Ans: Key benefits include:
- Faster Onboarding
- Reduced Manual Effort & Errors
- Enhanced Compliance:Leverage iServeU's robust KYC and verification mechanisms (OTP, PAN verification, PID data processing) to ensure regulatory compliance.
- Scalability
- Seamless Integration
Ans: The API supports submission of comprehensive agent data, including personal details (name, mobile, email, PAN, Aadhaar number, PID data), address details (residential and shop address with pincodes), and geographical coordinates (latitude/longitude) of the agent's shop.
Ans: Yes, the API primarily supports OTP-based mobile no. verification. It's crucial to understand iServeU's specific requirements for PID data encryption for Aadhaar-based submissions.
Ans: Yes, iServeU ensures secure data transmission using AES-256 encryption for both the request and response bodies. Additionally, header_secrets and pass_key are used for authentication. It is critical for our client to implement the exact encryption and decryption logic provided by iServeU to ensure compatibility and security.
Ans: Yes, iServeU provides access to a UAT (User Acceptance Testing) environment. Please contact your iServeU account manager or support team to get the necessary UAT API endpoints and credentials.
Ans: PID data refers to the encrypted data related to Aadhaar verification. It's mandatory for Aadhaar-based authentication, which is a core part of iServeU's robust KYC and identity verification process to ensure compliance and prevent fraud.
Ans: Common reasons for failure include:
- Invalid Input:Incorrectly formatted data, missing mandatory fields, or data not adhering to specified validation rules (e.g., mobile number not 10 digits, invalid email format).
- Authentication Failures:Incorrect
header_secrets
orpass_key
. - OTP Verification Issues:Incorrect OTP, expired OTP if not validated in 90 sec, or OTP already validated.
- Duplicate Data:Agent mobile number, PAN, or Aadhaar already registered in the system.
- Aadhaar/Biometric Issues:Mismatched Aadhaar details, biometric data not matching, or Aadhaar details not updated as per UIDAI standards.
- Internal Server Issues:Temporary issues on iServeU's end (e.g., database errors, microservices not responding).
Ans: OTP verification ensures that the mobile number provided by the merchant is valid and accessible. It helps in authenticating the identity of the user and prevents fraudulent or duplicate registrations.
Ans: The OTP-Based Onboarding API initiates the mobile verification process by sending a one-time password to the merchant’s registered mobile number. This step ensures that the number is active and belongs to the merchant applying for onboarding.
Ans: If the OTP is not received within a specified time (e.g., 90 seconds), the merchant can use the resend OTP option. However, this feature includes a cooldown period to prevent misuse.
Ans: The number of retry attempts is generally limited to prevent abuse. After a certain number of failed attempts, the process may need to be restarted or flagged for manual review.
Ans: The OTP Verify API confirms the correctness of the OTP entered by the merchant. A successful verification allows the onboarding process to proceed to the next stage, such as biometric or document verification.
Ans: No, OTP verification is one part of the complete KYC process. It validates the mobile number. Additional steps like biometric verification and Aadhaar validation are also required for full KYC completion.
Ans: No, duplicate checks are in place. If the same mobile number is already registered, the system will prevent further onboarding attempts using that number to maintain data integrity.
Ans: The OTP is time-bound and expires after a short duration (typically 90 seconds). Each OTP is unique and securely transmitted, ensuring that only the authorized person can use it for verification.