Aeps XML H-H Specification Version 1.2

AEPS XML H-H SPECIFICATION
Table of Contents
Table of Contents
Table of Contents _____________________________________________________________________________________________ 1
Introduction____________________________________________________________________________________ 3
1.1 Executive Summary ____________________________________________________________________________________3
1.2 Audience _________________________________________________________________________________________________3
1.3 Document Details ______________________________________________________________________________________3
AEPS Transactions on NPCI Network ______________________________________________________ 4
2.1 Architecture Diagram _________________________________________________________________________________4
2.2 Transaction Timeout Parameters ___________________________________________________________________4
Message Format _______________________________________________________________________________ 5
3.1 Authentication Transaction __________________________________________________________________________6
3.2 BFD transaction ________________________________________________________________________________________7
3.3 Demographic transaction _____________________________________________________________________________8
Data Element Definition _____________________________________________________________________ 9
Settlement and Reconciliation ___________________________________________________________ 18
References ____________________________________________________________________________________ 18
Sample Message Dumps ___________________________________________________________________ 18
NPCI AEPS (XML based) Interface Specification

NPCI © 2011 Confidential Page 1
Table of Contents
Documents Details
Author
Gaurav Garg
Initial Publish Date
10, Jan 2014
Version
1.2
Total Page number
Document classification
Confidential
Document History
Date Version Change

12/7/2013 1.0 Initial Draft Version 12/7/2013
14/8/2013 1.0 Addition of OTP service as separate service 14/8/2013
20/09/2013 1.1 Changes in MCC, Message Dumps 20/09/2013
Changes as per UIDAI Specs aadhaar_kyc_api_1_0_final.pdf
Additional Response Codes added.
10/01/2014 1.2 Response Message tag added to allow banks to see the reason 10/01/2014
for failure. Can be ignored by bank.
e-KYC and OTP transactions removed as separate specifications

are available.
Prepared By: Date
Gaurav Garg
Date
Reviewed By:
Suchet Shenoy
Approved By: Date
Sateesh Palagiri

NPCI 2011 Confidential Page 2
Introduction
Introduction
1.1 Executive Summary
National Payments Corporation of India (NPCI) is formed as an umbrella institution for all the retail payments
systems in the country. The core objective is to consolidate and integrate the multiple systems with varying
service levels into nation-wide uniform and standard business process for all retail payment systems. The other
objective was to facilitate an affordable payment mechanism to benefit the common man across the country
and help financial inclusion. Vision and formation of NPCI is backed by the regulator and Indian Banks
Association (IBA). NPCI has defined business lines to process in country interbank transactions for ATM, POS,
24x7 Remittance, ACH and CTS.
Government of India has initiated Unique Identification Project for citizens of India. It is envisaged to use the
UID schema and infrastructure for the financial inclusion in India. To enable the customers to use AADHAAR for
the financial transaction across the payment networks in the country, NPCI proposes to facilitate routing of
transactions to the central id repository of UIDAI for user authentication through a single interface.
This interface document is targeted to achieve inter-operability between banks for Aadhaar based payment
transactions. NPCI shall allow banks to connect using this interface. It is also possible that banks may position
their respective financial inclusion service provider to connect on their behalf to NPCI central infrastructure with
the respective member bank.
With the Introduction of XML it will be easy for the banks to formulate messages as compared to the complexity
involved in the formation of ISO 8583 message.
1.2 Audience
This document is a property of NPCI and should be not be circulated to external party without prior approvals
of NPCI management team.
This document will be circulated to NPCI management team, Technical Advisor Committee, Business user group
formed from member banks.
1.3 Document Details

Document defines the Interface Specifications between the Originator bank, NPCI and UIDAI for Authentication,
Best Finger Detection (BFD), Demographic Transaction and e-KYC.

AEPS Transactions on NPCI Network
AEPS Transactions on NPCI Network

Transactions will be supported by NPCI AEPS system as follows:
1. AEPS Authentication - Onus

2. Best Finger Detection (BFD) Transaction
3. Demographic Based Transaction
4. e-KYC (refer: e-KYC Interface Specification Version 1.3)
5. OTP (refer: e-KYC Interface Specification Version 1.3)
2.1 Architecture Diagram
(I) AEPS Intra-Bank Transaction Flow (Authentication, BFD, Demographic, e-KYC, OTP )
Figure 1
2.2 Transaction Timeout Parameters

1. The Timeout parameter between NPCI and UIDAI server is 10 seconds i.e. NPCI will wait for 10 seconds for
the response from UIDAI server after sending a request. After 10 seconds a declined response will be sent
back to the Acquirer system.
2. The Timeout parameter between Issuer switch and NPCI is 20 seconds i.e. after 20 seconds a declined
response will be sent back to the Acquirer system by NPCI.
3. The Timeout parameter on the Acquirer switch should be around 30 seconds i.e. if the Acquirer system
doesn’t receive response from NPCI, Acquirer system should send a declined response to the Originating
channel.

Message Format
4. The Timeout parameter on the Originating channel should be around 90 seconds i.e. if the Originating
system doesn’t receive response from Acquirer system, Originating channel should decline the transaction
and show appropriate message to the operator.
Message Format
This section deals with Request and Response Message in accordance to the transaction type which needs to be
followed by bank.
1. NPCI will form the final auth xml request by encoding the encrypted data received from bank.
2. For Demographic based transaction only <uses> tag will vary based on the scenario.

Message Format
3.1 Authentication Transaction
Authentication Request Authentication Response

<Request_auth> <Response_auth>
<TransactionInfo> <TransactionInfo>
<Pan></Pan> <Pan></Pan>
<Proc_Code></Proc_Code> <Proc_Code></Proc_Code>
<Transm_Date_time></ Transm_Date_time > <Transm_Date_time></ Transm_Date_time >
<Stan></Stan> <Stan></Stan>
<Local_Trans_Time></Local_Trans_Time> <Local_Trans_Time></Local_Trans_Time>
<Local_date></Local_date> <Local_date></Local_date>
<Mcc></Mcc> <AcqId></AcqId>
<Pos_entry_mode></Pos_entry_mode> <RRN></ RRN>
<Pos_code></Pos_code> <ResponseCode></ResponseCode>
<AcqId></AcqId> <ResponseMsg></ResponseMsg>
<RRN></ RRN> <CA_Tid></CA_Tid>
<CA_Tid></CA_Tid> <CA_ID></CA_ID>
<CA_ID></CA_ID> <CA_TA></CA_TA>
<CA_TA></CA_TA> </TransactionInfo>
</TransactionInfo> <AuthRes ret=”y|n” code=”” txn=”” err=”” ts=”” info=””>
<Auth uid=”” tid=”” ac=”” sa=”” ver=”” txn=”” lk=””> </AuthRes>
<Uses pi=”” pa=”” pfa=”” bio=”” bt=”” pin=”” otp=””/> </Response_auth>
<Tkn type=”” value=””/>
<Meta udc=”” fdc=”” idc=”” pip=”” lot=”G|P” lov=””/>
<Skey ci=”” ki=””>encrypted and encoded session
key</Skey>
<Data type=”X|P”>encrypted & encoded PID
block</Data>
<Hmac>SHA-256 Hash of Pid block, encrypted and then
encoded</Hmac>
</Auth>
</Request_auth>

Message Format
3.2 BFD transaction
BFD Request BFD Response
<Request_bfd> <Response_bfd>
<RRN></RRN> <CA_Tid></CA_Tid>
</TransactionInfo> <BfdRes code=”” txn=”” err=”” ts=”” actn=”” msg=””>
<Bfd uid=”” tid=”” ac=”” sa=”” ver=”” txn=”” lk=””> <Ranks>
<Meta udc=”” fdc=”” pip=”” lot=”G|P” lov=””/> <Rank pos=”” val=””/>
<Skey ci=”” ki=””>encrypted and encoded session </Ranks>
key</Skey> </BfdRes>
<Data type=”X|P”>encrypted RBD block</Data> </Response_bfd>
<Hmac>SHA-256 Hash of RBD block, encrypted and then
encoded </Hmac>
</Bfd>
</Request_bfd>

Message Format
3.3 Demographic transaction
Demographic Request Demographic Response
<Request_demo> <Response_demo>
<RRN></ RRN> <CA_Tid></CA_Tid>
</TransactionInfo> <AuthRes ret=”y|n” code=”” txn=”” err=”” ts=””
<Auth uid=”” tid=”” ac=”” sa=”” ver=”” txn=”” lk=””> info=””>
<Uses pi=”” pa=”” pfa=”” bio=”” bt=”” pin=”” otp=””/> </AuthRes>
<Tkn type=”” value=””/> </Response_demo>
<Meta udc=”” fdc=”” idc=”” pip=”” lot=”G|P” lov=””/>
<Skey ci=”” ki=””>encrypted and encoded session
key</Skey>
<Data type=”X|P”>encrypted & encoded PID
block</Data>
<Hmac>SHA-256 Hash of Pid block, encrypted and then
encoded</Hmac>
</Auth>
</Request_demo>

Data Element Definition

Elements Description
Request Primary Root Element of the input XML request.

(Mandatory)
Transactioninfo Attributes
(Mandatory) PAN: Aadhaar Number of the resident (mandatory)
Format: LLVAR
Type n..19
PAN must be populated with the combination of IIN and the resident Aadhaar
number.
B B B B B B I U U U U U U U U U U U U
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
B – Acquirer ID/IIN : for Authentication, Demographic, BFD services

I – Indicator for UID – valid value 0 for AEPS.
U – Unique Identification Number of customer issued by UIDAI
Note: As for non-banking entities IIN is not issues, they must use Acquirer ID for
the first 6 digit of PAN.
Proc_Code: Processing Code (mandatory)

Format: Fixed
Type:n6
A series of digits that describes the type of transaction and the accounts affected
by the transaction.
It consists of three, two-digit sub fields:
Digit 1 and 2: Transaction Code

01 Cash withdrawal
10 Biometric Verification (UID Biometric data verification/Authentication) for ONUS
21 Deposits
31 Balance inquiry
90 Fund Transfer with DE 120-tag 001-45
11 Best Finger Detection
12 Demographic Authentication

Digit 3 and 4: From Account Type*

00 Unspecified/unknown
10 Savings
20 Checking
30 Credit card
Digit 5 and 6: To Account Number*
00 Unspecified/unknown
10 Savings
20 Checking
30 Credit card
Transm_Date_time: Transmission Date (mandatory)

Format: Fixed
Type: n10 MMDDhhmmss
It is the date and time when a transaction request was transmitted by a processing
entity. It is represented in GMT/UTC.
Stan: System Trace Audit Number (mandatory)

Format: Fixed
Type: n6
It is the unique identifier assigned to each transaction by the acquirer bank switch.
It must be different for every transaction even for multiple set of transactions
originated at the same time
Local_Trans_Time : Local Transaction Time (mandatory)

Format: Fixed -hhmmss
Type: n6
Local Transaction Time will be passed in the XML Request message. The local time at
which the transaction began from initiated device location. When a request
originates from bank; it is assumed that the content of this attribute is the terminal
local time.

Local_date : Local Date (mandatory)

Format: Fixed - MMDD
Type: n4
Date, Local Transaction is the local month and day on which Transaction takes place
at the point of service. It is the same to be printed on receipt.
Mcc : Merchant Category Code (mandatory)

Format: Fixed
Type: n4
Description: Contains a 4 digit code describing a merchant’s type of business
Refer to ISO 18245 for list of MCC.
Pos_entry_mode : Point of Service Entry Mode (mandatory)

Format: Fixed
Type: n3
Description: The code describes the way how PAN and PIN are entered at a touch
point.
Data element consists of two sub-fields:
PAN Entry Mode
01 Manual
02 Magnetic stripe read.
05 ICC.
90 Full and unaltered magnetic stripe read (enables CVV validation).
PIN Entry Mode
0 Unspecified.
1 PIN entry capability (OTP transaction)
2 No PIN entry capability.
6 PIN pad inoperative.
9 Reserved for private use (Biometric entry capability)

Pos_code : Point of Service Condition Code (mandatory)

Format: Fixed
Type: n2
Description: Two-digit code indicating conditions at touch point:
00 Normal
01 Customer not present.
02 Unattended terminal (CAT, ADM)
03 Merchant suspicious.
05 Customer present, card not present.
AcqId : Acquirer ID (mandatory)

Format: LLVAR
Type: n..11
Identifies the acquiring institution from where the request has been initiated.
This ID will be allotted by NPCI.
RRN : Retrieval Request Number (mandatory)

Format: Fixed
Type: an12
The reference, assigned by the acquirer, to identify a transaction uniquely. It remains
unchanged for all messages throughout the life of a transaction and is used for
matching original message with reversal and/or store/forward messages.
The standard format of RRN is as follows: YDDDHHSSSSSS
Y – Year (last digit of current year)
DDD – Julian date of transaction
HH – Hour of transaction (‘HH’ should be derived from Local_Trans_Time .)
SSSSSS – STAN (same as STAN passed in kyc Request)
ResponseCode: Response Code (mandatory in Response)

Format: Fixed
Type: an2
Denotes the status of the transaction with appropriate response codes.

NPCI UIDAI
Sr.
Error Error Description
No.
Code Code
1 00 - Successful Transaction
NPCI doesn’t get any response from Issuer after sending the
2 91 -
request
3 92 - Invalid IIN entered at Terminal (IIN not present in routing table)
Correct Aadhaar No. and correct IIN entered at terminal (IIN

4 52 - present in routing table). Account number is not present in CBS.
Transaction declined by Issuer.
Insufficient Fund available in Resident’s account. Transaction

5 51 -
declined by Issuer.
Account blocked by Issuer/Regulator for AML or any other

6 57 -
appropriate reasons
7 AY - Aggregate of all credits in a financial year exceed Rs 1 Lakh
Aggregate of all withdrawals and transfers in a month exceeds

8 AM -
Rs. 10,000
9 AB - Account Balance exceeds rupees fifty thousand
10 M4 - Remittance from/to Foreign/NRE Accounts

Transaction amount exceeded limit, transaction is declined by
11 UW -
Issuer.
Net Debit Cap limit is exhausted for member bank. Transaction is
12 M6 -
declined by NPCI.
User should be allowed to re- enter his/her personal information

13 U1 100 attributes like name, lname, gender, dob, dobt, age, phone, email
whichever is used for authentication in application
14 U2 200 Address attribute of demographic details does not match

15 U3 300 Biometric data did not match
16 U4 500 Encryption of session key is invalid
17 U5 510 Invalid Auth XML format / Invalid BFD XML format
18 U6 520 Invalid device

19 U7 530 Invalid authenticator code /AUA code
20 U8 540 Invalid Auth XML version/ Invalid BFD XML version
21 U9 550 Invalid “Uses” element attribute
22 UA 700 Invalid demographic data

23 UB 710 Missing “Pi” data as specified in “Uses”
24 UC 720 Missing “Pa” data as specified in “Uses
25 UD 730 Missing PIN data as specified in “Uses”
26 UE 999 Unknown error
27 UF 740 Missing OTP data as specified in “Uses”
Invalid biometric data. AUA to review biometric device used and

28 UG 800
whether templates are ISO complaint
29 UH 810 Missing biometric data as specified in “Uses”
Time Out for the request sent to UIDAI from NPCI beyond 10
30 UI -
seconds (like response not received for Authentication Request
31 UJ 721 Missing "Pfa" data as specified in "Uses" element
32 UK 820 Missing or empty value for "bt" attribute in "Uses" element

33 UL 821 Invalid value in the "bt" attribute of "Uses" element
No auth factors found in auth request. This corresponds to
34 UM 901 scenario wherein all the 3 factors - Pin, Demo and Bios - are not
present in Auth request
Invalid "dob" value in "Pi" element. Invalid dates are one which
are not of the format YYYY or YYYY-MM-DD, or have a year value
35 UN 902 such that residents age is less than 0 or more than 150 years, or
contains value which cannot be parsed e.g. alphabetic strings,
invalid dates such as 31-Feb, etc
Invalid "mv" value in "Pi" element. This error is returned if mv

36 UO 910
value is not a numeric value or is not in the allowed range.
Invalid "mv" value in "Pfa" element .This error is returned if mv

37 UP 911
value is not a numeric value or is not in the allowed range.
38 UQ 912 Invalid "ms" value in "Pa" (If match strategy other than E is used)
39 UR 913 Both Pa and Pfa are present (Pa and Pfa are mutually exclusive)
40 US 930 Technical error category 1 (Related to ABIS interactions)
Technical error category 2 (Internal to auth server such as

41 UT 931
Database server down, etc.)
Technical error category 3 (Error if audit XML could not be
42 UU 932 published to audit queue, or if audit XML could not be
constructed)
Unsupported option (At present, this error is returned if OTP is
43 UV 980
used which is yet to be implemented)
44 UY 511 Invalid PID XML format / Invalid RBD XML
45 UZ 940 Unauthorized ASA channel
46 U0 941 Unspecified ASA channel

Request expired (“Pid->ts” or “Rbd->ts” value is older than N
47 V0 561
hours where N is a configured threshold in authentication server)
Timestamp value is future time (value specified “Pid->ts” or

48 V1 562 “Rbd->ts” is ahead of authentication server time beyond
acceptable threshold)
Duplicate request (this error occurs when exactly same

49 V2 563
authentication request was re-sent by AUA)
50 V3 564 HMAC Validation failed
51 V4 565 License key has expired
52 V5 566 Invalid license key
Invalid input (this error occurs when some unsupported
53 V6 567 characters were found in Indian language values, “lname” or
“lav”)
54 V7 568 Unsupported language
55 V8 569 Digital signature verification failed
Invalid key info in digital signature (this means that certificate

used for signing the Authentication request or BFD request is not
56 V9 570
valid – it is either expired, or does not belong to the AUA or is not
created by a well-known Certification Authority)
PIN Requires reset (this error will be returned if resident is using

57 VA 571
the default PIN which needs to be reset before usage)
Invalid biometric position (This error is returned if biometric

position value - “pos” attribute in “Bio” element - is not
58 VB 572
applicable for a given biometric type - “type” attribute in “Bio”
element.)
59 VC 573 Pi usage not allowed as per license
60 VD 574 Pa usage not allowed as per license
61 VE 575 Pfa usage not allowed as per license
62 VF 576 FMR usage not allowed as per license
63 VG 577 FIR usage not allowed as per license
64 VH 578 IIR usage not allowed as per license
65 VI 579 OTP usage not allowed as per license
66 VJ 580 PIN usage not allowed as per license
67 VK 581 Fuzzy Matching usage not allowed as per license

68 VL 582 Local language usage not allowed as per license
69 VM 934 Technical error category 4
70 VN 935 Technical error category 5
71 VO 936 Technical error category 6
72 VP 937 Technical error category 7
73 VQ 938 Technical error category 8
74 VR 939 Technical error category 9
75 VS 811 Missing biometric data in CIDR for given AADHAAR

76 VT 501 Invalid certificate identifier in “ci” attribute of “Skey”.
Invalid encryption of Pid in authentication transaction / Invalid

77 VU 502
encryption of Rbd in BFD transaction
78 VV 503 Invalid encryption of Hmac
79 VW 542 AUA not authorized for ASA.
80 VX 543 Sub-AUA not associated with “AUA”
81 VY 541 Invalid PID XML version/ Invalid BFD XML version
82 VZ 311 Duplicate Irises used.
83 W0 312 FMR and FIR cannot be used in same transaction
84 W1 313 Single FIR record contains more than one finger
85 W2 314 Number of FMR/FIR should not exceed 10
86 W3 315 Number of IIR should not exceed 2

87 W4 504 Session key re-initiation required due to expiry or key out of sync
88 W5 812 Best finger detection not done
89 W6 310 Duplicate fingers used
90 W7 584 Invalid Pin code in Meta element
91 W8 585 Invalid Geo code in Meta element
92 W9 400 "OTP" validation failed
93 X0 401 "Tkn" validation failed

94 X1 505 Synchronized Skey usage is not allowed
95 X2 521 Invalid Finger device
96 X3 522 Invalid Iris device
97 X4 700 Invalid demographic data
98 X5 583 Best finger detection not allowed as per license
99 20 - Error code not defined by UIDAI & not present at NPCI
100 X6 993 Technical error category 3

Aadhaar number status is either lost, deceased etc. and currently
101 X7 997
not active.
If client level validations are done then Aadhaar number does not
102 X8 998
exist in CIDR.
103 54 - Validity of customer’s card has expired.
104 36 - Customers card has been marked as Lost/Stolen by Issuer bank
105 41 - Customers card has been restricted by Issuer bank
106 20 - Format Error

ResponseMsg: Response Message (mandatory in Response)
Format: Variable
Type: an..80
Mandatory element in the response.
CA_Tid : Terminal Identification (mandatory)

Format: Fixed
Type: n8
It should carry value “public” in the request for all transactions originated from a
device unregistered at UIDAI data base. For devices recognized by UIDAI, this code
will be allotted by UIDAI the data element is mandatory.
NOTE: ‘ public’ must be left padded with two spaces making it 8 digit value.
CA_ID : Card Acceptor Identification Code (mandatory)

Format: Fixed
Type: ans15
This is a unique code for the device assigned within the Bank domain.
Character 1-15 Unique Device Code, first 3 digits should have Bank code and last 12
digits should be Unique terminal code allotted to every device by the bank. If the
terminal code is less than 15 digits, the terminal code should be left padded with
zeros to make it 15 digits.
CA_TA : Terminal Address (mandatory)

Format: Fixed
Type: an40
The name and location of the acceptor (Touch Point) where the Request has been
initiated.
Character 1-23 Merchant Name &Address / Bank Correspondent Name &Address
Character 24-36 City Name
Character 37-38 State
Character 39-40 Country Code (IN)

Settlement and Reconciliation
Settlement and Reconciliation

Settlement of these transactions will be performed in the NPCI Dispute Management System and Daily
Settlement Report will be provided to member banks. Switching Fee will be applicable as per the guidance.
Please refer to AEPS Dispute & Settlement Handling Guidelines for detailed information on settlement &
Reconciliation.
References
UIDAI released Documents which needs to be referred for Encryption Logics and parameters are explained
which need to be passed while forming the Auth message based on Transaction
 aadhaar_authentication_api_1_6
 aadhaar_otp_request_api_1_5
 aadhaar_BFD_request_api_1_6
Sample Message Dumps

1. Sample Authentication Transaction
<Request_auth>
<TransactionInfo>
<Pan>607066*********2521</Pan>
<Proc_Code>100000</Proc_Code>
<Transm_Date_time>0726094813</ Transm_Date_time >
<Stan>206661</Stan>
<Local_Trans_Time>151813</Local_Trans_Time>
<Local_date> 0726< /Local_date>
<Mcc>6012</Mcc>
<Pos_entry_mode>019</Pos_entry_mode>
<Pos_code>05</Pos_code>
<AcqId>200002 </AcqId>
<RRN>320715206661</ RRN>
<CA_Tid> public</CA_Tid>
<CA_ID>UCO000000006000</CA_ID>
<CA_TA>CSB, NERUL MUMBAI MHIN</CA_TA>
</TransactionInfo>

<Auth uid=”xxxxxxxxxxxxxx” tid=”public” ac=”STGAND0001” sa=”STGAND0001” ver=”1.6” txn=”206661”

lk="xxxxxxxxxxxxxxxxxxxxxxxx”>
<Uses pi=”n” pa=”n” pfa=”n” bio=”y” bt=”FMR” pin=”n” otp=”n”/>
<Tkn type=”” value=””/> -----------------------------no need to pass
<Meta udc=”UCO000000006000” fdc=”NC” idc=”NC” pip=”61.246.255.104” lot=”P” lov=”582101”/>
<Skey ci=”20151110">xxxxxxxxxxxxxxxxxxxxxxxxx</Skey>
<Data type=”P”>xxxxxxxxxxxxxxxxxxxxxxxxx</Data>
<Hmac>xxxxxxxxxxxxxxxxxxxx</Hmac>
</Auth>
</Request_auth>
===================================================================================================
<Response_auth>
<TransactionInfo>
<Pan>607066*********2521</Pan>
<Stan>206661</Stan>
<Local_date> 0726 /Local_date>
<RRN>320715206661</ RRN>
<Responsecode>00</Responsecode>
<ResponseMsg>Successful</ResponseMsg>
<CA_ID>UCO000000006000</CA_ID>
</TransactionInfo>
<AuthRes ret=”y” code=”5b5b358eeda841178e6fc1767a8889c2” txn=”206661” ts=”2013-07-29T17:52:58.416+05:30”
info=”018135079812146d886e50bede5ea318e1490e84de6bec697ed7b694961ddeba3d917d5f5a33ab5f6aed0395d2bc0
a4e5df61d92441ea8d77b0952c01bc8aa8bde0100002000000”>
</AuthRes>
</Response_auth>
2. Sample BFD Transaction

<Request_bfd>
<TransactionInfo>
<Pan>607066*********2521</Pan>
<Stan>206661</Stan>
<Mcc>6012</Mcc>
<RRN>320715206661</ RRN>
<CA_ID>UCO000000006000</CA_ID>
</TransactionInfo>
<Bfd uid=”xxxxxxxxxxxxxx” tid=”public” ac=”STGCORPBNK” sa=”STGCORPBNK” ver=”1.6"txn=”206661”
lk=”xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx”>
<Meta udc=”UCO000000006000” fdc=”INTF88INN” pip=”NA” lot=”P” lov=”560064”/>
<Skey ci=”20151110” >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</Skey>
<Data type=”P”>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</Data>
<Hmac>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</Hmac>
</Bfd>
</Request_bfd>
==================================================================================================
<Response_bfd>
<TransactionInfo>
<Pan>607066*********2521</Pan>
<Transm_Date_time>07260 94813</ Transm_Date_time >
<Stan>206661</Stan>
<RRN>320715206661</ RRN>
<Responsecode>00</Responsecode>

<CA_ID>UCO000000006000</CA_ID>
</TransactionInfo>
<BfdRes code=”” txn=”206661” ts=”2013-07-29T17:52:58.416+05:30” actn=”00” msg=”No action necessary”>
<Ranks>
<Rank pos="RIGHT_INDEX" val="-1"/><Rank pos="LEFT_MIDDLE" val="7"/><Rank pos="LEFT_THUMB" val="6"/><Rank
pos="LEFT_RING" val="5"/><Rank pos="RIGHT_LITTLE" val="8"/><Rank pos="RIGHT_RING"
val="4"/><Rankpos="RIGHT_MIDDLE" val="3"/><Rank pos="RIGHT_THUMB" val="2"/><Rank pos="LEFT_LITTLE"
val="9"/><Rank pos="LEFT_INDEX" val="11"/>
</Ranks>
</BfdRes>
</Response_bfd>
3. Sample Demographic Transaction

<Request_demo>
<TransactionInfo>
<Pan>6070950xxxxxxxxxx49</Pan>
<Transm_Date_time>1226061400</Transm_Date_time>
<Stan>000539</Stan>
<Local_date>1226</Local_date>
<Mcc>6012</Mcc>
<AcqId>200000</AcqId>
<RRN>336011000539</RRN>
<CA_ID>IDD919999999999</CA_ID>
<CA_TA>IDBIBANK C.B.D BELAPUR NAVI MUMBAI MHIN</CA_TA>
</TransactionInfo><Auth uid="xxxxxxxxxx49" tid="public" ac="STGGGGG001" sa="STGGGGG001" ver="1.6" txn="000539"
lk=" xxxxxxxxxxxxxxxxxxxxxxxxx ">
<Meta udc="IDD919999999999" fdc="NC" idc="NC" pip="192.168.141.9" lot="P" lov="400614" />
<Skey ci="20151110"> xxxxxxxxxxxxxxxxxxxxxxxxx </Skey>
<Uses otp="n" pin="n" pi="y" pa="n" pfa="n" bio="n" />
<Data type="X"> xxxxxxxxxxxxxxxxxxxxxxxxx </Hmac></Auth></Request_demo>

==================================================================================================
<Response_demo>
<TransactionInfo>
<Pan>6070950xxxxxxxx49</Pan>
<Transm_Date_time>1226061400</Transm_Date_time>
<Stan>000539</Stan>
<Local_date>1226</Local_date>
<AcqId>200035</AcqId>
<RRN>336011000539</RRN>
<ResponseCode>00</ResponseCode>
<CA_ID>IDD919999999999</CA_ID>
<CA_TA>IDBIBANK C.B.D BELAPUR NAVI MUMBAI MHIN</CA_TA>
</TransactionInfo>
<AuthRes ret="y" code="03bd3c2e8f344d91bb554892e7052702" txn="000539"
info="01a02ab898e48c7ad66b0bd6d976d236ccd93c340826a1578651685c151865882c63af88988e17b86b21572449d276
87ed9d86ceb8b7003c25ec77c52f84bf9f15190000000000" ts="2013-12-26T11:44:06.189+05:30"/>
</Response_demo>


Aeps XML H-H Specification Version 1.2

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Aeps XML H-H Specification Version 1.2

Diunggah oleh

Hak Cipta:

Format Tersedia

AEPS XML H-H SPECIFICATION

NPCI AEPS (XML based) Interface Specification

Date Version Change

Additional Response Codes added.

e-KYC and OTP transactions removed as separate specifications

Prepared By: Date

Approved By: Date

NPCI AEPS (XML based) Interface Specification

1.3 Document Details

NPCI AEPS (XML based) Interface Specification

AEPS Transactions on NPCI Network

1. AEPS Authentication - Onus

2.1 Architecture Diagram

2.2 Transaction Timeout Parameters

NPCI AEPS (XML based) Interface Specification

NPCI AEPS (XML based) Interface Specification

3.1 Authentication Transaction

Authentication Request Authentication Response

NPCI AEPS (XML based) Interface Specification

3.2 BFD transaction

BFD Request BFD Response

NPCI AEPS (XML based) Interface Specification

3.3 Demographic transaction

Demographic Request Demographic Response

NPCI AEPS (XML based) Interface Specification

Data Element Definition

Request Primary Root Element of the input XML request.

B – Acquirer ID/IIN : for Authentication, Demographic, BFD services

Proc_Code: Processing Code (mandatory)

Digit 1 and 2: Transaction Code

NPCI AEPS (XML based) Interface Specification

Digit 3 and 4: From Account Type*

Transm_Date_time: Transmission Date (mandatory)

Stan: System Trace Audit Number (mandatory)

Local_Trans_Time : Local Transaction Time (mandatory)

NPCI AEPS (XML based) Interface Specification

Local_date : Local Date (mandatory)

Mcc : Merchant Category Code (mandatory)

Pos_entry_mode : Point of Service Entry Mode (mandatory)

NPCI AEPS (XML based) Interface Specification

Pos_code : Point of Service Condition Code (mandatory)

AcqId : Acquirer ID (mandatory)

RRN : Retrieval Request Number (mandatory)

ResponseCode: Response Code (mandatory in Response)

NPCI AEPS (XML based) Interface Specification

3 92 - Invalid IIN entered at Terminal (IIN not present in routing table)

Correct Aadhaar No. and correct IIN entered at terminal (IIN

Insufficient Fund available in Resident’s account. Transaction

Account blocked by Issuer/Regulator for AML or any other

7 AY - Aggregate of all credits in a financial year exceed Rs 1 Lakh

Aggregate of all withdrawals and transfers in a month exceeds

9 AB - Account Balance exceeds rupees fifty thousand

10 M4 - Remittance from/to Foreign/NRE Accounts

User should be allowed to re- enter his/her personal information

14 U2 200 Address attribute of demographic details does not match

16 U4 500 Encryption of session key is invalid

17 U5 510 Invalid Auth XML format / Invalid BFD XML format

18 U6 520 Invalid device

21 U9 550 Invalid “Uses” element attribute

22 UA 700 Invalid demographic data

NPCI AEPS (XML based) Interface Specification

24 UC 720 Missing “Pa” data as specified in “Uses

25 UD 730 Missing PIN data as specified in “Uses”