Business Requirements - Tokenised KYC

Tokenised KYC presents a transformative opportunity to reimagine identity management that could be easily shared with financial institutions and instantly verified. By enabling users to securely store, control, and share their verified identity as reusable digital tokens, it can reduce duplication, safeguard sensitive information, promote privacy, ensure compliance and streamline delivery of financial services. Tokenised KYC models ensure that once a user’s identity is verified, it can be securely reused across financial service providers via consent-driven mechanisms. This problem statement invites participants to design and develop a tokenised KYC model and focus on the following features:

a.    Creating token-based user-held KYC models where credentials are digitally signed by trusted issuers and shared securely across institutions. 

b.    The digital identity tokens should be tamper-proof, machine-readable and issued by trusted authorities and reusable across multiple onboarding processes. 

c.     Users should have full control over their KYC data. Sharing of data must be explicitly consent-driven and auditable. 

d.    Identity credentials should be tamper-resistant, traceable and support selective disclosure of information based on requirement. 

e.    Cross-platform and inter-institutional interoperability using open standards, standardised APIs, and common data exchange protocols. 

f.      Adhere to applicable privacy guidelines. 

g.    Real-time KYC revocation, renewal, and audit tracking mechanisms for improved lifecycle management. 

h.    Integrate with/ make it interoperable with existing infrastructure such as Aadhaar, DigiLocker, and the Central KYC Registry (CKYCR), and work across institutions via common standard APIs. 

i.      Secure delegation of tokenised KYC access to legal heirs, guardians, or nominees when required. 

j.      Address updation, periodic KYC updation and how the KYC platform can be leveraged by other sectors such as insurance, mutual funds.

The solutions may leverage emerging technologies such as blockchain, zero-knowledge proofs (ZKPs), smart contracts, and biometric authentication to enable trust, reduce fraud, and improve operational efficiency. Tokenised KYC has the potential to revolutionise digital identity and customer onboarding in India. The objective is to build a scalable, standards-driven identity verification framework that enhances collaboration between institutions, reduces redundancy, and empowers users with greater control over their digital identity. By placing users at the center and ensuring regulatory alignment, tokenised KYC can reshape India’s digital identity landscape and accelerate secure and convenient financial access at scale.