Hello Guys, I have created and publish this Android library as a open source to easily implement Offline KYC using Aadhaar Secure QR Code in Android app without any external SDK and API.
Secure QR Code currently presents on Aadhaar print-letter and e-Aadhaar. It contains only the demographic information of the Aadhaar holder. UIDAI is replacing the existing one with a new Secure QR Code which will now contain demographics as well as photograph of the Aadhaar holder. Information in Secure QR Code will be made secure and tamper-proof by signing it with UIDAI digital signature
For Developer: You need to download updated public certificate from UIDAI web site. currently i added all required updated certificate in it.
For App User : User need to generate secure qr code if it has old aadhar print because UIDAI regularly maintain security for our Indian residence (aadhaar card holder) and old aadhaar card is not generated with Digital Signatures Certificate.
 |
|
|
| 1. Scan Secure aadhaar QR and pass response | 2. Internally check, validate with Digital certificate and Return aadhaar user details | 3. You can perform Offline KYC using inputing mobile number & email if connect with aadhaar card. |
|---|
You can clone this repository and import this project in Android Studio.
In your build.gradle file of app module, add below dependency to import this library
dependencies {
implementation 'com.gpfreetech:aadhaarofflinekyc:1.1'
}In Android app, Create activity and implement step where you want to add. In demo app I have already created MainActivity.java
See below code.
AadhaarParser aadhaarParser=AadhaarParser.getInstance(this);
aadhaarParser.parse("YOUR_AADHAAR_CARD_SCAN_STRING", new OnAadhaarResponse() {
@Override
public void onAadhaarResponse(AadhaarUser aadhaarCard) {
// aadhaarCard is your user model object
Intent intent = new Intent(getApplicationContext(), ProfileActivity.class);
intent.putExtra("card", aadhaarCard);
startActivity(intent);
}
});Return Field Details:
| Method | Description |
|---|---|
| getUid() | this method use to get user uid. Uid in the form of XXXLASTDIGIT .i.e mask format or uid converted as RefId in Secure QR code. Uid is use to verify Mobile number and email address |
| getName() | use to get user name |
| getAddress() | get full address of aadhaar user |
| getDob() | get DOB of user. It may be full DOB or only year. it depend on aadhaar detail |
| getGender() | use to get aadhaar user gender in format of "M", "F" or 3rd is common this is not fixed format |
| isVerified() | This is imp boolean return method, which is used to check Secure QR code is generated by valid digital certificate and also check in offline with valid digital certificate as per UIDAI SECURE QR CODE specification guidelines. |
| getEmail() | return email address in encoded format which is use to verify with user input for offline KYC. NOTE: if qr code response from old / normal aadhaar card then email return in XXX format .i.e. mask format. This string is not used for offline KYC |
| getMobile() | return mobile number in encoded format which is use to verify with user input for offline KYC. NOTE: if qr code response from old / normal aadhaar card then mobile number return in XXX format with last digit .i.e. mask format. This string is not used for offline KYC |
To verify input mobile number with scanned user:
boolean isMobileVerify = aadhaarParser.verifyUserDetail(aadhaarCard.getUid(),"INPUT_MOBILE_NUMBER", aadhaarCard.getMobile());To verify input email address with scanned user:
boolean isEmailVerify = aadhaarParser.verifyUserDetail(aadhaarCard.getUid(),"INPUT_EMAIL_ADDRESS", aadhaarCard.getEmail());To register for callback events, you will have to set ``OnAadhaarResponse` with instance as below.
aadhaarParser.parse("YOUR_AADHAAR_CARD_SCAN_STRING",this);Description :
OnAadhaarResponse()- This method is invoked when decoding is completed and ready to return aadhaar user details in complete model class format.
@Override
public void onAadhaarResponse(AadhaarUser aadhaarCard) {
// aadhaarCard is your user model object
}
});Don't share your secure qr code and Offline XML zip file with an unknown or unauthorised person. Infact if you share your XML zip for offline KYC then please ensure that they are deleted or not.
Don't scan your aadhaar qr code with unauthorised person or mobile application which is available on the internet.
Download application from real app stores and check application (INTERNET) permission before scan your QR Code image from any qr code reader app.
Why,
Because, QR code is less than 1500 bytes of data. A 1 GB USB drive can hold approximately 5 lakh such QR codes. It is possible for someone to print and misuse stolen QR codes and Low resolution photos make it harder for service providers to identify unauthorised use. Even in the case of offline KYC XML, the file size is less than 15 kB.
I agree, Your data is secure with digital signatures, But similarly your data is unsecured with digital signature. Most important thing in the digital world is user precaution about sharing info rather than depending on system security.
If you have any issues or ideas about implementations then just raise issue and we are open for Pull Requests. You All Welcome.