NPCI May Allow Aadhaar-Based Face Authentication for High-Value Tr
News THE ECONOMIC TIMES, livelaw.in, LAW, LAWYERS NEAR ME, LAWYERS NEAR BY ME, LIVE LAW, THE TIMES OF INDIA, HINDUSTAN TIMES, the indian express, LIVE LAW .IN
UIDAI pushes for facial recognition in payments; NPCI and banks prepare for a shift in India’s digital authentication regime
Mumbai / New Delhi : October 8, 2025
India’s payments landscape could be on the cusp of a major transformation. The National Payments Corporation of India (NPCI) is reportedly considering enabling Aadhaar-based face authentication for high-value financial transactions, a move that promises to reduce friction and bolster security in India’s expanding digital payments ecosystem
This proposed change was discussed during the Global Fintech Fest 2025 in Mumbai, where senior officials from the Unique Identification Authority of India (UIDAI) advocated for face recognition as an effective addition to India’s multi-factor authentication framework.
According to UIDAI’s Deputy Director-General Abhishek Kumar Singh, who spoke at a panel at the event:
“We have the world’s largest biometric database. We advocate very strongly the use of face authentication as a modality in the multi-factor assessment.”
Singh noted that NPCI is already aligned with this direction and that banks would need to join the ecosystem for it to become operational.
Why Face Authentication and Why Now?
India’s digital payments infrastructure, led by UPI (Unified Payments Interface), has grown by leaps and bounds over the past decade. But as usage scales, concerns around PIN-based fraud, OTP interception, and user convenience remain. Allowing facial biometrics authenticated via Aadhaar could help address some of these challenges by providing a stronger, more seamless verification mechanism.
With nearly 640 million smartphones in India, many of which already support facial recognition features, officials believe the device ecosystem is sufficiently mature to support a widespread rollout.
Moreover, the RBI’s latest guidelines have emphasized the adoption of stronger authentication mechanisms beyond PINs and OTPs, encouraging innovation in biometric and behavioural verification.
In parallel, NPCI has already rolled out some biometric innovations: on-device fingerprint and facial authentication for UPI were launched at the same fintech fest, aimed at reducing reliance on PINs.
What “High-Value Transactions” Entail & Risk Controls
While full details are yet to be confirmed, the new authentication approach is expected to be applied selectively to “high-value” transactions — those involving larger monetary sums — to strike a balance between risk and usability.
To limit potential misuse or fraud, the rollout may come with tiered caps, fallback mechanisms (OTP, PIN), and strict device-binding protocols (i.e., ensuring only trusted devices can use face verification).
Issuing banks might also continue to perform cryptographic checks per transaction to validate and cross-verify identity claims, even when biometric data is used. mint+1
Furthermore, users and banks may need fresh consent or binding steps when devices are replaced or swapped. mint
Potential Benefits
- Faster, frictionless payments: Eliminating repeated PIN/OTP entry could streamline user experience, especially during large transactions.
- Lower fraud risk: Face recognition — when properly implemented — can reduce risks related to stolen PINs or SIM swap-based OTP attacks.
- Better financial inclusion: Users who find PIN/OTP flows cumbersome (especially elderly or first-time users) may benefit from a simpler authentication route.
- Strengthening India’s digital identity ecosystem: This move further integrates Aadhaar’s biometric network into payment systems, consolidating digital identity as foundational infrastructure.
- Edge in fintech competitiveness: India could lead in offering advanced, user-friendly biometric payment models at scale, reinforcing its fintech leadership.
Challenges and Risks
- Privacy concerns & user consent: Facial biometrics are sensitive. Ensuring user choice, transparent data use, opt-in mechanisms, and robust safeguards will be essential.
- False positives/negatives & reliability: Face recognition under diverse lighting, aging, masks, or partial obstructions needs to be reliable in real-world settings.
- Device compatibility & security: Not all phones handle biometric verification equally; older devices or cheap models may lack accurate sensors.
- Infrastructure complexity: Banks, UPI apps, and NPCI will need to upgrade their systems, manage large biometric data flows, and maintain high uptime and security.
- Regulatory & legal frameworks: Existing laws around biometric use, data protection, and authentication standards will need alignment or updates.
- Transition & fallback handling: Ensuring seamless fallback to PIN/OTP in case of biometric failures is critical to avoid transaction blockages.
What Happens Next?
Officials expect NPCI to formalize the announcement soon. Banks will be invited to join pilot programs, and device makers may need to certify hardware compatibility.
Rollouts could begin in phased segments or transaction slabs, focused initially on urban or high-value users, before expanding to wider audiences.
In forthcoming months, regulators like the RBI and legal authorities may issue guidelines defining standards for biometric authentication transactions, liability clauses, and user protection.
Consumer education and trust-building will also be crucial — for an authentication mechanism to gain adoption, people must feel safe and confident in its privacy and security.
Source:
