Unique Identification Authority Of India

Government of India

Authentication/e-KYC User Agency (AUA/KUA) AGREEMENT

Version 4.0

May, 2017
 Unique Identification Authority of India
Government of India

AUTHENTICATION USER AGENCY AGREEMENT

This AUTHENTICATION USER AGENCY AGREEMENT (“Agreement”) is made on this

_______ day of _______________, and year _________, by and between:

1. UNIQUE IDENTIFICATION AUTHORITY OF INDIA, a statutory authority

established under the Aadhaar (Targeted Delivery of Financial And Other
Subsidies, Benefits and Services) Act, 2016, having its headquarters at 3rd Floor,
Tower II, Jeevan Bharati Building, Connaught Circus, New Delhi-110001
(hereinafter called the “UIDAI”, which expression shall unless excluded by or
repugnant to the context be deemed to include its successors in office,
administrators and permitted assigns), OF THE FIRST PART.

AND

2. ______________________________________________________________________________________
______________________________________________________________________________________________
______________________________________________________________________________________________
______________________________________________________________________, having its registered
addressat
______________________________________________________________________________________________
______________________________________________________________________________________________
________________________________________________________ (hereinafter referred to as
“Authentication User Agency”, which expression shall, unless repugnant to the
context or meaning thereof, include its successors, assigns, agents, etc.), OF THE
SECOND PART.

A. WHEREAS the party of the first part has approved/appointed the party of the
second part, as an Authentication User Agency (AUA) in terms of Regulation 12 of
the Aadhaar (Authentication) Regulations, 2016 vide approval/appointment letter
dated ________.

B. AND WHEREAS the party of the second part is fully aware and understands the
provisions of the Aadhaar (Targeted Delivery of Financial and other Subsidies,
Benefits and Services) Act, 2016 and the Regulations made thereunder and inter
alia the obligations and responsibilities prescribed therein and further warrants
that it shall at all times abide by the same.

C. AND WHEREAS, the Aadhaar Number and identity details of the Aadhaar Number
Holder can be authenticated through an online mechanism provided by UIDAI.
The authentication services shall be provided on payment of fees and charges by
Authentication User Agency to UIDAI, which may be revised from time to time
during the currency of the Agreement. The fees and the charges shall be fixed by
UIDAI, by a notification to this effect which may be revised from time to time
during the currency of this Agreement.

Page 1 of 15
 Unique Identification Authority of India
Government of India

D. AND WHEREAS, the Authentication User Agency is aware of, and understands, the
fact that UIDAI’s operation of the Aadhaar Authentication Services is subject to
limitations posed by technology, and UIDAI does not represent and warrant the
same to be defect free.

E. AND WHEREAS, the Authentication User Agency is aware of, and understands that
the Aadhaar Authentication Services are provided on an ‘as is’ basis, without any
express or implied warranties in respect thereof, and UIDAI does not assume any
responsibility or liability for any damage, whether direct, indirect, incidental or
consequential, arising as a result of the use of the Aadhaar Authentication
Services. The Authentication User Agency may, on its own volition, decide to use
additional authentication factors on their own depending on their security and
business requirements in addition to the UIDAI’s Aadhaar Authentication
Services.

F. AND WHEREAS, in case during the currency of the instant agreement, UIDAI upon
an application in writing by the party of the Second Part evaluates and approves
an application of the Authentication User Agency for its
appointment/empanelment as an e-KYC User Agency (KUA) for the e-KYC service,
the party of the Second Part shall, in addition to the instant agreement, be subject
to Annexure-I duly signed by UIDAI and the party of the Second Part and the
Authentication User Agency would then also be referred to as an e-KYC User
Agency (KUA) and references to Authentication User Agency also mean e-KYC
User Agency.

NOW THEREFORE, in consideration of the mutual covenants and promises set forth
herein and for other good and valuable consideration, the receipt and sufficiency of which
is hereby acknowledged, the Parties hereby covenant and agree and this Agreement
witnesseth as follows:

1. DEFINITIONS & INTERPRETATION

For the purposes of this Agreement, words and expressions shall have the same meaning
as defined in the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits
and Services) Act 2016 and its Regulations. However, words & expressions not defined in
the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services)
Act 2016 and its Regulations shall have the meaning as assigned to them hereunder.
“Aadhaar Act, 2016” shall mean the Aadhaar (Targeted Delivery of Financial and Other
Subsidies, Benefits and Services) Act 2016.
“Aadhaar Authentication Services” shall mean the authentication services provided by
UIDAI and used by Authentication User Agency where the personal identity information
of/data of an Aadhaar Number Holder is matched with their personal identity
information/data stored in the UIDAI’s Central Identity Data Repository, in order to
provide Aadhaar enabled services to such Aadhaar number holder. The Authentication

Page 2 of 15
 Unique Identification Authority of India
Government of India

User Agency shall avail Aadhaar authentication service by establishing a connection with
UIDAI’s Central Identity Data Repository, through an Authentication Service Agency.
“Aadhaar Enabled Services” shall mean services provided by an Authentication User
Agency to Aadhaar Number Holder, using the Aadhaar Authentication Services of UIDAI.

“Agreement” shall mean this agreement executed between the Parties, along with its
schedules, annexures and exhibits, if any, and all instruments supplemental to or
amending, modifying or confirming this agreement in accordance with the provisions of
this agreement, if any, in each case as they may be supplemented or amended from time
to time.

“Authentication Device” shall mean a terminal or device from where the Authentication
User Agency carries out its service/business functions and interacts with Aadhaar
Number Holders, by seeking authentication of Aadhaar Number Holders identity to enable
the Authentication User Agency’s business function.

“Business Day” shall mean any day other than a Saturday, Sunday or official public
holiday in India.

“Confidential Information” shall mean any information which is considered confidential

in terms of Clause 6 of this Agreement and shall include, but not limited to, information
such as Aadhaar Number, name, address, age, gender, date of birth, relationships and
other demographic information, as also, biometric information such as photograph, finger
print and iris scan of a resident.

“False Accept” shall be referred to an accept transaction where a system identifies a

biometric as genuine (while, in reality it belongs to some other individual) or will fail to
reject an impostor biometric. Imposter can be defined as someone who intentionally or
unintentionally is presenting his/her biometric against someone else’s Aadhaar number.

“Fees” shall include fees and charges determined and notified by the Authority from time
to time, and payable by entities during their appointment, which shall include application
fees, annual subscription fees, license fees and fees for individual authentication
transactions.

“Financial disincentives” shall mean the disincentives that may be imposed by the UIDAI
on Authentication User Agencies as per Annexure II to this Agreement.

“Law(s)” shall mean The Aadhaar (Targeted Delivery of Financial and other Subsidies,
Benefits and Services) Act, 2016 and its Regulations, all other applicable laws, by-laws,
rules, regulations, orders, ordinances, protocols, codes, guidelines, policies, notices,
directions, judgments, decrees or other requirements or official directive of any
governmental authority or person acting under the authority of any governmental
authority, whether in effect or which may come into effect in the future.

“OTP” shall mean one time password sent to the Aadhaar number holder’s registered
mobile phone for the purpose of authentication.

Page 3 of 15
 Unique Identification Authority of India
Government of India

“Party” refers individually to UIDAI and the Authentication User Agency and

“Parties” refer collectively to UIDAI and Authentication User Agency.

“Standards” shall mean the standards issued by UIDAI with regard to matters covered by
this Agreement, and sole right of interpretation whereof shall rest with UIDAI at all times.

“Sub-AUA” shall mean an entity appointed by the Authentication User Agency under this
agreement to access Yes/No authentication facility through the Authentication User
Agency.

“Term” shall mean the duration specified in Clause 7.

“Third Party” shall mean any party who is not a Party.

2. TERMS AND CONDITIONS OF APPOINTMENT OF AUTHENTICATION USER

AGENCY

2.1 UIDAI hereby grants the Authentication User Agency a non-exclusive and
revocable right to use Aadhaar Authentication Services, for providing such
Aadhaar Enabled Services to Aadhaar Number Holder(s) as set out in the
appointment letter and in the manner set out in this Agreement. The
Authentication User Agency understands and agrees that it shall be responsible to
UIDAI for all its Aadhaar authentication related aspects, covered by this
Agreement.

2.2 In the event the Authentication User Agency outsources part(s) of its operations to
other entities, the ultimate responsibility for the results of Aadhaar authentication
related operations lies with the Authentication User Agency, and the
Authentication User Agency shall ensure that the entity to which it has outsourced
its operations is audited annually by information systems auditor certified by
STQC / CERT-IN and compliance audit report is submitted to UIDAI.

2.3 The Authentication User Agency shall ensure that the client application to be used
by Sub AUA for Aadhaar authentication is developed and digitally signed by
Authentication User Agency or else Authentication User Agency shall give its
digitally signed SDK to Sub AUA for the purposes of capturing Aadhaar number
and other authentication details such as demographics, OTP or biometrics. Under
no circumstances, Sub AUA shall capture Aadhaar number and other
authentication data for the purposes of Aadhaar Authentication by any means
other than these two means described above. In addition, under no circumstances
Authentication User Agency shall expose the Aadhaar Authentication API directly
to any other agency or application and only Authentication User Agency provided
client application or SDK must access these APIs in a secure fashion. The
Authentication User Agency shall also ensure that the Sub AUA client application
or SDK, as the case may be, used for Aadhaar Authentication, is audited at the time

Page 4 of 15
 Unique Identification Authority of India
Government of India

of creation of the application/SDK and also for every major release of the
application/SDK or every year thereafter whichever comes first, by information
systems auditor(s) certified by STQC / CERT-IN and compliance audit report is
submitted to UIDAI.

2.4 All the obligations of the Authentication User Agency under this agreement shall
be equally applicable to the Sub AUAs. The Authentication User Agency
understands that the Aadhaar Authentication Service shall be provided at the sole
discretion of UIDAI, which reserves the right to add, revise, suspend in whole, or
in part any of the Aadhaar Authentication Service, at any time without prior
notice, in its sole discretion, for any reason whatsoever.

2.5 It is hereby mutually agreed between the Parties that the rights and obligations of
the Authentication User Agency, under this Agreement, are non-transferable and
non-assignable whether by sale, merger, or by operation of law, except with the
express written consent of UIDAI.

2.6 The Authentication User Agency hereby unequivocally agrees that the use of the
Aadhaar Authentication Services by it for providing Aadhaar Enabled Services to
Aadhaar Number Holder(s) and the Aadhaar Authentication Services shall not, in
any manner, whether direct or indirect, be used for purposes that are anti-
government or anti-State or discriminatory or related to money laundering or in
contravention of any laws applicable in India.

3. OBLIGATIONS OF THE AUTHENTICATION USER AGENCY

3.1 The Authentication User Agency shall take permission of UIDAI before entering
into any agreement with any Sub AUA and shall duly register them in the manner
prescribed by UIDAI from time to time. The Authentication User Agency shall
share a separate license key with each Sub AUA. The Authentication User Agency
shall also issue a unique Sub AUA code to identify each Sub AUA and shall include
the Sub AUA code in all authentication requests originating from that Sub AUA
which it forwards to CIDR for authentication.

4. INTELLECTUAL PROPERTY

4.1 The Authentication User Agency is aware that “Aadhaar” is the intellectual
property of UIDAI and the Authentication User Agency understands that any
unauthorized reproduction of the same constitutes infringement and may be
subject to penalties, both civil and criminal.

4.2 It is hereby mutually agreed between the Parties that the Authentication User
Agency shall have a non-exclusive right to use the Aadhaar name and logo and to
represent itself as an entity providing Aadhaar Enabled Services to Aadhaar
Number Holder(s), subject to the condition that all rights, title and interest,
including intellectual property rights, in the Aadhaar name and logo shall vest, at
all times, either during the operation of this Agreement or otherwise, in UIDAI.

Page 5 of 15
 Unique Identification Authority of India
Government of India

4.3 The Authentication User Agency hereby unequivocally agrees that it shall use the
Aadhaar name and logo, without any modification, in its promotional, educational
and informational literature, for the duration of this Agreement.

4.4 The Authentication User Agency hereby unequivocally agrees that it shall not
authorize any other entity or individual to use the Aadhaar name and logo, except
with the prior written permission of UIDAI.

4.5 The Authentication User Agency hereby unequivocally agrees that upon becoming
aware of unauthorized use, copy, infringement or misuse of the Aadhaar name
and/or logo, and any rights, title and interest therein, including intellectual
property rights, it shall notify UIDAI about such unauthorized use forthwith. At the
request of UIDAI, the Authentication User Agency shall take part in or give
assistance in respect of any legal proceedings and execute any documents and do
any things reasonably necessary to protect the rights, title and interest of UIDAI,
including intellectual property rights, in respect of the Aadhaar name and logo.

5. INDEMNITY AND LIMITATION OF LIABILITY

5.1 The Authentication User Agency understands that the use of Aadhaar
Authentication Services by the Authentication User Agency does not result in
incurring of any liability by UIDAI whatsoever. The Authentication User Agency
alone is responsible for the proper and judicious use of the Aadhaar
Authentication Services. UIDAI shall not, in any case, be held responsible for
damage and/or harm, direct or indirect, material or immaterial, or of any nature
whatsoever, arising from any unavailability of the Aadhaar Authentication
Services or its use by the Authentication User Agency.

5.2 Without prejudice to generality of the above, the Authentication User Agency shall
indemnify and keep UIDAI harmless and indemnified from and against all claims,
liabilities, losses and incurred costs, fines, penalties, expenses, taxes, assessment,
punitive damages, fees (including advocate’s/ attorney’s fee), liabilities (including
any investigative, legal and other expenses incurred in connection with, and any
amounts paid in settlement of, any pending or threatened legal action or
proceeding), judgments, awards, assessments, obligations, damages, etc., which
UIDAI may suffer or incur arising out of, or in connection with:

a) any act, neglect, default or omission on the part of the Authentication User
Agency, its subsidiaries or any person associated with the Authentication User
Agency, including but not limited to liabilities arising from non compliance of
applicable Standards and Regulations prescribed by UIDAI, from time to time,
unauthorized use or disclosure of Confidential Information and failure to
comply with data protection and storage requirements, as prescribed by
UIDAI, from time to time;
b) any breach by the Authentication User Agency of the terms and conditions or
its appointment or its obligations under this Agreement;

Page 6 of 15
 Unique Identification Authority of India
Government of India

c) any breach by the Authentication User Agency of its obligations under any
Law(s) or contract, etc;
d) default or omission on the part of the Authentication User Agency to follow
statutory Regulations, instructions and guidelines issued by UIDAI, the
Government of India, and any other governmental authority.
e) any damage and/or harm, direct or indirect, material or immaterial, or of any
nature whatsoever, arising from any unavailability of the Aadhaar
Authentication Services or its use by the Authentication User Agency.

5.3 In the event of a Third Party bringing a claim or action against UIDAI, as a
consequence of the use of Aadhaar Authentication Services by the Authentication
User Agency or its Sub AUA, the Authentication User Agency shall defend and / or
to assist UIDAI in defending, at the Authentication User Agency’s cost, such claims
or actions, either in a legal proceeding or otherwise and keep UIDAI indemnified
and harmless, at all times, against all actions, claims, demands, costs, charges and
expenses arising out of or incurred by reason of any infringement of intellectual
property rights of any Third Party in connection with the use of the Aadhaar
Authentication Services;

5.4 It is hereby mutually agreed that this Clause shall survive the termination of this
Agreement.

6. CONFIDENTIALITY, DATA PROTECTION, SECURITY AND USE OF

INFORMATION

6.1 The Authentication User Agency and all its Sub AUAs shall treat all information,
which is disclosed to it as a result of the operation of this Agreement, as
Confidential Information, and shall keep the same confidential, maintain secrecy
of all such information of confidential nature and shall not, at any time, divulge
such or any part thereof to any third party except as may be compelled by any
court or agency of competent jurisdiction, or as otherwise required by law, and
shall also ensure that same is not disclosed to any person voluntarily, accidentally
or by mistake.

6.2 The Authentication User Agency hereby unequivocally agrees to undertake all
measures, including security safeguards, to ensure that the information in the
possession or control of the Authentication User Agency, as a result of operation of
this Agreement, is secured and protected against any loss or unauthorised access
or use or unauthorised disclosure thereof, including all obligations relating to
protection of information in the Aadhaar (Targeted Delivery of Financial and other
Subsidies, Benefits and Services) Act, 2016.

6.3 It is hereby mutually agreed between the parties that UIDAI assumes no
responsibility or liability for any action or inaction, use or misuse of the
Confidential Information and other data in the control of the Authentication User
Agency or its sub-AUAs.

Page 7 of 15
 Unique Identification Authority of India
Government of India

6.4 It is hereby mutually agreed that this Clause shall survive the termination of this
Agreement.

7. TERM, TERMINATION AND CONSEQUENCES

7.1 This Agreement shall be in force till 31st March, 20xx, i.e. March month end of the
third year from the effective date, unless renewed by mutual consent, in writing,
of the Parties, prior to expiry of this Agreement, upon such terms and conditions
as may be mutually agreed between the Parties.

7.2 The UIDAI shall have the right to levy financial disincentives on the Authentication
User Agency as per Annexure II to this Agreement, subject to annual cap of (i) Rs.
1 crore for entities under category 1.1 of Schedule A of Aadhaar (Authentication)
Regulations, 2016 i.e. a Central/ State Government Ministry/Department and their
attached or sub-ordinate offices and (ii) for other entities, Rs. 1 crore or 1% of
Worldwide Gross Annual Turnover from all businesses whichever is more. Such
disincentives may be levied by the UIDAI, by inter alia invoking, in part or full, the
bank guarantee submitted by the Authentication User Agency, in case of violation
of any clause of this agreement. The levying of financial disincentives shall not
take away UIDAI’s right to terminate this Agreement in terms of Clause 7.4 of this
Agreement.

7.3 UIDAI shall designate an officer of the rank of Assistant Director General in UIDAI
to determine and levy financial disincentives as mentioned in Clause 7.2 above. In
case, the Authentication User Agency is not satisfied with the decision of Assistant
Director General, it shall have an option to escalate it to an officer of the rank of
Deputy Director General as designated by UIDAI. The determination of financial
disincentives by the designated Deputy Director General in this regard shall be
final.

7.4 UIDAI shall have the right to suspend the services without any prior notice at any
time. It shall have the right to subsequently terminate this Agreement by giving
fifteen (15) days notice, in writing, prior to expiry of the Term, without any
protest or demur from the Authentication User Agency, in the event that the
Authentication User Agency:

a) fails to comply with the Regulations or the Standards or the decision and
directions issued by UIDAI, from time to time, with regard to the
interpretation and enforcement of the Standards;

b) is in breach of its obligations under this Agreement;

c) uses the Aadhaar Authentication Services for any other purpose than those
specified in the appointment letter;

d) is in liquidation, or if a receiver has been appointed in respect of the

Authentication User Agency or the Authentication User Agency becomes

Page 8 of 15
 Unique Identification Authority of India
Government of India

subject to any form of insolvency administration or files for voluntary

liquidation.

e) In case the Authentication User Agency is also an Authentication Service

Agency, termination of the Authentication Service Agency agreement with
UIDAI will automatically terminate this agreement.

7.5 The Authentication User Agency shall have no right to compensation for
termination of this Agreement by UIDAI.

7.6 The termination of this Agreement by UIDAI, shall result in automatic cancellation
of the registration of the Authentication User Agency, granted by UIDAI, without
any notification, in this regard, to the Authentication User Agency.

7.7 The Authentication User Agency may terminate this agreement by giving 30 days’
notice in writing to the UIDAI.

7.8 Upon termination of this Agreement, the Authentication User Agency shall,
forthwith, cease to use the Aadhaar name and logo for any purposes, and in any
form, whatsoever.

8. GRIEVANCE REDRESSAL

8.1 The Authentication User Agency shall setup grievance handling mechanism to
receive and address the complaints from the Aadhaar Number Holders with
regard to authentication services performed by it. It shall be the responsibility of
the Authentication User Agency to ensure that similar mechanism is setup by its
sub-AUAs.

8.2 The Authentication User Agency shall provide various channels to the Aadhaar
number holder to lodge their complaint such as phone, e-mail, web-portal, SMS
etc. Such information shall be displayed for residents at all touch points.

8.3 UIDAI may require from the Authentication User Agency the details of any
complaint and its redressal by the Authentication User Agency.

8.4 The Authentication User Agency shall provide a quarterly report of all the
grievances handled by it in the format prescribed by UIDAI, from time to time.

8.5 The Authentication User Agency understands and agrees that the failure to comply
with the grievance redressal mechanism, prescribed by UIDAI from time to time,
shall result in the breach of this Agreement.

Page 9 of 15
 Unique Identification Authority of India
Government of India

9. GENERAL

9.1 Notices

Any notice, direction or other documentation required or remitted to be given

hereunder shall be in writing and may only be given by personal delivery,
international courier, electronic mail or facsimile (with confirmation received) at
the addresses hereinafter set forth:

(i) For UIDAI :

Address :
Application & Authentication Division,
3rd Floor, Tower II,
Jeevan Bharati Building
Connaught Circus
New Delhi-110001

Attention : _____________________________________________________

(ii) For the

Authentication
User Agency :

Address : ______________________________________________________
______________________________________________________
______________________________________________________

Attention : ______________________________________________________
Fax No. : ______________________________________________________

9.2 Further Assurances

The Parties hereto shall sign such further and other papers, cause such meetings
to be held, resolutions passed and bylaws enacted, exercise their vote and
influence, do and perform and cause to be done and performed such further and
other acts and things as may be necessary or desirable in order to give full effect
to this Agreement and every part hereof.

9.3 No Waiver

No failure by a Party to take any action with respect to a breach of this Agreement
or a default by any other Party shall constitute a waiver of the former Party’s right
to enforce any provision of this Agreement or to take action with respect to such
breach or default or any subsequent breach or default. Waiver by any Party of any
breach or failure to comply with any provision of this Agreement by a Party shall
not be construed as, or constitute, a continuing waiver of such provision, or a
waiver of any other breach of or failure to comply with any other provision of this

Page 10 of 15
 Unique Identification Authority of India
Government of India

Agreement, unless any such waiver has been consented to by the other Party in
writing.

9.4 Severability

If any Clause or part thereof, of this Agreement or any agreement or document

appended hereto or made a part hereof is rendered invalid, ruled illegal by any
court of competent jurisdiction, or unenforceable under present or future Laws
effective during the term of this Agreement, then it is the intention of the Parties
that the remainder of the Agreement, or any agreement or document appended
hereto or made a part hereof, shall not be affected.

9.5 Counterparts

This Agreement may be executed in one or more counterparts, all of which shall
be read and construed as one document and any facsimile signature hereto shall
be deemed to be an original signature.

9.6 Independent Legal Advice

Each of the Parties acknowledges that it has received independent legal advice
regarding the terms of this Agreement.

9.7 Entire Agreement

This Agreement constitutes the entire agreement between the Parties. There are
not and will not be any verbal statements, agreements, assurances,
representations and warranties or undertakings among the Parties and this
Agreement may not be amended or modified in any respect except by written
instrument signed by the Parties.

9.8 Independence of the Parties with respect of each other

Each of the Parties is and shall remain independent parties. Neither Party nor any
of their respective affiliates shall have the authority to enter into any contract or
any obligation for, or make any warranty or representation on behalf of the other.
Further, nothing in this Agreement will be construed to create a joint partnership,
joint venture, agency, or employer-employee relationship among the Parties.

9.9 Expenses

Each of the Parties shall bear the fees and expenses of their respective counsels,
accountants and experts and all other costs and expenses as may be incurred by
them incidental to the negotiation, preparation, execution and delivery of this
Agreement.

9.10 Harmonious Construction

Page 11 of 15
 Unique Identification Authority of India
Government of India

The terms and conditions of this Agreement shall at all times be construed in
harmony with the Aadhaar Act, 2016 and the regulations made thereunder. All
such conditions, liabilities, responsibilities, obligations, rights, duties, etc.
contained therein shall continue to apply during the currency of this Agreement.

IN WITNESS WHEREOF the parties have each executed this Agreement by its duly
authorized officer as of the day and year first above written.

SIGNED AND DELIVERED FOR AND ON BEHALF OF THE PRESIDENT OF INDIA ACTING
THROUGH (NAME & DESIGNATION) UNIQUE IDENTIFICATION AUTHORITY OF INDIA

Title:________________________________________________________________________________________

Designation: _______________________________________________________________________________

Signature: ____________________________________

SIGNED AND DELIVERED FOR AND ON BEHALF OF

______________________________________________________________________________________________

Title: ________________________________________________________________________________________

Designation:_______________________________________________________________________________

Signature: ____________________________________

WITNESSES:

Title: ________________________________________ Title: _______________________________________

Signature: __________________________________ Signature: __________________________________

Page 12 of 15
 Unique Identification Authority of India
Government of India

ANNEXURE-I

e-KYC Agreement
1. Terms and Conditions

i. Aadhaar e-KYC is an Aadhaar Enabled Service offered by the UIDAI through

the Authentication Service Agencies to Authentication User Agencies.

ii. Aadhaar e-KYC service will be offered at the fees and charges as determined
by UIDAI by notification which may be revised from time to time.

iii. UIDAI hereby grants the Authentication User Agency a non-exclusive and
revocable right to use the Aadhaar e-KYC service to provide such services to
Aadhaar Number Holders, as set out in the appointment letter and in the
manner set out in this Agreement. The Authentication User Agency
understands that the Aadhaar e-KYC Service shall be provided at the sole
discretion of UIDAI, which reserves the right to add, revise, suspend in whole,
or in part, any of the modes of Authentication for Aadhaar e-KYC Service, at
any time with prior notice, in its sole discretion, for any reason whatsoever.

iv. The Authentication User Agency hereby unequivocally agrees that all backend
infrastructure, such as servers, databases etc., required specifically for the
purpose of Aadhaar e-KYC shall be based in the territory of India.

v. It is hereby clearly understood by the Parties that UIDAI shall have no

responsibility or liability in relation to failures that may take place during the
Aadhaar e-KYC process.

Page 13 of 15
 Unique Identification Authority of India
Government of India

ANNEXURE-II

Disincentives* to be imposed on Authentication/e-KYC User Agencies under the

provisions of Regulation 25 of Aadhaar (Authentication) Regulation, 2016

Aadhaar
(Authentication) 1st 2nd
S.
Regulation, Contravention Contravention 3rd Contravention
No.
2016
Non compliance of the
Regulations numbers
5(2), 6, 7(1), 7(2), 8(1), 8(2),
If the Regulation
9(1), 9(5), 14 (1)
is not
(a), 14 (1) (c), 14 (1) (d), 14 Disincentives upto
complied with If the Regulation is not
(1)(e), 14 (1) (f), 14 Rs. 1 lakh per
within 15 complied with
(1) (g), 14 (1) (h), 14(1) (i), day for each day of
days of issuance within 15 days of
14(1) (j), 14(1) (k), non-
of notice issuance of notice by
14 (1) (l), 14(1) (m), 14(1) compliance from
UIDAI on second
(n), 15 (2), 15 (3), 15 the date of
1 by UIDAI on first contravention,
(4), 16 (2), 16 (3), 16 (4), 16 actual commission
contravention, disincentives upto Rs. 3
(5), 16 (8), 17 (1) of violation
disincentives lakh per day
(a), 17 (1) (b), 17 (1) (c), 17 regardless of the
upto Rs. 2 lakh for each day of non-
(1) (d), 17 (1) (e), date of
per day for compliance
17 (1) (f), 17 (1) (g), 18 (1), discovery of the
each day of non-
18 (2), 18 (3), 18 same
compliance
(4), 18 (5), 18 (6), 21 (3), 22
(1), 22 (4) of the
Aadhaar (Authentication)
Regulations, 2016

If the Regulation
Disincentives upto
is not
Rs. 1 lakh per
complied with If the Regulation is not
day for each day of
within 15 complied with
non-
Non compliance of the days of issuance within 15 days of
compliance from
clause numbers 2.1, of notice issuance of notice by
the date of
2.2, 2.3, 2.5, 2.6, 3.1, 4, 6.1, UIDAI on second
actual commission
2 6.2, 8.1, 8.3, 8.4 by UIDAI on first contravention,
of violation
contravention, disincentives upto Rs. 3
regardless of the
of the Agreement disincentives lakh per day
date of
upto Rs. 2 lakh for each day of non-
discovery of the
per day for compliance
same
each day of non-
compliance

Note: It may be noted that the disincentives as mentioned above are in addition to and not
in derogation of the other remedies available under the Aadhaar Act, 2016 and other
relevant laws

Page 14 of 15