR codes in all modes shall be interoperable by March 31, 2022,” it further said.

The RBI has also said the PPI issuer shall put in place a formal, publicly disclosed customer grievance redressal framework, including designating a nodal officer to handle customer complaints or grievances, the escalation matrix, and turn-around-times for complaint resolution.