Under the Information Technology Act, Digital Signature Certificates (DSC) are issued by Certifying Authorities (CA) on successful verification of the identity and addresses credentials of the applicant.
The DSC / eSign applicant can have an e-KYC subscriber account with CA based on UIDAI offline e-KYC of the applicant and verification of applicant by CA. The e-KYC holder's ( subscriber) verified information like Photograph, PAN, Mobile Number, eMail ID etc. held by CA will be used for issuance of DSC or eSign.
It is assumed that subscriber has downloaded digitally signed e-KYC XML from UIDAI website https://resident.uidai.gov.in/offlineaadhaar
Subscriber uploads e-KYC XML within CA app/website and provides the "share code/phrase" which is used to encrypt the offline KYC XML.
For e-KYC account creation, the e-KYC XML of the applicant should not be older than 7 days.
Mobile Number and PAN of applicant are mandatory for creation of e-KYC account.
Once the KYC account enrolment is complete, before activation and setting up of PIN, subscriber is assigned a unique User ID.
The act of providing OTP will be considered as subscriber's consent and authorization to the CA to share e-KYC data with third party applications.
As per CCA guidelines the KYC account will be activated only after the CA has verified applicant's video of not less than 20 seconds and the same is matched with the applicant's photograph. CA will not make available option for uploading offline video recording and also will not accept offline recording by any other means.
User has the option to lock his account to restrict account usage.
In the case of change in registered mobile number of subscriber, CA will do mobile verification and video verification prior to the register new mobile number in the e-KYC account.
In case the CA is unable to ascertain the genuineness of the e-KYC data submitted by applicant, CA will reject the request.
CA will verify the applicant one time and issue DSC/eSign subsequently based on 2-factor authentication by applicant. The two factor authentication includes the OTP send to the verified mobile and PIN set by the applicant. For DSC issuance, video verification should have carried out within last 3 months.
CA will notify applicant of the agreement for the use of KYC information for DSC issuance by CA on successful authentication by the applicant. The applicant has the option to accept or reject the same.
The validity of the e-KYC account will be for two (2) years.