How will service providers use Aadhaar Offline e-KYC?

The process of Aadhaar Offline e-KYC Verification by Service Provider is:

  • Once service provider obtains the ZIP file, it extracts the XML file using the password (share code) provided by the resident.
  • The XML file will contain the demographic details such as Name, DOB, Gender and Address. Photo is in base 64 encoded format which can be rendered directly using any utility or plane HTML page. Email Address and Mobile number are hashed.
  • Service Provider has to collect Email Address and Mobile number from residents and perform below operations in order to validate the hash:

    Mobile Number:

    Hashing logic: Sha256(Sha256(Mobile+ShareCode))*number of times of last digit of Aadhaar Number

    Example :
    Mobile number: 9800000002
    Aadhaar Number: 123412341234
    Share Code: Abc@123
    Sha256(Sha256(9800000002+ Abc@123))*4
    In case if Aadhaar Number ends with Zero or 1 (123412341230/1) it will be hashed one time.
    Sha256(Sha256(9800000002+ Abc@123))*1

    Email Address:

    Hashing Logic: This is a simple SHA256 hash of the email without any salt

  • Entire XML is digitally signed and Service Provider can validate the XML file using the signature and public key available on the UIDAI website.(

Offline Aadhaar Data Verification Service