The UIDAI Had Imposed Restrictions On Digital Payments Companies Accessing Aadhaar Information
While the RBI examines mobile wallet interoperability rules, the digital payments industry has written to the central bank to delay implementation of its stringent customer verification rules until mobile wallet service providers are allowed to access the Aadhaar database for user authentication.
According to reports, the Payments Council of India (PCI) wrote in a letter: “The (prepaid payments instrument) industry is in a precarious situation right now and therefore we request you to keep the (know-your-customer) regulations in abeyance till the time these concerns are resolved.”
The PCI said that digital payments companies would be able to comply with the KYC guidelines once they receive global authentication agency (AUA) licences which will enable them to authenticate customers using Aadhaar.
This request comes in the wake of recent restrictions imposed by the UIDAI on digital payment companies accessing its database by classifying them as local authentication user agencies and citing concerns over their security systems.
With this, the UIDAI has segregated AUA into two — local AUAs, which can access limited information, and global AUAs, which can access the complete information in the repository. Global AUAs cover banks while all payment companies and other entities in the authentication business fall under local AUAs.
In simple terms, this means that payment companies can only accept virtual Aadhaar numbers — which are provided by the UIDAI for verification — from consumers.
To address this, the PCI added in the letter: “The PPI industry is in a unique situation where on one hand issuers have been mandated to perform Aadhaar-based KYC and on the other, they are being denied the requisite licence to do so.”
Further, it also sought that the UIDAI expedite the AUA licensing process for Amazon Pay, PhonePe, Balance Hero, Sodexo, PayPoint, and ZipCash.
It is to be noted that the RBI’s full KYC rules for mobile wallet came into effect on March 1.
Saga Of E-KYC, RBI, UIDAI, And Supreme Court
Ever since the RBI issued stricter KYC guidelines for digital payment users last October, the sector has seen some major upheaval. As reported earlier by Inc42, the RBI had refused to extend the deadline for KYC beyond February 28, 2018, saying that enough time had already been granted to companies to adhere to the prescribed guidelines.
However, adding to the confusion, the Supreme Court on March 13, 2018, extended the deadline for mandatory linking of Aadhaar card to avail of various government services and welfare schemes. Reports claimed that more than 50% of the PPIs are still not KYC compliant.
Also, the RBI asked all payment system operators in the country to store data relating to their customers within India. The move is geared towards ensuring that user details remain secure against privacy breaches. According to the directive, payment companies have been given six months to comply with the newly released norms.
The UIDAI is defending the Aadhaar system in the Supreme Court, claiming that 13ft high and 5ft thick walls protect Aadhaar data, which, ironically, continues to witness major leaks. Mobile wallet companies, meanwhile, continued to suffer amid directives from the RBI, the UIDAI, the Supreme Court, and data privacy regulations.
[The development was first reported by ET.]