RBI's Tiered KYC Framework: Minimum, Small, Full KYC for Wallets
The Reserve Bank of India regulates digital wallets under its Master Directions on Prepaid Payment Instruments (PPIs), most recently updated in October 2023 via circular RBI/DPSS/2023-24/108. The framework establishes a tiered KYC structure that determines the functionality and limits of each wallet based on the level of customer verification completed. Understanding these tiers is essential for payment banks and PPI issuers because the KYC level directly determines revenue potential -- a wallet restricted to minimum KYC limits generates far less transaction volume (and corresponding interchange and fee revenue) than a full-KYC wallet.
The first tier is the minimum KYC or "small PPI" wallet. These wallets can be issued based on self-declaration of the customer's identity -- essentially, just a mobile number verification. However, the limits are severely restrictive: the wallet balance cannot exceed INR 10,000, total monthly credits are capped at INR 10,000, and the wallet can only be used for purchases and bill payments. Crucially, small PPIs cannot be used for fund transfers to other wallets or bank accounts, and they cannot be loaded from credit lines. For payment banks, the equivalent is a "small account" that can be opened with self-certification but has a balance limit of INR 50,000, total yearly credits of INR 1 lakh, and no foreign remittance capability.
The full KYC tier unlocks the wallet's complete functionality. Full-KYC PPIs can hold a balance of up to INR 2,00,000, support fund transfers to other wallets and bank accounts (up to INR 2,00,000 per month), enable cash withdrawal at ATMs and Point of Sale terminals (for interoperable PPIs), and have no monthly credit limit beyond the maximum balance. For payment banks, full KYC accounts have a deposit limit of INR 2,00,000 (as mandated by payment bank licensing conditions) but can access the full range of banking services including debit cards, internet banking, and UPI. The revenue difference between a minimum-KYC and full-KYC customer is dramatic: full-KYC wallets generate 5 to 10 times more transaction volume, driving proportionally higher interchange, subscription, and service fee revenue.
Why Payment Banks and PPI Issuers Need Full Video KYC
The business case for upgrading wallet users from minimum KYC to full KYC is compelling, but the logistics of doing so at scale have historically been the bottleneck. India's six payment banks collectively serve over 50 crore accounts (many of them minimum-KYC), and the leading PPI issuers (Paytm Payments Bank, Airtel Payments Bank, Amazon Pay, PhonePe, and others) each have tens of millions of minimum-KYC wallets. Converting even a fraction of these users to full KYC would unlock enormous revenue potential, but traditional full-KYC methods -- requiring either a branch visit or a field agent visit -- are economically unviable when the per-customer revenue increment from KYC upgrade is INR 50 to 200 per year.
Video KYC changes this equation fundamentally. At INR 40 to 80 per session (fully loaded cost including platform and agent time), Video KYC makes mass KYC upgrading economically viable for the first time. A payment bank spending INR 60 per Video KYC session to upgrade a customer who will generate INR 150 in additional annual revenue achieves payback in under 5 months. At scale, upgrading 10 lakh minimum-KYC customers to full KYC through Video KYC costs approximately INR 6 crore and generates INR 15 crore in additional annual revenue -- a 150 percent return in the first year.
Beyond revenue, there is a regulatory imperative. The RBI has progressively tightened its stance on minimum-KYC wallets, driven by anti-money laundering concerns. The October 2023 PPI Master Direction reduced the validity period of minimum-KYC PPIs and imposed stricter transaction monitoring requirements. Industry observers expect the RBI to further restrict minimum-KYC wallet functionality or lower the balance limits in upcoming regulatory cycles. Payment banks and PPI issuers that proactively upgrade their user base to full KYC will be better positioned to absorb future regulatory changes without disrupting their customer experience or losing active users.
The Rs 10,000 to Rs 2,00,000 Wallet Limit: KYC Upgrade Path
The KYC upgrade journey for a wallet user follows a well-defined regulatory path. A user starts with a minimum-KYC wallet (INR 10,000 balance limit) issued against mobile number verification. When the user wants higher limits -- typically triggered by hitting the balance cap, wanting to send money to a bank account, or needing to make a larger purchase -- the wallet app prompts them to upgrade to full KYC. The RBI permits three methods for this upgrade: physical verification at the PPI issuer's branch or authorized agent location, Aadhaar OTP-based eKYC (for issuers with UIDAI AUA access), or Video-based Customer Identification Process (V-CIP).
The timing of the KYC upgrade prompt is critical for conversion rates. Data from multiple PPI issuers shows that the optimal trigger points are: when the user first hits the INR 10,000 balance limit (conversion rate 25 to 35 percent), when the user attempts a blocked action like fund transfer (conversion rate 40 to 55 percent, because the user has immediate intent), and during the first week after account opening when engagement is highest (conversion rate 15 to 20 percent). Prompting at the wrong time -- for example, during a transaction failure or when the user is in a hurry -- can generate negative sentiment and reduce long-term conversion likelihood.
The upgrade process itself must be as seamless as possible. The user should be able to initiate V-CIP directly from within the wallet app without switching to a browser, downloading a separate app, or navigating multiple screens. The pre-session preparation (document checklist, camera permissions, network check) should happen inline, and the video session should launch within 30 to 60 seconds of the user's consent. After a successful V-CIP session, the wallet limits should upgrade immediately -- not after a manual review that takes hours or days. Users who complete a KYC upgrade and immediately see their enhanced limits are significantly more likely to transact at higher volumes, validating the business case for the upgrade investment.
V-CIP as an Acceptable Full-KYC Method for PPIs
The RBI's acceptance of V-CIP for full KYC on PPIs was formalized through a series of regulatory developments. The initial V-CIP framework introduced in January 2020 (circular RBI/2019-20/133) was primarily aimed at bank account opening. The PPI Master Direction was subsequently updated to align with this framework, confirming that V-CIP conducted in accordance with the KYC Master Direction is acceptable for PPI full KYC. This means that a customer who completes a compliant V-CIP session through a payment bank or PPI issuer's authorized platform is considered to have completed full CDD (Customer Due Diligence) equivalent to an in-person branch verification.
The V-CIP requirements for PPI issuers are identical to those for banks: the session must be conducted by an authorized official of the regulated entity (not outsourced to a third-party BPO), using a live video interaction with simultaneous audio. The customer must display their original OVD (PAN card, Aadhaar, passport, voter ID, or driving license) on camera, and the agent must verify the document details against the customer's stated information. A live photograph of the customer must be captured during the session and matched against the document photograph. The session must be geo-tagged and recorded with end-to-end encryption, and the recording must be stored for the duration of the customer relationship plus five years.
One nuance specific to PPI issuers is the definition of "authorized official." For banks, V-CIP agents must be employees of the bank. For non-bank PPI issuers, the RBI has permitted the use of authorized agents -- individuals appointed by the PPI issuer under a formal agency agreement, provided they are adequately trained and supervised. This is particularly relevant for PPI issuers without a large employee base, as it allows them to engage dedicated V-CIP agents on a contract basis while maintaining regulatory compliance. However, the PPI issuer remains fully responsible for the quality and compliance of the V-CIP process, regardless of whether the agent is an employee or authorized agent.
Technical Integration: SDK Embedding in Wallet Apps
The technical integration of Video KYC into a wallet app is the most critical implementation decision for payment banks and PPI issuers. The two primary integration approaches are WebView-based embedding and native SDK integration. In the WebView approach, the wallet app opens the Video KYC platform's web interface inside an in-app WebView component. The customer never leaves the wallet app, but the Video KYC session runs as a web application within the WebView. This approach offers faster implementation (typically 2 to 4 weeks) and simpler maintenance (the Video KYC provider can update the session flow without requiring a wallet app update), but has limitations in camera control, notification handling, and performance on lower-end devices.
Native SDK integration provides a more seamless experience. The Video KYC provider supplies Android (AAR/Maven) and iOS (CocoaPods/Swift Package) SDKs that the wallet app integrates directly into its codebase. The SDK handles camera access, video encoding, WebRTC connection management, document capture, and liveness detection using native device capabilities, resulting in better performance, smoother camera transitions, and more reliable operation on low-end devices. The trade-off is longer integration time (4 to 8 weeks), larger app size increase (typically 5 to 15 MB), and the need to update the wallet app when the Video KYC SDK releases new versions.
Regardless of the integration approach, certain technical requirements are non-negotiable. The integration must support secure session initiation with authentication tokens to prevent unauthorized access. Customer data collected during the V-CIP session must be transmitted to the wallet's backend through encrypted channels and stored in compliance with the DPDPA (Digital Personal Data Protection Act, 2023) and RBI's data localization requirements. The integration must handle edge cases gracefully: what happens when the customer receives a phone call during the V-CIP session, when the app goes to background, when the device runs out of memory, or when the network switches from Wi-Fi to cellular mid-session. These edge cases, while individually rare, collectively affect 10 to 15 percent of sessions and must be handled without data loss or session corruption.
Customer Experience: Minimizing Friction for Wallet Upgrades
Wallet users have exceptionally low tolerance for friction. Unlike a bank customer who accepts a 30-minute branch visit for account opening, a wallet user expects everything to happen instantly within their app. The Video KYC upgrade flow must be designed with this expectation in mind. Every additional step, screen, or wait time reduces the completion rate. Data from leading PPI issuers shows that the completion rate drops approximately 8 to 12 percent for each additional screen in the KYC upgrade flow. A flow with 3 pre-session screens (document selection, terms acceptance, camera permission) achieves 15 to 20 percent higher completion than a flow with 6 screens.
The agent queue wait time is the single largest drop-off point in the wallet KYC upgrade flow. Wallet users who click "Upgrade Now" expect to be connected to an agent within 30 to 60 seconds. Wait times exceeding 2 minutes result in 40 to 50 percent abandonment. This creates a capacity planning challenge: the wallet issuer must maintain enough trained V-CIP agents to handle peak demand (which often coincides with promotional campaigns or end-of-month salary credits) without over-staffing during off-peak hours. Intelligent queue management -- routing customers to the next available agent across multiple locations, providing accurate wait time estimates, and offering callback scheduling for peak periods -- is essential.
Post-session experience matters equally. When the V-CIP session ends successfully, the customer should see their wallet limits updated within seconds, accompanied by a congratulatory message highlighting the new capabilities (higher balance, fund transfers, cash withdrawal). Sending a summary of the completed verification via SMS or in-app notification reinforces trust and provides a reference for the customer. If the session requires manual review (for example, due to a borderline face-match score), the customer should receive a clear timeline ("Your upgrade will be confirmed within 2 hours") rather than being left in uncertainty. The goal is to make the KYC upgrade feel like a feature upgrade -- a positive moment in the customer journey rather than a compliance burden.
How BaseKYC's WebView SDK Powers Seamless Wallet KYC
BaseKYC offers both WebView and native SDK integration options specifically optimized for wallet and payment bank apps. The WebView SDK is designed for rapid deployment: with just 15 lines of integration code, the wallet app can launch a fully compliant V-CIP session within its existing WebView infrastructure. The SDK handles all camera permissions, network quality checks, and session management internally, requiring minimal development effort from the wallet app team. Integration can be completed in as little as 5 business days, making it the fastest path to production for PPI issuers with urgent KYC upgrade requirements.
For PPI issuers requiring deeper integration, BaseKYC's native Android and iOS SDKs provide full control over the V-CIP experience. The SDKs are lightweight (under 8 MB for Android, under 10 MB for iOS) and support devices running Android 7.0+ and iOS 13+, covering over 95 percent of the active Indian smartphone market. The native SDKs include built-in adaptive video that maintains session stability on 2G-equivalent connections (as low as 500 Kbps), hardware-accelerated document OCR that works offline for pre-capture validation, and passive liveness detection that runs continuously without requiring explicit user actions like head turns or blinks.
BaseKYC's platform is purpose-built for the high-volume, low-latency demands of wallet KYC upgrades. The agent routing engine supports automatic load balancing across hundreds of concurrent agents, maintaining an average queue wait time under 45 seconds even during peak traffic. The platform's real-time dashboard gives the wallet issuer's operations team visibility into current queue depth, agent utilization, session completion rates, and failure reasons, enabling dynamic capacity adjustments. Webhook-based status callbacks notify the wallet backend instantly when a V-CIP session is completed and approved, triggering automatic wallet limit upgrades without manual intervention.
Data compliance is built into every layer of the integration. All customer data transmitted between the wallet app and BaseKYC's platform is encrypted in transit (TLS 1.3) and at rest (AES-256). V-CIP recordings are stored in India-based data centers in compliance with the RBI's data localization mandate. The platform supports data deletion requests under the DPDPA, with automated workflows that purge customer data from BaseKYC's systems after the wallet issuer confirms that the KYC record has been successfully transferred to their own storage. For payment banks subject to RBI's IT governance framework, BaseKYC provides SOC 2 Type II compliance documentation, penetration testing reports, and a dedicated security contact for incident response coordination.