What changed
RBI expanded KYC acceptance to include UIDAI's e-KYC service, where demographic data and photos obtained via biometric authentication are treated as an Officially Valid Document under PML Rules. Previously, only physical Aadhaar letters were accepted. PSOs must sign a KUA agreement with UIDAI, deploy STQC-certified biometric scanners, and develop software for e-KYC across customer service points.
What it means for you
This move streamlined customer onboarding for payment system operators by eliminating paper-based KYC, cutting identity fraud and forgery risks. Banks and PSOs could verify customers instantly using Aadhaar biometrics, reducing operational costs and turnaround time. However, they must invest in certified hardware and secure networks to comply with UIDAI standards.
What you must do
- Sign a KUA agreement with UIDAI to access e-KYC services.
- Deploy STQC-certified biometric scanners at all customer service points.
- Develop software applications compliant with UIDAI API protocols for e-KYC.
- Update your KYC policy to include e-KYC as a valid verification process.
- Ensure explicit user consent is obtained before biometric authentication.
Who it affects
All payment system operators (PSOs) under PSS Act, System participants and prospective prepaid payment instrument issuers, Banks offering digital payment services, Customers using Aadhaar-based e-KYC for onboarding
What is the key change in this circular?
RBI now accepts UIDAI's e-KYC service (biometric authentication) as an Officially Valid Document for KYC under PMLA rules, alongside physical Aadhaar letters.
Do we still need to accept physical Aadhaar cards?
Yes, physical Aadhaar cards/letters continue to be accepted as Officially Valid Documents. e-KYC is an additional option.
What infrastructure is required for e-KYC?
PSOs must sign a KUA agreement with UIDAI, deploy STQC-certified biometric scanners, and develop software using UIDAI API protocols for secure data transfer.