Professional Documents
Culture Documents
Version 5.2
Document History
NOTE: ...........................................................................................................................................................79
Chapter 1. Introduction
Government of India has initiated Unique Identification Project for citizens of India. It is envisaged to
use the UIDAI schema and infrastructure for the financial inclusion in India. To enable the customers
to use AADHAAR for the financial transaction across the payment networks in the country, NPCI
proposes to facilitate routing of transactions to the central id repository of UIDAI for user authentication
This interface document is targeted to achieve inter-operability between banks for Aadhaar based
payment transactions.
NPCI shall allow banks to connect using this interface. It is also possible that banks may position their
respective financial inclusion service provider to connect on their behalf to NPCI central infrastructure
This document covers detailed description of the data elements in the ISO 8583 standard payment
message specifications specific to Aadhaar Enabled Payment System (AEPS), it also captures details
of message dumps for various transactions supported in the AEPS product. Sample receipt formats
are also part of the scope of this document to help the MicroATM application vendors.
This document is a property of NPCI and should be not be circulated to external party without prior
approvals of NPCI management team.
1. Cash Withdrawal
2. Balance Enquiry
3. Cash Deposit
4. Funds Transfer
5. Demographic Authentication
6. Biometric Authentication
8. Mini Statement
9. Purchase
is given below. The transaction for biometric verification will be sent with required fields to UIDAI and
1. MicroATM application on PoS must ensure that a 12 digit AADHAAR number is entered as
a block of 4 digits in one block. Hence there would be three blocks of 4 digit number each.
2. The last digit of Aadhaar number is a check digit. Therefore, Verhoeff algorithm must be
applied for checking that the AADHAAR number entered is valid or not.
3. Micro ATM application must support Dual Finger functionality (Fusion finger). This is a
4. Micro ATM Application must support Magnetic stripe Card based transactions. Customer
Aadhaar number and IIN number must be read from the Track I on the card for card based
transactions.
The transaction flow depicted above is for Balance Enquiry, Cash Withdrawal, Mini Statement
and Purchase transactions acquired on Acquirer bank terminal for Issuer bank customers.
1. MicroATM application on PoS must ensure that a 12 digit AADHAAR number is entered as a
block of 4 digits in one block. Hence there would be three blocks of 4 digit number each. This
2. The last digit of Aadhaar number is a check digit. Therefore, Verhoeff algorithm must be
applied for checking that the AADHAAR number is valid or not.
3. Micro ATM application must support Dual Finger functionality (Fusion finger). This is a
mandatory requirement on the Micro ATM application.
4. Micro ATM Application must support Magnetic stripe Card based transactions. Customer
Aadhaar number and IIN number must be read from the Track I on the card for card based
transactions.
1. The transaction flow depicted above is for funds transfer from customer account of Remitter
Bank to customer account of Beneficiary Bank where the transaction is initiated on Remitter
bank’s terminal. In fund transfer transaction, customer has to visit his/her home bank BC.
2. If a member bank is taking authentication service from NPCI, then the fund transfer
transactions will be a two-step process consisting of 2 legs i.e. authentication leg and credit
leg.
i. For processing authentication leg, NPCI provides authentication service where in only
authentication transaction is sent to NPCI and after the response of the same
ii. Credit leg should be sent to NPCI. (Refer to message dump for authentication
3. Online Authentication and Online credit is envisaged in this transaction and beneficiary
bank is expected to respond with beneficiary’s Aadhaar number and name in the response
message.
4. Once the debit to sender account is successful a remittance transaction is sent to NPCI.
The context of both authentication and fund transfer transaction will be maintained by the
acquirer.
5. In case of authentication request, DE#2 should carry the remitter’s AADHAAR number
6. For credit leg, DE#2 will contain the beneficiary AADHAAR number; DE#120 will contain
the sender AADHAAR Number. The description of DE#120 is detailed in Data Element
Definition section.
7. In case, remitter bank receives Response Code ‘91’ or there is no response from NPCI,
the debit should be put on hold or parked in pooling account till reconciliation is done with
beneficiary bank. For all other decline scenarios the debit should be reversed. In case of
any dispute, the same will be handled through Dispute Management System (DMS)
provided by NPCI.
1. MicroATM application on PoS must ensure that a 12 digit AADHAAR number is entered as
a block of 4 digits in one block. Hence there would be three blocks of 4 digit number each.
entry.
2. The last digit of Aadhaar number is a check digit. Therefore, Verhoeff algorithm must be
applied for checking that the AADHAAR number entered is valid or not.
3. The MicroATM application MUST ensure that the Beneficiary’s Aadhaar number is entered
twice by the remitter on the fund transfer screen. There can be 2 textboxes for the same
and a comparison of the digits entered should be made before proceeding to the next text
box or screen. This will ensure that the receiver’s Aadhaar number is entered correct as is
4. A Fund transfer transaction needs to be initiated on the home bank BC terminal only and
thus the remitter bank name or IIN should be pre-populated avoid manual entry/selection
mistake.
5. Micro ATM Application must support Magnetic stripe Card based transactions. Customer
Aadhaar number and IIN number must be read from the Track I on the card for card based
transactions.
1. Micro ATM will send the request message to Acquiring Bank switch
2. Acquiring switch will Post the debit leg to acquirer bank CBS
3. CBS will respond with success/decline status to acquirer switch
4. Acquirer switch will send Cash deposit request to NPCI if transaction is success/ acquirer
switch will send the response back to terminal if CBS decline the transaction.
5. NPCI will send authentication request to UIDAI with required details received in request from
acquirer.
6. UIDAI will send the response to NPCI
7. NPCI will forward the request to issuer bank switch based on the success response /
transaction will returned to acquirer if UIDAI declines the authentication.
8. Issuing bank switch will post the credit leg to customer account in issuing bank CBS
9. CBS will respond with success/decline status to issuer switch.
10. Issuing Switch will send the response back to NPCI
11. NPCI will forward the response message to Acquiring switch
12. Acquiring switch send the response to Terminal if transaction is successful/ acquiring switch
will post the reversal if transaction is declined and send the response to terminal
1) If transaction is failed in 7th leg due to decline from UIDAI, acquirer has to follow the
process from 12th leg. i.e acquiring switch will post the reversal if transaction is declined
and send the response to terminal
1. BC collect the cash from the customer and initiates the Cash Deposit Request
Message through Micro ATM with Aadhaar , Bank Name, Amount & Biometric
details.
2. Micro ATM will send the request message to Acquiring Bank switch
3. Acquiring switch will send Beneficiaries Account Validation Request (BAV) message
to NPCI Switch.
4. NPCI Switch will send the request message to UIDAI for biometric authentication.
5. Upon receiving success response from UIDAI, NPCI will generate Deposit ID for the
purpose of Leg 1 & Leg 2 matching.
6. NPCI will send the beneficiaries account validation request message (Which
includes the Deposit ID) to Issuing bank switch.
7. Issuing bank switch sends the validation request message to CBS.
NOTE:
If BAV response code indicates unsuccessful, BC terminal will not initiate ‘Cash
Deposit Advice’ CDA. CDA should be initiated, If BAV response code is successful.
Beneficiary Name may be printed on charge slip.
If acquirer switch times out with NPCI switch OR receives decline response from
NPCI switch for BAV, BC account should not be debited and the response code sent
back to terminal will have appropriate response code to indicate the ‘Beneficiary
Account Validation’ (BAV) has failed so that BC returns the cash to customer.
If BC terminal times out/Disconnect (90 Secs is time out) with acquirer switch after
sending the ‘Beneficiary Account Validation’ request, it may send ‘Verify BAV’
request containing key elements that were part of BAV request to acquirer switch.
Acquirer switch will check the status of BAV (within acquirer switch and this does
not involve NPCI switch) and respond back to terminal with the response of BAV. If
BAV status indicates decline/not-processed, BC must return the cash to customer
else BC terminal can initiate ‘Cash Deposit Advice’ (CDA) to acquirer switch.
Terminal can attempt up to three times the ‘Verify BAV’ repeats to acquirer switch
and all are times out, BC agent should return the cash to customer.
14. Micro ATM sends Cash Deposit Advice (CDA) message (0220 MTI containing key
matching fields which include Aadhaar number, deposit amount, Deposit ID and
authorization identification code as received in BAV response) to acquiring switch.
Acquiring switch will validate the CDA advice against the corresponding BAV in its
database and ensures there is a successful BAV present and immediately respond
with 0230(Success) to Micro ATM. If there is no valid BAV present in acquiring switch,
it will decline the CDA and the transaction should be settled in DMS.
15. If there is valid BAV present in acquiring switch, acquiring switch will send the CDA
advice (0220 MTI) to NPCI switch. NPCI switch will validate the CDA advice, apart
from mandatory/conditional data elements presence, against the corresponding
BAV in it’s database and ensure that there is a successful BAV present (within the
same business day) for the combination of Acquirer ID, Terminal ID, Aadhaar -
number, deposit amount, Deposit ID and authorization identification code. If there is
Note: In case acquiring switch to NPCI switch connection is down/signed off while
processing the CDA advice (0220 MTI), acquiring switch will play it as store and forward
(SAF) whenever the connection is up and acquirer gets signed on with NPCI switch.
16. In case of successful CDA acceptance by NPCI switch, NPCI switch will forward the
CDA advice (0220 MTI) to issuing switch as a SAF advice.
17. Issuing switch validates the CDA against BAV and sends the cash deposit request
message to CBS and sends advice response to NPCI.
Exception Scenarios:
Terminal time out for CDA advice processing – When BC terminal does not receive
the response within time from acquirer switch for CDA advice (0220 MTI), it will
initiate the CDA advice repeat (0221 MTI). Terminal will not allow next transaction
and it will keep posting CDA advice (piggy back), till 0230 received from acquirer
switch.
Acquirer time out for advice processing - When acquirer switch does not receive the
response within time from NPCI switch for CDA advice (0220 MTI), it will initiate the
CDA advice repeat (0221 MTI). Repeats will be initiated by the acquirer switch for a
maximum of three times.
Note: If acquirer switch does not receive response for CDA advice and repeats and if
the cash deposit is not settled by NPCI in the subsequent settlement cycles, acquirer
bank can initiate ‘Credit Adjustment’ in NPCI DMS (back office system) and the
dispute lifecycle associated with credit adjustment will apply in such cases.
NPCI switch time out for CDA advice processing - When NPCI switch does not receive
the response within time from issuer switch for CDA advice (0220 MTI), it will initiate
the CDA advice repeat (0221 MTI). Repeats will be initiated by the NPCI switch for a
maximum of three times.
Issuer decline for CDA advice processing - Even if issuer switch sends decline
response for CDA advice, NPCI will settle the cash deposit as part of settlement cycle.
Issuer may raise a debit adjustment in DMS in case of disputes.
This interface specification supports BFD transaction. Bank must send 10 finger data within data
element 111 to 119. The transaction type for BFD transaction is 11.
to enable implementation of the interface connection, and to serve as a basic document for future
1. Bank Systems and NPCI-UIDAI systems will be connecting to each other using socket
connections.
3. Banks will be responsible to generate the Logon (0800 message type) message after every
successful TCP socket connection. Banks should also generate Logon messages at the
4. NPCI will generate cut over message (0800 message type) at 23:00 indicating business
5. Both Banks and NPCI can generate Logon (800 message type) messages and they should
6. Banks and NPCI will also generate Echo message (0800 message type) for keep alive
7. Message Header – 2 bytes binary (value containing length of the message excluding
8. Bank needs to send auto logon (network) message when there is a disruption or
iii. Correctly populate DE#111 to DE#119 with Personal Identity data (Biometrics or
vi. For BFD transaction, The bank which is originator of the request must be able to:
a. Populate the Finger Print data in the data elements from DE#111 to DE#119.
viii. Echo back Deposit ID, Beneficiary Name in DE #120 only for Cash Deposit
transaction.
2. NPCI
i. NPCI must be able to receive and process message containing DE#2, DE#111 to
ii. For BFD transactions, NPCI must be able to receive and process messages
iii. Populate DE#120 with Deposit ID for Cash Deposit transactions only
iv. Process attribute mc value in DE# 123 to DE# 125 received from acquirer bank.
3. UIDAI
UIDAI must validate Biometric data and respond with appropriate reason code. For BFD
transaction UIDAI must Validate Biometric data and respond with ranking of each finger.
4. Issuer/Beneficiary
i. The Recipient must be able to receive and process messages containing DE#2,
ii. For all successful transactions, account balance of customer must be present in
DE#54.
iii. Data Received in DE#62 is the Unique Authentication Code generated by UIDAI for
each Authentication Request. This should be printed on receipt in all the cases.
iv. In fund transfer transactions, Recipient must populate DE#103 with Beneficiary
account number and DE#120 with Beneficiary’s name in the response message.
All message format definition tables use the symbols defined in the following table:
Symbol Meaning
M Mandatory.
M+ Mandatory, echoed from request.
C Conditional.
C+ Conditional, echoed from request.
C* Conditional, value may change.
O Optional.
O+ Optional, echoed from request.
R Reserved for future use.
- Not used.
70 NMIC M M+
128 MACCode2(Optional– MACing) R R
DE 48 as per NPCI standards should be Conditional. Since, AEPS does not use dynamic key
Financial Messages
1 Secondary bitmap M C
2 Primary Account Number M M+
3 Processing code M M+
4 Amount, transaction C C+
5 Amount, settlement C C+
7 Date/time, transmission (GMT) M M+
11 STAN M M+
12 Time, local transaction (IST) M M+
13 Date, local transaction (IST) M M+
15 Date, settlement C C+
18 Merchant type M -
22 POS entry mode M -
25 POS condition code M -
32 Acquirer institution ID M M+
mi, mc)
Financial Messages
1 Secondary bitmap M C
2 Primary Account Number M M+
3 Processing code M M+
4 Amount, transaction M M+
5 Amount, settlement C C+
7 Date/time, transmission (GMT) M M+
11 STAN M M+
12 Time, local transaction (IST) M M+
13 Date, local transaction (IST) M M+
15 Date, settlement C C+
18 Merchant type M -
22 POS entry mode M -
25 POS condition code M -
32 Acquirer institution ID M M+
Reversal Messages
3 Processing code M M M+
4 Amount, transaction M M M+
5 Amount, settlement C C C+
11 STAN M M M+
14 Date, expiration - - -
15 Date, settlement C C C+
32 Acquirer institution ID M M M+
39 Response code M M M
42 Card acceptor ID M M -
54 Additional amounts - - -
64 MAC code R R R
Reversal Messages
128 MACCode2 R R R
Reversal 0421 messages will be sent 3 times after logon message is received from issuer
Acquirer switch has to send Repeat Reversal 0421 messages 3 times after successful logon
message is exchanged with NPCI if Acquirer switch fails to get response of 0420 messages.
Description: Bitmap consists of 64 bits numbered from the left starting with 1. The value of each
bit signifies presence (1) or absence (0) in the message of the data element (DE#65 to DE#128)
Constraints: Conditional ‘C’. It is present only if message contains any of the data elements from
Format: LLVAR
Type: n..19
Description: The PAN number is the combination of IIN (6 digits ISO IIN) and the 12 digit
AADHAAR number. It is mandatory for all 02xx and 04xxmessages. Length of this field is 19
Field Edits: For all other transactions (including authentication transaction) except FT transaction,
this field should have initiator’s AADHAAR number. But for FT transaction, this field should have
Structure:
B B B B B B I U U U U U U U U U U U U
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
Note – All Acquirers and Issuers will have to incorporate reserved digits for future use so that
whenever NPCI sends addendums or circular without any changes in the systems it can be
incorporated.
Format: Fixed
Type: n6
Description: A series of digits that describes the type of transaction and the accounts affected by
00 Purchase of goods/services
01 Cash withdrawal
20 Credit, refund
21 Cash Deposit
22 Credit adjustment
31 Balance inquiry
12 Demographic Authentication
00 Unspecified/unknown
10 Savings
20 Checking
30 Credit card
00 Unspecified/unknown
10 Savings
20 Checking
30 Credit card
* Revised Cash Deposit advice message for Cash Deposit Advice also populates 21 as Pcode.
Format: Fixed
Type: n12
Description: It is the amount of funds requested by the customer in the local currency of the
acquirer.
Field Edits: For a balance enquiry transaction, 0200 message should carry all zeroes in DE#4.
For all request with processing code 100000 bit corresponding to DE#4 must be off.
Format: Fixed
Description: It is the date and time when a transaction request was transmitted by a processing
Field Edits: The original date and time will be restored in the response.
Format: Fixed
Type: n6
Description: It is the unique identifier assigned to each transaction by the acquirer bank switch. It
must be different for every transaction even for multiple set of transactions originated at the same
Field Edits: STAN is set by a message sender and echoed by the message receiver. It should not
Format: Fixed
Description: Time, Local Transaction (DE 12) is the local time the transaction takes place at the
Field Edits: This field remains the same for a particular transaction.
Format: Fixed
Description: Date, Local Transaction (DE 13) is the local month and day on which the
Transaction takes place at the point of service. It is the same to be printed on receipt.
Field Edits: This field remains the same for a particular transaction.
Format: Fixed
Description: Settlement Date (DE#15) is the date (month and day) that funds will be transferred
Format: Fixed
Type: n4
Description: MCC is four-digit code. The data element is mandatory for 02xx request messages.
Format: Fixed
Type: n3
Description: The code describes the way how PAN and PIN are entered at a touch point.
01 Manual
05 ICC.
0 Unspecified.
The data element is mandatory for 02xx, and 04xx request messages. It is never present in
response messages.
Field Edits: This field remains the same for a particular transaction.
Format: Fixed
Type: n2
00
Normal
03 Merchant suspicious.
07 Telephone request.
08 MO/TO request.
Field Edits: This field remains the same for a particular transaction.
Format: LLVAR
Type: n..11
Description: Identifies the acquiring institution for the transaction, or its agent. The value will be
defined by the host. The data element is mandatory for 02xx and 04xx request messages. It is
Field Edits: NPCI shall assign appropriate codes to the participating banks to be used in this field.
Format: Fixed
Type: an12
Description: The reference, assigned by the acquirer, to identify a transaction uniquely. It remains
unchanged for all messages throughout the life of a transaction and is used for matching original
message with reversal and/or store/forward messages. The standard format of RRN is as follows:
YDDDHHSSSSSS
HH – Hour of transaction
The data element is mandatory for 02xx, and 04xx request messages. The RRN can be used for
the entire dispute management of the transaction lifecycle. In verification request value of DE#37
Field Edit: Value of HH should be derived from DE 12, value of DDD from DE 13, value of STAN
from DE 11. This field remains the same for a particular transaction.
Format: an6
This is a response identification number assigned by the authorizing institution. The number
should be unique for each transaction. Authorization Identification Response is mandatory for
Constraint: None
Format: Fixed
Type: an2
Description: This code indicates the response of a message as detailed tables below.
A Approve transaction
D Decline transaction
Field Edits: This value must be present for all response messages. In reversal messages,
Constraints: The following is the addendum covering different scenarios for UID specific situations
and appropriate Response codes supported for declined UID transactions in addition to the
Receipt
Response UIDAI
Description Status Required
Code Error Code
(Yes/No)
00 - APPROVED A Yes
M4 - NRE ACCOUNT D Yes
M6 - LIMIT EXCEEDED D Yes
UB 710 MISSING PI DATA AS SPECIFIED IN USES D No
UC 720 MISSING PA DATA AS SPECIFIED IN USES D No
Format: Fixed
Type: an8
Description: It should carry value “register” in the 0200 request for all transactions originated from
a device registered at UIDAI data base. the data element is mandatory for 02xx and 04xx request
messages.
Format: Fixed
Type: an15
Description: This is a unique code for the device assigned within the Bank domain.
This is an alpha-numeric string of maximum length 15. Special characters (including national
character support characters) are not allowed since some networks or back-office systems may
have problems accepting these characters. The data element is mandatory for 02xx and 04xx
request messages.
Character 1-15 Unique Device Code, first 3 digits should have Bank code and last 12 digits should
If the terminal code is less than 12 digits, the terminal code should be left padded with zeros to
make it 12 digits.
Ex: ABC000123456789
Format: Fixed
Type: an40
Description: The name and location of the acceptor (Touch Point), which defines the point of
service in both local and interchange environments. Special characters (including national
character support characters) are not allowed since some networks or back-office systems may
have problems accepting these characters. Data element consists of the sub-fields detailed in
the table below. The data element is mandatory for 02xx and 04xx request messages.
Field Edits: If present, it should be echoed in response and all subsequent messages.
Format: Fixed
Type: n3
Description: The Currency Code, Transaction (DE 49) is the code defining the local currency of
the acquirer bank. For all request with processing code 100000 bit corresponding to DE 49 must
be off.
Field Edits: This field remains the same for a particular transaction.
Format: LLLVAR
Type: an..120
Description: It provides information for a maximum of six amounts. It must be populated in 0210
01-Ledger Balance
00-Default
Field Edits: It must be populated for all successful transactions. In Fund transfer, DE#54 must not
be present.
Constraints: It must be populated in 0210 message for all transaction type with account balance.
0201002356C000005000000, where
C- Credit
Format: LLLVAR
Type: an999
Description: This element is used in the response message to send the Authentication Code
received from the UIDAI server for all authentication response from UIDAI, the same data element
will also carry the action code if present in the response from UIDAI. For BFD transaction ranking
Field Edits: It should be sent back to acquirer bank in response to be displayed for all ONUS
transactions, additionally for all off-us transactions, NPCI must pass it on to issuer bank as well.
ONUS - It should be sent back to acquirer bank with proper values in the response message.
OFFUS - For all off-us transactions, NPCI must pass the proper values to issuer bank and issuer
bank must echo back the same in their 210 response which in-turn is passed back to the acquiring
bank.
A: For On-Us and Off-Us the structure of DE#62 is as stated below, Tag001 carries UIDAI
authentication code and Tag002 carries action code if it is present in the response from UIDAI.
048001032a0e3c5c0a6ab48e9a8206d5a8930ca7d002004A001
The length of Tag002 may vary based on the size of the data sent by UIDAI. If action code is not
038001032a0e3c5c0a6ab48e9a8206d5a8930ca7d
Note: This change in DE#62 (other than BFD transaction) is configurable at NPCI for an acquirer.
Till the time the bank is not certified for this change both acquiring and respective issuer will get
only the authentication code in DE#62 as stated below.
032a0e3c5c0a6ab48e9a8206d5a8930ca7d
B: For BFD the structure of DE#62 is as stated below, Tag001 carries UIDAI authentication code
172001032a0e3c5c0a6ab48e9a8206d5a8930ca7d002128<Ranks><Rankpos="LEFT_MIDDLE
"val="5"/><Rank pos="LEFT_THUMB" val="4"/><Rank pos="RIGHT_MIDDLE" val="2"/><Rank
In example for BFD 172 is the length of the string for DE62.
Tag 001 represents Authentication Code which is of maximum length 40 in the above case it is
of length 032.
Tag 002 represents the Rankings of the fingers is of maximum length 400 in the above BFD case
it is of length 128.
Constraints: These values will only be populated by NPCI, if received from UIDAI.
NOTE: DE 62 will be Mandatorily TLV format from Auth 2.0 implementation at NPCI to maintain
Format: Fixed
Type: n3
Description: This data element indicates the specific classification and purpose of network
management (08xx) messages. It must be present in all network management (08xx) messages.
Response code for 0810 message must be carried in DE 39 as 00 for successful processing of
request.
Constraints: None
Format: Fixed
Type: n42
Description: This data element contains parts of the original message being reversed or adjusted
message(s). This data element consists of sub-elements which are described below:
Sub-elements description:
Format: LLVAR
Type: ans19
Description: A series of digits used to identify a customer account. It denotes the “From” account
number involved in the transaction (e.g. the Debit account in withdrawal or transfer transaction).
Usage: In AADHAAR based Fund transfer transactions, issuer bank must send “from account
number” which is debited for the transfer amount. The account number should be asked as per
banks policy.
Constraints: The data element is used in 02xx and 04xx messages, whenever account information
must be transferred.
Format: LLVAR
Type: ans19
Description: A series of digits used to identify a customer account. It denotes “to” account number
involved in the transaction (e.g. the credit account in deposit or transfer transaction.
Usage: In the AADHAAR based Fund transfer transactions, beneficiary bank must send the
Constraints: C: The data element is used in 02xx and 04xx messages, whenever account
Format: LLLVAR
Type: an999
Description: This Element is encrypted containing finger print minutiae collected at the Micro
Data will contain minutiae Single/ Dual finger or/and Demographic data for Authentication.
Constraints: Data element is present for Authentication/BFD based 02xx request messages.
Elements Description: DE is structured as TLV (Tag, length and value) field. The details of tags
Example:
Sample structure:
BFD-
IRIS-
FP-
Note: FP authentication packet will max fit in to 3 data elements, FIG has to populate the data
Note: Demoauth transactions initiated from other than RD machine should follow the same encryption
Format: LLLVAR
Type: an999
Tag number size is 3, Tag length is represented as LLL and Tag data is as per requirement
Field Edits: The contents of field may change in the response depending on result of the
transaction.
Sample DE#120 for Mini-Statement with 10 lines (9 lines for last 9 transactions and 10th line for
balance, each line is fixed 35 bytes). The length of tag-006 will vary based on the number of
transactions available in the customer account (a new account may have less than 10 transactions)
38100100207002003UID00500210006350
040621DR UMA 000001250100
040621DR UMA 000002200000
040621DR UMA 000004500000
040619DR ATM 000001500000
040619DR UMA 000004500000
040619DR UMA 000001400000
040619DR UMA 000001400000
040618DR ATM 000001500000
040617DR ATM 000000540000
Balance 000014354303
Format: LLLVAR
Type: an999
Elements Description: DE is structured as TLV (Tag, length and value) field. The details of tags
characters in each public key certificate only device public key certificate
Example:
Let’s assume registered device public key certificate data is 2000 bytes.
DE#124 till DE#125- <Encrypted registered device public key certificate length 999>
Note: Demo auth transactions not initiated from registered device will carry the value “FIG”
Format: LLLVAR
Type: an999
Description: These fields are Tag-based. They will carry ‘Uses’, ‘type’, ‘udc’, ‘dpid’, ‘rdsid’, ‘rdsver’,
‘dc’, ‘mi’, ‘bav’
Constraints: Conditional ‘C’. Data element is present for UID based 02xx request message
format)
009 20 Variable An udc(unique host device unique code for the host
code) device assigned within
the AUA domain
010 48 Variable Varchar dpId(Unique code Returned by RD
assigned to registered Service when using
device provider) biometric
authentication
011 48 Variable Varchar rdsId(Unique ID of the Returned by RD
certified registered device Service when using
service) biometric
authentication
012 15 Variable Varchar rdsVer(Registered Returned by RD
devices service version) Service when using
biometric
authentication
013 40 Variable 128 Bit dc(Unique Registered Returned by RD
UUID in Device Code) Service when using
HEX biometric
Format authentication
014 48 Variable Varchar mi(Registered device Returned by RD
model ID) Service when using
Tag 001
1 2 3 4 5 6 7
y' or 'n' y' or 'n' y' or 'n' y' or 'n' FMR or FIR or IIR y' or 'n' y' or 'n'
Format: LLLVAR
Type: an999
Description: These fields are Tag-based. They will carry ‘skey’, ‘ci’, ‘Hmac’, ‘ac’, ‘sa’ and ‘lk’, ‘rc’
in tag 001, tag 002, tag 003, tag 004, tag 005, tag 006 and tag 007 respectively
Constraints: C: Data element is present for UID based 02xx request message
Note: The above tags in DE#127 are all mandatory. DE#127 is structured as TLV (Tag, length
and value) field. The details of tags and contents are described below:
Example: Let’s assume that skey length is 256 bytes, ci length is 8 bytes, Hmac is 48 bytes,
432001256<skey>002008<ci>003048<Hmac>004010<ac>005010<sa>006064<lk>
Parsing of field is done as follows:
Usage:
3. Changes in the current reconciliation system to reconcile the interchange and switching
5. MicroATM may be capable to generate Last Transaction Status (LTS) request and acquirer
7. MicroATM application must be able to store all request originating from the device in an
electronic log. These logs will include details of original transaction request, LTS request
& reversal requests and will act as proofs while settling disputes for any transaction.
8. MicroATM application must be capable to push the “Electronic Log” to acquirer bank
11. Changes in the Micro ATM terminal application to accept 10 Finger prints and print the
BFD receipt.
12. Accept the Rank details in the response and process to Micro ATM.
13. Changes to process Cash deposit transaction in 2 legs( BAV & CDA).
request of cash withdrawal and Merchant pay transactions after the TAT i.e 90 Secs completed.
MicroATM can use the data elements like PAN, Processing code, Amount, STAN, Local
transaction Time and RRN for matching the verification and Original request in acquirer
switch.
MicroATM can generate total 3 VR with a time interval of 10 Secs each if 1 st and 2nd VR didn’t
The VR is between MicroATM and acquirer switch only, the same should not be forwarded to
NPCI.
MicroATM can decline the transaction if other than RC-‘00’ received as response to any VR.
2. Changes in the current recon system to reconcile the interchange and switching fees for
6. Changes to process advice message & New Pcode 32 introduced for BAV.
7. Routing transaction to UIDAI with the Biometric data received from the Acquirer bank.
8. Accept the Rank details in the response from UIDAI and process to Acquirer switch.
& Reconciliation.
2. Account Validations/Verifications.
5. Issuer banks will either not store the UID authentication data or store it in encrypted formats
7. Fraud Check
3. Ensure card entry mode and pin entry mode to be present in the request.
5. Acquirer banks will either not store the UID authentication data or store it in encrypted
8. Acquirer Bank will be responsible for constructing and transmitting biometrics data of the
resident.
10. Acquirer has to check successful BAV for CDA (matching should be done with
In case, NPCI doesn’t receive the response for a 0200 Request message from Issuer in 25 seconds,
NPCI would send 0210 Response to Acquirer with Response Code ‘91’ and generate a Reversal
Request (0420) message with Response Code ‘91’ to Issuer Bank, which should reverse the
transaction in CBS and respond with Response Code ‘00’ in 0430 Reversal Response message to
NPCI.
If NPCI does not get 0430 response from Issuer within 25 seconds, NPCI switch will generate 0421
In case, Acquirer Bank switch doesn’t receive a 0210 Response message for the request due to time
out, it should generate a 0420 Reversal Request Message with Response Code ‘68’, NPCI will send
the message to Issuer Bank and Issuer needs to reverse the transaction in CBS and respond with
If Acquirer bank switch does not receive 0430 response from NPCI within 45 seconds (min timeout to
be configured at acquirer switch), Acquirer bank switch will generate 0421 repeat Reversal message
after a successful logon message is exchanged. Maximum of 3 such Repeat Reversals can be sent
to NPCI.
request type
authentication
HH - Hour
Identification
111 to Personal Identity Data Bio metric data from finger print scanner or
125 certificate.
dc,mi, bav.
127 Skey, ci, Hmac, ac, sa, lk, rc Captured from terminal and fed by AUA
server, respectively
authentication
HH - Hour
39 00 Response code
Identification
from UIDAI
authentication
HH - Hour
Identification
119
125
126 Uses, udc, type, rdsId, rdsver, dpId, Additional data rdsId, rdsver, dpId, dc will
127 Skey, ci, Hmac , ac, sa, lk, rc Captured from terminal and fed by AUA
server, respectively
authentication
HH - Hour
39 00 Response code
Identification
62 UIDAI Authentication Code, Action Field with tag values, tag001 for
from UIDAI
HH- Hour
Identification
111 to Personal Identity Data Bio metric data from finger print scanner
125 certificate.
dc,mi, bav.
server, respectively
transaction
HH- Hour
Identification
62 UIDAI Authentication Code, Action Field with tag values, tag001 for
from UIDAI
HH-Hour
Identification
62 UIDAI Authentication Code, Action Field with tag values, tag001 for
from UIDAI
HH-Hour
Identification
62 UIDAI Authentication Code, Action Field with tag values, tag001 for
from UIDAI
Withdrawal
HH- Hour
Identification
111 to Personal Identity Data Bio metric data from finger print scanner
125 certificate.
dc,mi, bav.
127 Skey, ci, Hmac ,ac, sa, lk, rc Captured from terminal and fed by AUA
server, respectively
Withdrawal
HH- Hour
Identification
62 UIDAI Authentication Code, Action Field with tag values, tag001 for
from UIDAI
Withdrawal
HH-Hour
Identification
62 UIDAI Authentication Code, Action Field with tag values, tag001 for
from UIDAI
Withdrawal
Identification
62 UIDAI Authentication Code, Action Field with tag values, tag001 for
from UIDAI
HH- Hour
Identification
111 to Personal Identity Data Bio metric data from finger print scanner
125 certificate.
dc,mi.
127 Skey, ci, Hmac, ac, sa, lk, rc Captured from terminal and fed by AUA
server, respectively
HH- Hour
Identification
62 UIDAI Authentication Code, Action Field with tag values, tag001 for
from UIDAI
Identification
62 UIDAI Authentication Code, Action Field with tag values, tag001 for
from UIDAI
HH-Hour
Identification
62 UIDAI Authentication Code, Action Field with tag values, tag001 for
from UIDAI
dc,mi, bav.
127 Skey, ci, Hmac,ac, sa, lk, rc Captured from terminal and fed by AUA
server, respectively
0200 message (from NPCI to Issuer)
Data Value Comment
Element
1 Valid value Secondary Bitmap
2 IIN + 0 + AADHAAR Customer’s detail
3 Processing Code(320000) Processing code for Cash Deposit BAV
4 Amount Deposit amount
7 MMDDhhmmss Transmission date and time (GMT)
11 SSSSSS System Trace Audit Number
12 HHMMSS Local Time
13 MMDD Local Date
15 MMDD Settlement Date (conditional)
18 6012 6012 for Micro ATM
22 01 9 or 02 9 Manual (01), Card Reader present (02)
Reserved for private use (9)
25 05 Customer present card not present
32 ACQ Inst ID ID already allotted by NPCI
37 YDDDHHSSSSSS Y – Year (last digit)
DDD – Julian Date
HH- Hour
SSSSSS – System Trace Audit Number
41 Card Acceptor Terminal Register
Identification
42 Card Acceptor Identification code Bank Code, unique terminal code
43 Card Acceptor Name / Location Address of Merchant/BC
49 356 Currency Code
62 UIDAI Authentication Code, Action Field with tag values, tag001 for
Code authentication code and tag002 with
action code if it is available in response
from UIDAI
120 002003UID080012<Deposit ID> Tag 002 – Length 003 – UID
NOTE: Authorization identification code, RRN, Deposit ID of CDA should be same of BAV
Transfer
(9)
HH-Hour
Number
Name>
AADHAAR
(BBBBBB0UUUUUUUUUUUU)
Transfer
(9)
HH- Hour
Number
Name>
AADHAAR
(BBBBBB0UUUUUUUUUUUU)
Transfer
HH- Hour
Name>
Name>
AADHAAR
(BBBBBB0UUUUUUUUUUUU)
Transfer
Number
Name>
Name>
AADHAAR
(BBBBBB0UUUUUUUUUUUU)
(BBBBBB0UUUUUUUUUUUU)
Statement
transaction
HH- Hour
Number
111 to Personal Identity Data Bio metric data from finger print
or pin
dc,mi,bav.
127 Skey, ci, Hmac, ac, sa, lk, rc Captured from terminal and fed by
(BBBBBB0UUUUUUUUUUUU)
Statement
transaction
HH- Hour
Number
62 UIDAI Authentication Code, Action Code Field with tag values, tag001 for
(BBBBBB0UUUUUUUUUUUU)
Statement
HH-Hour
Number
62 UIDAI Authentication Code, Action Code Field with tag values, tag001 for
transactions
(BBBBBB0UUUUUUUUUUUU)
HH-Hour
Number
62 UIDAI Authentication Code, Action Code Field with tag values, tag001 for
transactions
HH - Hour
(*conditional)
Identification
HH - Hour
(conditional)
timeout
Identification
HH - Hour
39 00 Response code
HH - Hour
(conditional)
39 00 Response code
HH - Hour
Identification
125 certificate.
dc,mi.
127 Skey, ci, Hmac, ac, sa, lk, rc Captured from terminal and fed by AUA
server, respectively
authentication
HH - Hour
39 00 Response code
Identification
of finger ranking
A receipt has to be given to a customer for every successful transaction. Receipt must also be printed
for selected decline transactions as well. This will help customer & business correspondent to prove
in case of a dispute. While printing customer’s Aadhaar number on receipt the first 6 digits must be
masked. In order to standardize Receipt format across all the MicroATM, NPCI proposes following
receipt format to be used as a template for all the transactions.
Print Transaction status as success only when BFD response is been received. Since BFD is
considered as success.
Do not print auth code length in receipt, just print its value.
Message field on receipt- Bank need to print the action code message which will be available
Cash Withdrawal
Customer Name:
STAN:
RRN:
Transaction Amount:
A/C Balance:
Purchase of Goods
Issuer Bank:
Customer Name:
STAN:
RRN:
Transaction Amount:
A/C Balance:
Cash Deposit
Customer Name:
Deposit ID:
Approval ID:
STAN:
RRN:
Transaction Amount:
A/C Balance:
Fund Transfer
Remitter Name:
STAN:
RRN:
Transaction Amount:
A/C Balance:
Balance Enquiry
Customer Name:
STAN:
RRN:
A/C Balance:
Demographic Authentication
Customer Name:
STAN:
RRN:
Mini Statement
Customer Name:
STAN:
RRN:
This block must be filled by
UIDAI Auth. Code: Acquirer bank switch values
Transaction Amount:
A/C Balance:
Customer Name:
STAN:
RRN:
This block must be filled by
UIDAI Auth. Code: Acquirer bank switch values
Transaction Amount:
A/C Balance:
Customer Name:
National Payments Corporation of India [Type of Document: Confidential] Page 100 of 100