Uncategorized

Video KYC: All you must know about a Video KYC Process

8 MIN READ

What is Video KYC?

Video KYC (VKYC) is the digital alternative to traditional in-person KYC, conducted over a live video call. This method is not only cost-effective, secure, and quick, but also provides real-time results.

Using Video KYC(Know Your Customer), financial institutions conduct a remote face-to-face verification of their customers over a video call. Here they check the authenticity of the customer and their documents. 

Unlike other digital KYC methods, such as Aadhaar eKYC, VKYC qualifies as full KYC. This allows customers full access to all benefits of a financial product, unlike minimum KYC which restricts access to limited features. Additionally, accounts initially set up with minimum KYC can be upgraded to full KYC status through VKYC.

For a customer, a Video KYC process can take anywhere from 2 to 10 minutes. While for FIs, the process takes a bit longer as the video call is followed by a concurrent review of the customer’s details. 

Typically, the documents required for a VKYC are: Aadhaar card, PAN card, Voter Card/Driver’s License and a wet signature on a plain white paper. 

The Video KYC process

There are 3 components to KYC:

  1. Document verification
  2. Identity verification
  3. Liveness verification

A similar flow follows for Video KYC. And the 3 components are fulfilled via a 3 step process:

  1. Pre Video KYC capture
  2. Video KYC call 
  3. Audit/Review of the call

Let’s look at them one by one. 

Stage 1: Pre-Video KYC Call

As mandated by the RBI, eKYC / Aadhaar verification must be done before the video KYC call. These are the 4 ways to do it:

  1. OTP based Aadhaar e-KYC authentication
  2. Offline Verification of Aadhaar for identification (using Aadhaar XML)
  3. KYC records downloaded from CKYC, in accordance with Section 56, using the KYC identifier provided by the customer
  4. Equivalent e-document of Officially Valid Documents (OVDs) including documents issued through Digilocker

DigiLocker based Aadhaar eKYC is one of the easiest way to conduct pre VKYC customer identification. 

Here’s how it takes place:

  • OTP based Aadhaar e-KYC authentication using UIDAI’s database

OTP-based online eKYC involves an OTP being sent to the mobile number linked to a user’s Aadhaar. Once this is matched, all required details of the user can be accessed for verification. Currently, the RBI only allows banks and telecom operators to use this facility.

  • Offline Verification of Aadhaar for identification (using Aadhaar XML)

Paperless offline eKYC, also known as Aadhaar XML, requires users to generate a password-protected XML file that contains their Aadhaar details from UIDAI’s website. They can share this file along with its share code with any organization wanting to verify their details.

  • KYC records downloaded from CKYC using the customer’s KYC identifier

With CKYC, your customers only need to do their KYC once. Post this, their documents get uploaded to a central database and they are assigned a unique number called KIN (KYC identification number).

FIs can then simply use this number to access their documents digitally for any KYC process thereafter. It is one the more recently introduced types of KYC.

  • Equivalent e-document of Officially Valid Documents (OVDs) including documents issued through Digilocker

During the DigiLocker journey, customers begin by simply providing their Aadhaar number and confirming their identity with an OTP received on their Aadhaar-linked phone number. Once verified, a financial institution (FI) can directly retrieve the customer’s documents from DigiLocker, an authentic government source, facilitating a streamlined document access process.

Furthermore, while banks can customize the interface of DigiLocker to align with their branding—thanks to specific licenses they hold—non-banks face restrictions that limit them to using the official DigiLocker site for Aadhaar eKYC purposes. Consequently, non-banks often collaborate with a ‘DigiLocker Requestor’ to manage the DigiLocker-based Aadhaar eKYC on their behalf, ensuring compliance and functionality.

To know more, you may read ‘how to choose a partner for DigiLocker KYC’. 

Further, as per the RBI, the next stage (that is the video call) must take place within 3 days of downloading/obtaining a customer’s identification (Aadhaar XML/Aadhaar QR code). 

digilocker kyc

Stage 2: VKYC Call

Consent, permissions, geo-tagging and network check

As per RBI regulations for a video KYC process, “The customer consent should be recorded in an auditable and alteration proof manner.” So, video KYC verification starts with collecting the customer’s consent to use their personal information for verification. 

RBI also says that, “The V-CIP infrastructure / application should be capable of preventing connection from IP addresses outside India or from spoofed IP addresses.”

To ensure this, the customer’s location is geo-tagged (after they allow the VKYC application to access their location). Next, permissions to access camera and microphone are taken to smoothen the upcoming video call. 

Connecting the customer to an agent 

As per RBI, “The V-CIP process shall be operated only by officials of the RE (Regulated Entity) specially trained for this purpose”. 

A VKYC call shall be assigned to an official agent using either of the two ways:

  • Random selection

Here, the service provider connects the customer to any available VKYC agent from the FI. 

  • Skill based call assignment

Here, based on the information collected during pre-call (location, preferred language, product of interest, etc.) the customer is connected to a suitable agent. For eg., a customer who prefers to speak in marathi will be connected to an agent who is proficient in the language. Know more about IDfy’s Skill-Based Call Assignment here. 

If a customer is not available, FIs provide them with an option to schedule a call for a specific time

Live: VKYC call 

  • Proof of Liveness

RBI says that a FI must establish that the interactions with a customer during a Video KYC process are real-time and not pre-recorded. 

To establish the same, the agent may ask the customer to make certain hand gestures, answer security questions, or read random digits displayed on the call out loud. 

  • Real-time selfie and document capture

Next is a real-time capture of the customer’s documents and a selfie on the video call. During the video call, customers are asked to point their camera at their documents. This allows the agent to instantly capture images of the documents, followed by taking a selfie of the customer to confirm identity.

To further streamline the process, many financial institutions utilize Optical Character Recognition (OCR) technology. OCR automatically extracts text from the captured images, which helps eliminate the need for manual data entry, enhancing the overall efficiency and accuracy of the KYC process.

The documents captured by the agent are: PAN card, Driver’s License, Voter’s ID, and a wet signature on a plain white paper. 

  • Data comparison across two sources: Pre Vs During Video KYC call

As per RBI, “The authorized official of the RE shall ensure that photograph of the customer in the Aadhaar/OVD and PAN/e-PAN matches with the customer undertaking the V-CIP and the identification details in Aadhaar/OVD and PAN/e-PAN shall match with the details provided by the customer.”

This comparison is done by automated APIs that give a match score between customer data acquired from two sources. 

These two data sources are:

Source 1: Details obtained during pre VKYC stage through Aadhaar eKYC

Source 2: Details captured during the live VKYC call

Based on the match score between the two, the agent decides whether or not the information provided during the video call is authentic. 

Here the agent compares different details:

  • Name comparison (Name on Aadhaar obtained during pre VKYC stage Vs during VKYC call)
  • Face comparison (Photograph on government ID Vs Real-time selfie)
  • Date of Birth comparison (DOB on Aadhaar obtained during pre VKYC stage Vs during VKYC call)
  • Agent approves or rejects the customer’s profile 

After the comparison, the on-call agent analyses if the above details match with each other. Based on this, the agent then approves or rejects the customer’s profile. 

If the agent is suspicious of manipulation or fraud during VKYC, they shall reject the customer’s profile based on the observations. 

Note:

RBI also says that, “The video recordings should contain the live GPS coordinates (geo-tagging) of the customer undertaking the V-CIP and date-time stamp. The quality of the live video in the V-CIP shall be adequate to allow identification of the customer beyond doubt.”

The GPS coordinates of the customer must be recorded to prevent connection from IP addresses outside India or from spoofed IP addresses.

Stage 3: VKYC review

The RBI also mandates FIs to have another official audit of the records of the VKYC call

Here, they check for certain information like:

  • Proof of liveness of the customer 
  • Whether or not the agent has analyzed the comparison between two data sources appropriately 
  • Whether or not the agent has skipped on some critical observations

The 2 levels of review (during and after the VKYC call) ensures that the outcome of the VKYC is acceptable and can be relied upon to onboard/reject a customer. 

If you have any further questions about the VKYC Process, feel free to contact us at shivani@idfy.com.