e-KYC OTP Request

This api is used for requesting otp on merchant's mobile number for verification

📘

The OTP is sent from the bank itself.

❗️

You need to encrypt the value of the aadhar number as well.

Aadhaar Encryption -

  1. Decode public key using base64 encoding technique. (public key for UAT and production are different)
  2. Compute RSA encrypted signature using decoded key and message.
  3. Encode encrypted signature with base64 encoding to send message on API.

Public Key for Aadhaar Encryption - (UAT)

MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCaFyrzeDhMaFLx+LZUNOOO14Pj9aPfr+1WOanDgDHxo9NekENYcWUftM9Y17ul2pXr3bqw0GCh4uxNoTQ5cTH4buI42LI8ibMaf7Kppq9MzdzI9/7pOffgdSn+P8J64CJAk3VrVswVgfy8lABt7fL8R6XReI9x8ewwKHhCRTwBgQIDAQAB

public static String calculateRSA( String salt ) throws InvalidKeyException, Exception {

Cipher encryptCipher = Cipher.getInstance("RSA");
encryptCipher.init(Cipher.ENCRYPT_MODE, getPublicKey());
byte[] secretMessageBytes = salt.getBytes("UTF-8");
byte[] encryptedMessageBytes = encryptCipher.doFinal(secretMessageBytes);
String encodedMessage = Base64.encodeBase64String(encryptedMessageBytes);
return encodedMessage;
}
public static PublicKey getPublicKey() throws Exception {
String rawPublicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXa63O/UXt5S0Vi8DM/PWF4yugx2OcTVbcFPLfXmLm9ClEVJcRuBr7UDHjJ6gZgG/qcVez5r6AfsYl2PtKmYP3mQdbR/BjVOjnrRooXxwyio6DFk4hTTM8fqQGWWNm6XN5XsPK5+qD5Ic/L0vGrS5nMWDwjRt59gzgNMNMpjheBQIDAQAB";
byte[] keyBytes = Base64.decodeBase64(rawPublicKey);
X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
return kf.generatePublic(spec);// generatePrivate(spec);
}

EKYC Steps -

  1. For service_code = 43, it is mandatory to use e-KYC OTP request, e-KYC OTP Verification and Biometric before AePS transaction.
    Please make sure you use these APIs consecutively.
  2. For service_code = 52, you just have to use e-KYC using Biometric only with ekyc_flag param = 1.
  3. The whole process of e-KYC is to be done for every merchant just once.
  4. For both of these services, Daily authentication i.e. 2FA is mandatory and to be done everyday.

Response Error Codes

ERROR CODESMEANINGSOLUTION
403ForbiddenRegenerate your secret key and
timestamp or check if your service is activated or not
500Internal Server ErrorCheck if your request url is correct or
the parameters you're passing is correct
according to the parameters mentioned above
415Unsupported Media TypeRe-check the content/type of the request body.
Language