In today’s rapidly evolving digital financial ecosystem, ensuring a seamless,secure and user centric Know Your Customer (KYC) experience is critical for fostering financial inclusion, trust, maintaining integrity and meeting customer expectations. The current KYC processes (onboarding and periodic updation) can be further refined to make them more frictionless and accessible, while addressing integrity and threats like identity frauds.
Tokenised KYC presents a transformative opportunity to reimagine identity management that could be easily shared with financial institutions and instantly verified. By enabling users to securely store, control, and share their verified identity as reusable digital tokens, it can reduce duplication, safeguard sensitive information, promote privacy, ensure compliance and streamline delivery of financial services. Tokenised KYC models ensure that once a user’s identity is verified, it can be securely reused across financial service providers via consent-driven mechanisms. This problem statement invites participants to design and develop a tokenised KYC model and focus on the following features:
a.    Creating token-based user-held KYC models where credentials are digitally signed by trusted issuers and shared securely across institutions.
b.    The digital identity tokens should be tamper-proof, machine-readable and issued by trusted authorities and reusable across multiple onboarding processes.
c.     Users should have full control over their KYC data. Sharing of data must be explicitly consent-driven and auditable.
d.    Identity credentials should be tamper-resistant, traceable and support selective disclosure of information based on requirement.
e.    Cross-platform and inter-institutional interoperability using open standards, standardised APIs, and common data exchange protocols.
f.      Adhere to applicable privacy guidelines.
g.    Real-time KYC revocation, renewal, and audit tracking mechanisms for improved lifecycle management.
h.    Integrate with/ make it interoperable with existing infrastructure such as Aadhaar, DigiLocker, and the Central KYC Registry (CKYCR), and work across institutions via common standard APIs.
i.      Secure delegation of tokenised KYC access to legal heirs, guardians, or nominees when required.
j.      Address updation, periodic KYC updation and how the KYC platform can be leveraged by other sectors such as insurance, mutual funds.
The solutions may leverage emerging technologies such as blockchain, zero-knowledge proofs (ZKPs), smart contracts, and biometric authentication to enable trust, reduce fraud, and improve operational efficiency. Tokenised KYC has the potential to revolutionise digital identity and customer onboarding in India. The objective is to build a scalable, standards-driven identity verification framework that enhances collaboration between institutions, reduces redundancy, and empowers users with greater control over their digital identity. By placing users at the center and ensuring regulatory alignment, tokenised KYC can reshape India’s digital identity landscape and accelerate secure and convenient financial access at scale.

Digital Rupee is envisaged as digital form of physical cash. The offline functionality forms one of the foundational considerations for the design of e₹. In addition to ensuring widespread usage, offline transactions would be beneficial in remote locations and would offer resiliency in places where mobile network is not available. Participants are invited to design a secure, user-friendly, tamper-resistant, and scalable solution for enabling offline Central Bank Digital Currency (CBDC) transactions. The solution should allow retail CBDC
transactions without requiring real-time internet or telecom connectivity, ensuring double-spend prevention and reliability in low-resource environments. The goal is to build a functional offline CBDC solution that allows individuals and merchants to transact CBDCs without internet or mobile network. The solution should:
a.    Prevent double spending without requiring real-time server validation.
b.    Allow for consecutive offline payments i.e, funds received in offline mode shall be spendable in offline mode also.
c.     Work on low-cost devices i.e., not necessarily rely only on NFC/ mobile secure element. Solution should be agnostic to all types of devices/OEM and communication protocols and can be enabled on different form factor.
d.    Shall be interoperable across OEM hardware and software across all form factors, wallets and on various available acceptance devices in India.
e.    Enable secure P2P authentication and transaction integrity including mutual authentication between sender and receiver.
f.      Maintain auditability for regulatory compliance and customer dispute resolution/ grievance redressal (while preserving privacy).
g.    Incorporate all the dependencies for e.g., permission/ partnership with OEMs/ chipmakers, if required.
h.    Include an approach plan for implementation at scale across India, including an estimate of the costs and timelines.
i.      Provide the reconciliation framework for such transactions at system, individual/ merchant, and bank level.
j.      Be modular i.e., the offline elements can be easily integrated within the existing CBDC system/ architecture without/ with minimal system level changes.
k.     Should be largely based on open-source software and be willing to share the source code in case the solution is selected for implementation.
l.      Revocation mechanisms in the event of lost/stolen devices.
m.   Secure and tamper proof method for device binding during registration.
n.    Offer multi-protocol support for the solution (NFC, Bluetooth, sound, etc.)
o.    Provide high level of security to ensure that the payment credentials should not be accessible by any malicious actor on device, reference of same need to be shared as a proof.
p.    Ensure high level of device integrity, data integrity and risk protection, reference of same need to be shared as a proof.
q.    Provide random fingerprint technique to determine tampered device and provide technique to do device-based blacklisting and
r.      Suggested solution features should be managed and owned by solution provider only and must not include any third-party solution.

As the financial ecosystem becomes increasingly digital, use of technology serves both as a driver of innovation in transforming financial services and a critical line of defence against  emerging risks. Customers are now exposed to a growing array of cyber threats, including phishing, identity theft, data breaches, and unauthorised transactions. Financial institutions also face the challenge of keeping the system safe and avoid fraudulent activities. This necessitates the need to implement technology-driven solutions that can effectively enhance customer safety without compromising convenience, privacy, or financial inclusion. The key challenges for financial institutions include:

• Identity fraud and impersonation- Using deepfake, fraudsters mimic faces, voices, or even live video calls making traditional verification system vulnerable and inadequate. Other threats include biometric spoofing and executive/ c-suite impersonation.
• Fake banking and digital lending apps – There are instances of fake banking and digital lending apps which trick users into revealing sensitive information, steal funds, or coerce vulnerable customers into predatory debt traps. These incidents significantly erode trust in digital financial services.
• Customer grievance redressal- There is tremendous potential to use technology to automate, streamline, and improve the complaint resolution journey. Also, special attention is needed to improve accessibility for vulnerable groups such as senior citizens, people with disabilities (Divyang), and those with limited digital literacy, using appropriate technology.

Participants are invited to design innovative, technology-based solutions that enhance customer safety, strengthen digital financial infrastructure, improve user experience, and enhance systemic security. Solution may address any or all the following areas:

1. Develop systems that can detect impersonation attempts using deepfakes in videos/images, voice manipulation, or forged identities. It should also flag tampered documents during customer onboarding and detect c-suite impersonation frauds.
2. Design and develop a solution that identifies and blocks unauthorised banking/digital lending apps before they defraud customers. It should be capable of generating real-time alerts to enable swift and proactive response to fraud attempts. It should be designed to preserve customer privacy while strengthening detection capabilities. It may also include features that allow customers to verify the authenticity of apps before installation, thereby reducing the risk of falling victim to unauthorised applications.
3. Design and develop intelligent and inclusive technology-driven grievance redressal system. It should automate processes and reduce turnaround time across various stages of complaint handling and empower regulated entities with data-driven intelligence to resolve complaints. It should automatically categorise, prioritise, and route complaints to the appropriate channels. It should detect recurring issues and automate standardised responses where applicable.  Participant or team may submit maximum up to three distinct solutions, one each for the challenges related to impersonation fraud, fake apps, fraudulent financial networks, and grievance redressal. Each solution should be clearly aligned to the specific challenge it addresses and must demonstrate the use of technology to enhance customer safety and improve system-wide efficiency. Best solution(s) across these sub-themes would be considered for rewards.