Indian bank regulator considers live video to authenticate customers without Aadhaar biometrics
As financial institutions navigate the fallout of the court-mandated changes to Aadhaar rules, the Reserve Bank of India (RBI) is considering using live video and other new electronic modes to authenticate customer identity for payments, the Economic Times reports.
RBI officials reportedly indicated in a meeting with industry executives that they are planning to roll out digital authentication using XML to extract limited customer information from the Aadhaar database, which would not include biometrics. The regulator will wait for changes to the Prevention of Money Laundering Act before updating its KYC guidelines.
“RBI is more keen on starting off with XML-based Aadhaar authentication instead of offline QR code-based verification since the industry is not ready with that offering yet,” an industry source told the Economic Times.
A payment firm executive said that RBI wants to use live videos, rather than apply artificial intelligence to recorded videos.
The new methods would be cheaper, and presumably faster than paper-based KYC processes, but the XML process could be cumbersome, industry sources told the Economic Times. Unique Identification Authority of India (UIDAI) guidelines require a process with at least three steps to authenticate individuals using XML with the Aadhaar database.
The UIDAI has reportedly suggested the RBI update its KYC guidelines to allow offline Aadhaar verification with a digitally-signed QR code.
Fintech companies have been seeking a way to authenticate customers digitally since the Supreme Court decision placed limits on the use of Aadhaar by private companies in a landmark September ruling. The founder of an authentication startup told the Economic Times that the ease of authentication provided by Aadhaar-based NYC is impossible to replace, though IDMerit CEO Tony Raval told Biometric Update previously that fake Aadhaar accounts are easily created.
MyLoanCare.in CEO Gaurav Gupta pointed out to Inc42 that the video authentication process would still require manual entry processes by the service provider.