How will service providers use Aadhaar Offline e-KYC?
The process of Aadhaar Offline e-KYC Verification by Service Provider is:
- Once service provider obtains the ZIP file, it extracts the XML file using the password (share code) provided by the resident.
- The XML file will contain the demographic details such as Name, DOB, Gender and Address. Photo is in base 64 encoded format which can be rendered directly using any utility or plane HTML page. Email Address and Mobile number are hashed.
- Service Provider has to collect Email Address and Mobile number from residents and perform below operations in order to validate the hash:
Hashing logic: Sha256(Sha256(Mobile+ShareCode))*number of times of last digit of Aadhaar Number
Mobile number: 9800000002
Aadhaar Number: 123412341234
Share Code: Abc@123
In case if Aadhaar Number ends with Zero or 1 (123412341230/1) it will be hashed one time.
Hashing Logic: This is a simple SHA256 hash of the email without any salt
- Entire XML is digitally signed and Service Provider can validate the XML file using the signature and public key available on the UIDAI website.(https://uidai.gov.in/images/uidai_offline_publickey_26022019.cer).