BioVeriSys Interface V 6.1

Bio-VeriSys Specification Document
NADRA | STATE BANK BUILDING, SECTOR G-5/2ISLAMABAD
Bio-VeriSys
SPECIFICATION DOCUMENT
Version: 6.1
Version Control
Number
Date
Author
Verified By
Version
Description
1.
10/02/2015
Muhammad Akram
Amina Ahmed
6.0- Draft
First draft with main content
2.
15/2/2015
Muhammad Akram
Usman Javaid
Khurram
Shahzad
Khurram
Shahzad
6.0- Draft
Added remittance type in

input interface Verify
Fingerprint for OTC
transactions
Added transaction id
instead of session in Get
Last Verification results
Added Verify Fingerprint
responses fields
Separated Primary citizen
data
Separated Secondary citizen
data
3.
21/4/2015
Muhammad Akram
Usman Javaid
6.1
Bank account Number filed

in Submit Mobile Bank
Details is not mandatory
Account Level In Submit
Mobile Bank Account
Details is not mandatory
Introduced Remittance
types
Account Number is not
mandatory in Finger
Verification for OTC
Remittance Amount is not
mandatory for Finger
Contents
1
Intended Audience .......................................................................................................................... 4
Introduction .................................................................................................................................... 4
Assumptions/Requirements ........................................................................................................... 4
Constraints ...................................................................................................................................... 5
Technical Interface Specifications................................................................................................... 6

5.1
Operations .............................................................................................................................. 6
5.2
Verification for Mobile Bank Account ..................................................................................... 6
5.2.1
Fingerprint Verification .................................................................................................. 8
5.2.2
Photograph Verification .................................................................................................. 8
5.2.3
Verification through Secret Identity Demographic Data ................................................ 9
5.2.4
Submit Manual Verification Result ............................................................................... 10
5.2.5
Last Verification Result ................................................................................................. 10
5.2.6
Submit Mobile Bank Account Details ............................................................................ 11
5.3
Verification for OTC Transaction ........................................................................................... 12
5.3.1
Fingerprint Verification ................................................................................................. 14
5.3.2
Photograph Verification ................................................................................................ 14
5.3.3
Verification through Secret Identity Demographics Data ............................................. 15
5.3.4
Submit Manual Verification Result ............................................................................... 16
5.3.5
Biometric Standards ...................................................................................................................... 18

6.1
Fingerprint Standards ........................................................................................................... 18
6.2
Photograph Standards .......................................................................................................... 18
Annexure A................................................................................................................................. 19
7.1
Verification for Mobile Bank Account Creation .................................................................... 19
7.1.1
7.1.2
7.1.3
Secret Identity Demographics Data .............................................................................. 22
7.1.4
Submit Manual Verification Results .............................................................................. 23
7.1.5
7.1.6
Submit Mobile Bank Account Details ............................................................................ 27
7.2
Verification for OTC Transaction ........................................................................................... 28
7.2.1
7.2.2
7.2.3
Secret Identity Demographics Data .............................................................................. 31
7.2.4
Submit Manual Verification Results .............................................................................. 32
7.2.5

2
7.3
Generic Codes description .................................................................................................... 34
1 INTENDED AUDIENCE
This document is intended for
The Developers who can review projects capabilities and more easily understand where their
efforts should be targeted to improve or add more features to it (design and code the application
and sets the guidelines for future development).
The End users of Bio-VeriSys who wish to read about what this project can do. It also addresses
the end users technical team regarding the details of interfaces necessary to use the NADRAs
Biometric Verification Service.
2 INTRODUCTION
NADRA is providing service providers with a Biometric Verification Service named as Bio-VeriSys.
Bio-VeriSys aims to bring efficient and instantaneous verification to a diverse range of transactions
where biometric authenticity is required such as in Branchless Banking Transaction i.e. Mobile bank
Account opening and OTC Transaction. The architecture of Bio-VeriSys has been intelligently
engineered to offer an enterprise, interoperable, scalable and flexible service for the market.
The service is completely finger print device agnostic and uses multiple fingerprint format. Further the
additional modalities of photograph matching and sharing of secret identity demographic data are
also being provided under Bio-VeriSys to include all fail-safe measures.
3 ASSUMPTIONS/REQUIREMENTS
This service will be a point to point connection between NADRA and service providers.
Interfacing with NADRA Bio-VeriSys is through XMLs as more specially specified through XSD
Biometric verification shall be performed at NADRAs server side.
Service Provider shall be issued a unique Franchisee ID and username password for data
exchange and authentication.
Service providers shall be responsible for providing data necessary for performing biometric
verification at server side including candidate finger print, candidate citizen number,
candidate finger position, candidate photograph and candidate manual verification results, if
applicable.
The data shall be encrypted using the propriety encryption scheme of NADRA for which the
service providers will be provided with public/private key pair and sample code
Service provider will provide finger print data on following allowance template :o
o
o
o
o
o
o
ANSI
ISO_19794_2
SAGEM_PKMAT
SAGEM_PKCOMPV2
SAGEM_CFV
RAW_IMAGE
WSQ
The three modalities of Bio-VeriSys shall be called by the service provider in a predefined
sequence. The failure of any modality and exhaustion of number of attempts enables the next
modality in sequence to be called by the Service Provider. The predefined sequence of
modalities is :o Finger print verification
o Photograph verification
o Verification through secret identity demographic data
Feedback from Service provider is mandatory to be shared with NADRA that preliminary
includes Mobile Account Number, Mobile Account Level, Contact Information , Remittance
Amount. However detailed feedback data would be analyzed and finalized later during the
integration.
4 CONSTRAINTS
Following are the key constraints of the Bio-VeriSys web service:
If citizen status is not verified in National Citizen Database e.g. citizen marked as duplicate,
suspect, alien, fraud, then verification will not be carried out and the service will respond with
an appropriate message to service providers, directing the customer to visit NADRA center.
Once the session has been created, service providers can verify a customer by using any of
the available four fingers. Each finger can have only two verification attempts. Hence service
asks for another finger for verification in case a finger had two failed verification attempts.
In one session service provider can verify one finger 2 times out of 4 available finger( total 8
attempts)
Once verification is successful session will be expired.
Each session is a billable entry.
The implemented service restricts the service provider to have maximum five verification
attempts in a day for a citizen.
The implemented service shall restrict the service provider to call maximum two photograph
verifications per session.
The implemented service shall restrict the service provider to call Secret identity
demographics data for maximum two times per session.
5 TECHNICAL INTERFACE SPECIFICATIONS

The data exchange interfaces between NADRA Bio-VeriSys and Service Providers is through XML web
services. The accompanying XSDs are also shared along with this specification document.
5.1 Operations
The following is a list of the methods that are available for performing Bio-VeriSys transaction. Each
method is initiated with a request to NADRA Bio-VeriSys that carries all the data corresponding to the
nature of request in XML format. Bio-VeriSys responds back with a response XML carrying the
responses corresponding to its accompanying request.
NADRA shall also share XML definition in form of XSD for request/response interfaces. The Service
provider request is composed of Franchisee ID and an XML containing the method Signature and all
the parameters of that request. The response includes XML which contains response data specified in
XSD.
Citizen verification through Bio-VeriSys starts by consuming finger print verification functionality. The
Service has exposed two methods for fingerprint verification.
Verification For Mobile Bank

Account
Verification For OTC

Transaction
5.2 Verification for Mobile Bank Account

In first step Service verifies the citizen from National Citizen Database and replies with the appropriate
message. If the person is a valid citizen and the data provided for verification is according to the
specified XML format, the web service performs 1:1 fingerprint verification. If the provided fingerprint
is verified, the Service will return citizen data along with the verification results. And if the fingerprint
verification is not successful, the service will return 4 available finger index.
NOTE:
Service will generate unique session id.
This session id is billable entry and will remain valid for next 30 minutes
The 8 attempts for fingerprints verification can be requested.
Each fingerprint can be submitted only twice for verification.
If the verification is successful, the session will expire automatically.
In case the 4x available fingerprints have not been verified, service provider is allowed to request for
photograph verification within the same session.
The service provider application sends in valid Photograph (according to the standards specified in
section 7.2) for verification. If the provided photograph is verified, the Service will return citizen data
along with the verification results. .Otherwise the service allows the application to request for manual
verification through the secret identity demographics data.
The service provider can request secret identity demographics data and the web service in result shall
return the required data and photograph for manual verification of the customer.
After the successful verification, the service provider platform shall create a Mobile Bank Account and
submits the account details i.e. Mobile Bank Account number, Account level to the Bio-VeriSys Service.
act Verification Flow -Mobile bank Account

BIO VERISYS
Service Provider
Fingerprint Veriifcation
START
Yes perforrm 1:1 Fingerprint

matching
Fingerprint Verified
[yes]
Send verification result as

"successful" & CNIC data
verification results
recieved
Session expired
No
No
Session time< 30 Min &

fingerprints attempts<=8
Mobile Bank Account operation

fingerprints attempts=8 &
fingerprints not verified
Photograph Verification
No
Send Mobile Bank Account

details
Yes
Perform Photograph
v erification
[Yes]
Photograph veriied
Manual Verification
No

Photograph not verified
No
receive
manual
Verification
result
Yes Send Secret question

data for manual
verification
If successful
Submit Wallet details
[No]
Receive Mobile Bank Account

details
End
Bio-VeriSys verification for Mobile Bank Account
5.2.1 Fingerprint Verification

DESCRIPTION
This operation is used by Service provider for finger print verification for Mobile Bank Account
creation. The biometric data of Primary/Sender Citizen Number is sent to Bio-VeriSys which will verify
the citizen through the provided fingerprint.
INPUT
The operation takes input as mentioned in Annexure A: 7.1.1 Fingerprint Verification for
Mobile Bank Account Creation
PROCESS
Verify Citizen Status from National Citizen Database: If person is not verified, operation will
return appropriate message along with session id. Fingerprint verification will not be carried out.
Verify fingerprints availability: If fingerprints are not available, person should be advised to visit
NADRA NSRC for modification of CNIC.
Verify Fingerprints:
o
If verification is successful, it will return session ID along with citizen data and the session will
be closed for given citizen no.
If verification is unsuccessful it will return session id, and 4x available finger index. Fingerprint
verification can be re-called for any of 4x available fingers with the same session id. Maximum
8 number of finger print verifications attempts will be allowed for each session.
NOTE: Session id is a billable entry
OUTPUT
The operation produces a response as mentioned in Annexure A: 7.1.1. Fingerprint

Verification for Mobile Bank Account creation
5.2.2 Photograph Verification

DESCRIPTION
The purpose of this function is to match the photograph acquired by the service provider with the
photograph available for the citizen in the National Citizen Database.
PRE-REQUISITES
This operation can be availed by the Service provider after completely exhausting the finger print
verification modality i.e. by verifying all available finger prints options.
INPUT
The operation takes input as mentioned in Annexure A: 7.1.2. Photograph Verification
PROCESS
Verify fingerprint functionality completely exhausted: This operation validates that fingerprints
are available in database and verification of all fingerprints have been failed.
ICAO Compliance: Photograph will be checked for ICAO compliance.
Verify Photograph:
o
If verification is successful, it will return session ID along with citizen data and the session
will be closed for given citizen no.
If verification is unsuccessful, service will reply with the message and secret identity
demographics data functionality is enabled.
OUTPUT
The operation produces a response as mentioned in Annexure A: 7.1.2 Photograph

Verification
5.2.3 Verification through Secret Identity Demographic Data

DESCRIPTION
This operation is used to retrieve citizens secret identity demographics data and photograph from
citizen database for manual verification.
PRE-REQUISITES
This operation can be availed by the Service provider after exhausting the photograph verification
modality i.e. Fingerprint verification of all the available fingerprints, and photograph have failed.
INPUT
The operation takes input as mentioned in Annexure A: 7.1.3. Citizen secret Identity
Demographic data
PROCESS
Verify fingerprint & photograph functionality completely exhausted: This operation validates
that verification of all the fingerprints and photograph have been failed.
Secret identity demographics data: This function returns the following secret identity
demographics data for manual verification.
Mother Name
Birth Place
Native Language
Religion
Photograph
NOTE: Session ID will expire after two attempts of calling Secret Identity demographic data
modality
OUTPUT
The operation produces a response as mentioned in Annexure A: 7.1.3. Citizen secret

Identity Demographic data
5.2.4 Submit Manual Verification Result

DESCRIPTION
This operation is used to provide feedback to Bio-VeriSys that manual verification of person was
successful through secret identity demographics data and service will respond with citizen data
PRE-REQUISITES
This operation can be availed by the Service provider when secret identity demographics data
functionality has been called and person has been manually verified.
INPUT
The operation takes input as mentioned in Annexure A: 7.1.4. Submit Manual Verification Results
PROCESS
Verify Secret question data retrieval was successful: This operation validates that service
provider has successfully retrieved secret question data.
Submit results: This function will check the manual verification results submitted in request
parameters. If result is successful, function will return citizen data.
OUTPUT
The operation produces a response as mentioned in Annexure A: 7.1.4. Submit Manual

Verification Results
5.2.5 Last Verification Result

DESCRIPTION
The Service provider will request for the last verification result from Bio-VeriSys before re-sending the
request to verification modality of Photograph Verification or Fingerprint Verification.
PRE-REQUISITES
This operation is called by the Service provider whereby the instantaneous verification result from the
verification modality of Photograph Verification or Finger Verification is not received in the stipulated
time.
INPUT
The operation takes input as mentioned in Annexure A: 7.1.5. Last Verification result
PROCESS
Verify Session and last verification results: This function checks whether session exists and any
verification was done against citizen number.
Verification result: If a verification was done against citizen number, service will provide
appropriate message against verification along with citizen data if verification result was
successful.
10
OUTPUT
The operation produces a response as mentioned in Annexure A: 7.1.5. Last Verification

result
5.2.6 Submit Mobile Bank Account Details

DESCRIPTION
When verification is successful, service provider is liable to submit Mobile Bank Account details.
Service provider will call following functionality to submit Mobile Bank Account detail which includes
Mobile Bank Account number and account level.
PRE-REQUISITES
This operation can be availed by the service provider verification is successful and account has been
created by bank.
INPUT
The operation takes input as mentioned in Annexure A: 7.1.6. Submit Mobile Bank
Account Details
PROCESS
Verify verification results: This operation verifies that verification has been done successfully
through any of the above mentioned modalities and session has not expired.
Save Mobile Bank Account Details: Function saves Mobile Bank Account details information and
return the results.
OUTPUT
The operation produces a response as mentioned in Annexure A: 7.1.6. Submit Mobile

Bank Account Details
11
5.3 Verification for OTC Transaction

In first step Service verifies the citizen from National Citizen Database and replies with the appropriate
message. If the person is a valid citizen and the data provided for verification is according to the
specified format, the web service performs 1:1 fingerprint verification. If the fingerprints are verified,
then the verification results along with other specified data will be returned. If verification is not
successful, service will return 4 available fingerprints.
NOTE:
Service will generate unique session id.
This session id is billable entry and will remain valid for next 30 minutes
The 8 attempts for fingerprints verification can be requested.
Each fingerprint can be submitted only twice for verification.
If the verification is successful, the session will expire automatically.
In case the 4x available fingerprints have not been verified, service provider is allowed to request for
photograph verification within the same session.
The Service provider application sends in the valid Photograph (according to the specified standards)
and the web service performs the photograph verification. The service will respond with success
message and specified data. Otherwise the web service allows the application to request for manual
verification through secret identity demographics data.
The service provider can request secret identity demographics data and the web service in result shall
return the required data and photograph for manual verification of the customer.
12
act Verification Flow -OTC transaction
BIO VERISYS
Service Provider
Yes
perforrm 1:1 Fingerprint

matching
Fingerprint Veriifcation
START
Fingerprint Verified
[yes]
Send verification result as

"successful"
verification results
recieved
Session expired
No
No

fingerprints attempts<=8
OTC Transaction operation
performed
Photograph Verification
No

fingerprints attempts=8 &
fingerprints not verified
Yes
Perform Photograph
v erification
Photograph veriied
Manual Verification
No
No
receive manual Verification

result

Photograph not verified
Yes Send Secret question

data for manaual
verification
If successful
End
Bio-VeriSys verification for OTC Transaction
13

DESCRIPTION
This operation is used by Service provider for finger print verification by sending biometric data of
Primary/Sender Citizen Number for Mobile Bank Account OTC Transactions. This functionality will
verify finger prints and will return the results.
NOTE: This functionality will not return citizen data.
INPUT
The operation takes input as mentioned in Annexure A: 7.2.1. Fingerprint Verification for
OTC
PROCESS
Verify Primary/Secondary Citizen Status From National Citizen Database: If Primary/Secondary
citizen number is not verified, operation will return appropriate message. Fingerprint verification
will not be carried out.
Verify Fingerprints Availability For Primary Citizen: If fingerprints are not available, person
should be advised to visit NADRA NSRC for modification of CNIC.
Verify Fingerprints:
o
If verification is successful operation will return session id and session will be closed for
given citizen no.
If verification is unsuccessful operation will return session id, and 4x available finger
indexes. Fingerprint verification can be re-called for any of 4x available fingers with same
session id. Maximum number of finger print verifications attempts for per session will be
8.
NOTE: Session id is a billable entry
OUTPUT
The operation produces a response as mentioned in Annexure A: 7.2.1. Fingerprint


DESCRIPTION
The purpose of this functions is to match the photograph acquired by the service provider with the
photograph available for the primary/sender citizen in the citizen database.
14
PRE-REQUISITES
This operation can be availed by the Service provider after completely exhausting the finger print
verification modality i.e. by verifying all four available finger prints options.
INPUT
The operation takes input as mentioned in Annexure A: 7.2.2. Photograph Verification
PROCESS
Verify fingerprint functionality completely exhausted: This operation validates that fingerprints
are available in database and verification of all fingerprints have been failed.
ICAO Compliance: Photograph will be checked for ICAO compliance.
Verify Photograph:
o
OUTPUT
If verification is successful, it will return session ID and the session will be closed for given
citizen no.
If verification is unsuccessful, service will reply with the message and citizen secret
question data functionality is enabled.
The operation produces a response as mentioned in Annexure A: 7.2.2. Photograph

Verification
5.3.3 Verification through Secret Identity Demographics Data

DESCRIPTION
This operation is used to retrieve Primary/Sender Citizens secret questions data and photograph from
citizen database for manual verification.
PRE-REQUISITES
This operation can be availed by the service provider after exhausting the photograph verification
modality i.e. Fingerprint verification of all the available fingerprints, and photograph have failed.
INPUT
The operation takes input as mentioned in Annexure A: 7.2.3. Secret Identity

Demographics Data
PROCESS
Verify fingerprint & photograph functionality completely exhausted: This operation validates
that verification of all the fingerprints and photograph have been failed.
Secret Question data: This function returns the following secret identity demographics data for
manual verification.
Mother Name
Birth Place
15
Native Language
Religion
Photograph
NOTE: Session ID shall expire after two attempts of calling secret identity demographics data
Modality
OUTPUT
The operation produces a response as mentioned in Annexure A: 7.2.3. Secret Identity

Demographics Data
5.3.4 Submit Manual Verification Result

DESCRIPTION
This operation is used to provide feedback to Bio-VeriSys that manual verification of person was
successful through secret identity demographics data and service will respond with citizen data
PRE-REQUISITES
This operation can be availed by the Service provider when secret identity demographics data
functionality has been called and person has been manually verified.
INPUT
The operation takes input as mentioned in Annexure A: 7.2.4. Submit Manual Verification Results
PROCESS
Verify Secret question data retrieval was successful: This operation validates that service
provider has successfully retrieved secret question data.
Submit results: This function will check the manual verification results submitted in request
parameters. If result is successful, function will return citizen data.
OUTPUT
The operation produces a response as mentioned in Annexure A: 7.2.4. Submit Manual

Verification Results

DESCRIPTION
The Service provider will request for the last verification result from Bio-VeriSys before re-sending the
request to verification modality of Photograph Verification or Finger Verification.
PRE-REQUISITES
This operation is called by the Service provider whereby the instantaneous verification result from the
verification modality of Photograph Verification or Finger Verification is not received in the stipulated
time.
INPUT
The operation takes input as mentioned in Annexure A: 7.2.5. Last Verification result
16
PROCESS
Verify Session and last verification results: This function checks whether session exists and any
verification was done against citizen no.
Verification result: If verification exists service will provide appropriate message against the
verification.
OUTPUT
The operation produces a response as mentioned in Annexure A: 7.2.5. Last Verification

result
17
6 BIOMETRIC STANDARDS
6.1 Fingerprint Standards
Finger prints should be acquired at 500 dpi before conversion to any template format
Maximum information of fingerprint should be acquired
Fingerprint should be placed flat with maximum contact between scanner lens and skin
Image lens should be clean and without any moisture for better biometric acquisition
Fingerprint template should be one of following
o
o
o
o
o
o
o
ANSI
ISO_19794_2
SAGEM_PKMAT
SAGEM_PKCOMPV2
SAGEM_CFV
RAW_IMAGE
WSQ
Finger Index definition
Finger Index Description

1
2
3
4
5
6
7
8
9
10
Right Thumb
Right Index Finger
Right Middle Finger
Right Ring Finger
Right Little Finger
Left Thumb
Left Index Finger
Left Middle Finger
Left Ring Finger
Left Little Finger
6.2 Photograph Standards

Photograph should be ICAO compliance with following standards:
Photograph should be colored and comply with normal portrait photograph

standards
Maximum size should be 10 KB
Frontal rotation of the face is less than 5 (angle between the eyes).
Same pixel aspect ratio at horizontal and vertical dimensions.
Nose and mouth are at the horizontal center of the image.
The distance from the bottom edge of the image to the imaginary line passing
through the center of the eyes is between 50% - 70% of the height of the image.
The minimum image width conforms to the image width by head width ratio of
7:5. The head width is defined as the distance between the left and right ears.
The distance between the base of the chin and the crown is less than 80% of the
total height of the image
18
7 ANNEXURE A
7.1 Verification for Mobile Bank Account Creation
7.1.1.1 Request Interface
Field Name
Field type
Length
Description
Example
Franchisee ID
String
The unique Franchisee ID

issued to Service provider by
NADRA
Username
of
Service
provider issues by NADRA
for Bio-VeriSys
Password set by the Service
provider for Bio-VeriSys
1234
Username
String
Max
12
characters
Mandatory
Password
String
Max
15
characters
Mandatory
Session ID
String
19
Non
Mandatory
A unique 19 digit number
1000009010000090
Citizen
Number
String
13
Mandatory
6110119876547
16
Mandatory
This is the citizen number for

which the session id is being
requested
Contact No of citizen e.g.
mobile no.
Contact
Number
String
Finger Index
Integer
Mandatory
Right thumb index
Finger
Template
Base
string
Mandatory
This is the finger template

corresponding to the finger
print index
Value of Template type from
Template Type data type
exposed by Service
This
is
the
unique
transaction id that Service
provider
generates
by
appending Franchisee ID +
Unique 15 digits
Template Type
String
Service
Provider
Transaction ID
String
64
Constraints (if
any)
Unique
Mandatory
19
Unique
session
Numeric
per
iuser
ipassword
0308-5126899
TemplateType.ANSI
6407814020617511
501
7.1.1.2 Response Interface

Field Name
Field type
Length
Description
Example
Constraints (if
any)
Mandatory
Code
String
Code response to request
100
Message
String
256
Mandatory
Message explaining
response code
Successful
Session ID
String
19
Mandatory
Unique session id for using

Bio- VeriSys. This session ID
will be used for the billing to
the service providers
the
40011000001037199
29
19
Citizen Number
String
Name
String
Father-husband
name
String
Present Address
String
Permanent
Address
String
Name English
String
Father-husband
name English
String
Present Address
English
String
Permanent
Address English
String
Finger Index
String[]
7.1.1.3
Sr. No.
1
3
4
13
Mandatory
Where
verification
result
is
successful
Where
verification
result
is
successful
Where
verification
result
is
successful
Where
verification
result
is
successful
Where
verification
result
is
successful and
if available and
as is.
Where
verification
result
is
successful and
if available and
as is.
Where
verification
result
is
successful and
if available and
as is.
Where
verification
result
is
successful and
if available and
as is.
Non
Mandatory
Where
verification
result is not
successful
This is the primary/sender

citizen number for which the
session id is issued
Contains the Urdu name
6110119876547
This field will carry father

name in Urdu
Present address of citizen in
Urdu
Permanent
address
citizen in Urdu
of
Citizen Name in English
Qadir Bakhsh
Citizen Father spouse name

in English
Rahim Khan

English
Permanent
address
citizen in English
of
This is the list of available

finger indexes
1,2,4,6
Code description
Code
100
110
111
Description
successful
citizen number is not verified
finger not found in citizen database
20
5
7
8
10
11
12
13
14
15
112
114
115
120
121
122
123
124
125
error generating session id

invalid verification reference number
Invalid service provide transaction id
invalid input finger template
invalid finger index
Fingerprint does not matched
invalid finger template format
Citizen is not verified. please advise to visit NADRA center
Invalid citizen number

7.1.2.1 Request Interface:
Field Name
Field type
Length
Franchisee ID
String
Constraints
(if any)
Unique
Session ID
String
19
Mandatory
Username
String
Max
12
characters
Mandatory
Password
String
Max
15
characters
Mandatory
Primary/Sender
Citizen Number
String
13
Mandatory
Photograph
Base
string
Max 10 KB
Mandatory
64
Description
Example
The
unique
Franchisee ID issued
to Service provider by
NADRA
A unique 19 digit
number issued
Username of Service
provider issues by
NADRA
for
BioVeriSys
Password set by the
Service provider for
Bio-VeriSys
This
is
the
primary/sender
citizen number for
which the session id is
issued
Photograph of the
Primary/Sender
Citizen. The colored
photograph should
comply with normal
portrait photograph
standards.
1234
1000009010000090
iuser
ipassword
6110119876547
7.1.2.2 Response Interface:

Field Name
Field type
Length
Code
String
Constraints
any)
Mandatory
Message
String
256
Mandatory
(if
Description
Example
100
Message explaining
response code
Successful
the
21
Session ID
String
19
Mandatory

issued
10000090100000
90
Primary/Sender
Citizen Number
String
13
Mandatory
6110119876547
Name
String

citizen number for which
the session id is issued
Father-husband
name
String

name in Urdu
Present Address
String
Permanent Address
String
Name English
String
Father-husband
name English
String
Present
English
Address
String
Permanent Address
English
String
Where
verification result
is successful
Where
verification result
is successful
Where
verification result
is successful
Where
verification result
is successful
Where
verification result
is successful and if
available and as is.
Where
verification result
Where
verification result
Where
verification result
Urdu
Permanent address
citizen in Urdu
of
Qadir Bakhsh

in English
Rahim Khan

English
Permanent address
citizen in English
of
7.1.2.3 Code Description

Sr. No.
1
2
3
4
5
6
7
Code
100
130
131
132
133
134
135
Description
successful
photograph does not match
this operation will only be enabled if biometric verification of all available fingers is failed
invalid photograph data
no eyes detected
photograph size is greater than specified limit
image quality is not good
7.1.3 Secret Identity Demographics Data

Field Name
Field type
Length
Franchisee ID
String
Constraints
(if any)
Unique
Description
Example
The unique Franchisee

ID issued to Service
provider by NADRA
1234
22
Session ID
String
19
Mandatory
Username
String
Max
12
characters
Mandatory
Password
String
Max
15
characters
Mandatory
Primary/Sender
Citizen Number
String
13
Mandatory
A unique 19 digit
number issued
Username of Service
provider issued by
NADRA for Bio-VeriSys
Password set by the
Service provider for BioVeriSys
This
is
the
primary/sender citizen
number for which the
session id is issued.
1000009010000090
Description
Example
Code
response
to
request
Message explaining the
response code
100
1000009010000090
iuser
ipassword
6110119876547

Field Name
Field type
Length
Code
String
Constraints
(if any)
Mandatory
Message
String
256
Mandatory
Session ID
String
19
Mandatory
A unique 19
number issued
Religion
String
Mandatory
Citizen religion
Islam
Mother Name
String
Mandatory
Citizen mother name
Birth Place
String
Mandatory
Citizen place of birth
Lahore
Native Language
String
Mandatory
Citizen native language
Urdu
Photograph
Base
string
Mandatory
Photograph of
Primary Citizen.
64
Max 10 Kb
digit
Successful
the

Sr. No.
1
2
3
Code
100
140
141
Description
Successful
Citizen verification system is down. Please try again later.
This operation will only be enabled if biometric verification of all available fingers and photo
verification are failed
7.1.4 Submit Manual Verification Results

Field Name
Field type
Length
Constraints
(if any)
Description
Example
23
Franchisee ID
String
Unique
Session ID
String
19
Mandatory
Username
String
Max
12
characters
Mandatory
Password
String
Max
15
characters
Mandatory
Primary/Sender
Citizen Number
String
13
Mandatory
Verification Result
String
16
Mandatory

issued to Service provider
by NADRA
issued
Username
of
Service
provider issued by NADRA
for Bio-VeriSys
1234

Manual verification result
through secret question
data
6110119876547
1000009010000090
iuser
ipassword
Successful
Not successful

Field Name
Field type
Length
Description
Example
Constraints (if
any)
Mandatory
Code
String
100
Message
String
256
Mandatory
Message explaining
response code
Successful
Session ID
String
19
Mandatory
4001100000103719929
Citizen Number
String
13
Mandatory
Name
String

Father-husband
name
String

name in Urdu
Present Address
String
Permanent
Address
String
Name English
String
Father-husband
name English
String
Where
verification
result
is
successful
Where
verification
result
is
successful
Where
verification
result
is
successful
Where
verification
result
is
successful
Where
verification
result
is
successful and
if available and
as is.
Where
verification
the
6110119876547
Urdu
Permanent
address
citizen in Urdu
of
Qadir Bakhsh

in English
Rahim Khan
24
Present Address
English
String
Permanent
Address English
String
result
is
successful and
if available and
as is.
Where
verification
result
is
successful and
if available and
as is.
Where
verification
result
is
successful and
if available and
as is.

English
Permanent
address
citizen in English
of

Sr. No.
1
2
3
4
Code
100
150
151
152
Description
successful
invalid citizen number
no request found against session id
secret question data was not requested

Field Name
Field type
Length
Constraints
(if any)
Unique
Franchisee ID
String
Username
String
Max
12
characters
Mandatory
Password
String
Max
15
characters
Mandatory
Service
Provider
Transaction ID
String
19
Unique per
session
Numeric
Primary/Sender
Citizen Number
String
13
Mandatory
Constraints
(if any)
Mandatory
Description
Example

by NADRA
Username
of
Service
for Bio-VeriSys
1234
This
is
the
unique
provider generates by
appending Franchisee ID +
Unique 15 digits
640781402061751
1501
Description
Example
100
iuser
ipassword
6110119876547

Field Name
Field type
Length
Code
String
25
Message
String
256
Mandatory
Message contains
verification result
Session ID
String
19
Mandatory

issued
1000009010000090
Primary/Sender
Citizen Number
String
13
Mandatory
6110119876547
Verification
Functionality
String
Mandatory

Functionality which was
called last time
Name
String
Father-husband
name
String

name in Urdu
Present Address
String
Permanent Address
String
Name English
String
Father-husband
name English
String
Present
English
Address
String
Permanent Address
English
String
Where
verification
result
is
successful
Where
verification
result
is
successful
Where
verification
result
is
successful
Where
verification
result
is
successful
Where
verification
result
is
successful
and
if
available and
as is.
Where
verification
result
is
successful
and
if
available and
as is.
Where
verification
result
is
successful
and
if
available and
as is.
Where
verification
result
is
successful
and
if
available and
as is.
last
Successful
Fingerprint
verification
Present address of citizen

in Urdu
Permanent address
citizen in Urdu
of
Qadir Bakhsh

in English
Rahim Khan
Present address of citizen

in English
Permanent address
citizen in English
of
26

Sr. No.
1
2
3
Code
100
150
151
Description
successful
7.1.6 Submit Mobile Bank Account Details

Field Name
Field type
Length
Constraints
(if any)
Unique
Description
Example
Franchisee ID
String

by NADRA
Username
of
Service
for Bio-VeriSys
1234
Username
String
Max
12
characters
Mandatory
Password
String
Max
15
characters
Mandatory
Session ID
String
19
Mandatory

issued
1000009010000090
Citizen Number
String
13
Mandatory

Mobile Bank Account
number create by bank
This is account level for
branchless banking
6110119876547
Mobile Bank Account

Number
String
Account Level
String
Description
Example
100
Successful
NonMandatory
NonMandatory
iuser
ipassword
104720569822210
level 0
level 1
level 2
level 3

Field Name
Field type
Length
Code
String
Constraints
(if any)
Mandatory
Message
String
256
Mandatory
Message contains
verification result
Session ID
String
19
Mandatory

issued
1000009010000090
Primary/Sender
Citizen Number
String
13
Mandatory

6110119876547
last

Sr. No.
1
2
Code
100
150
Description
successful
27
3
4
5
155
156
157
verification was not completed

invalid Mobile Bank Account number
invalid account level
7.2 Verification for OTC Transaction

Field Name
Field type
Length
Constraints (if any)
Description
Example
Franchisee ID
String
Unique
1234
Username
String
Max
12
characters
Mandatory
Password
String
Max
15
characters
Mandatory
Session ID
String
19
Non Mandatory
Service
Provider
Transaction ID
String
19
Unique
Numeric
Primary/Sender
Citizen Number
String
13
Mandatory
Primary/Sender
Contact Number
String
16
Mandatory
The
unique
Franchisee ID issued
to Service provider by
NADRA
Username of Service
provider issues by
NADRA
for
BioVeriSys
Password set by the
Service provider for
Bio-VeriSys
A unique 19 digit
number issued by
4.1.3.2
This is the unique
transaction id that
Service
provider
provided
for
verification
This
is
the
primary/sender
citizen number for
which session id is
being requested
Contact No of citizen
e.g. mobile no.
Finger Index
Integer
Mandatory
Right thumb index
Finger Template
Base
string
Mandatory
ISO 19794 Finger
print template
Template Type
String
This is the finger

template
corresponding to the
finger print index
Value of Template
type exposed by
Service
Remittance Amount
Number
64
16
Mandatory
Template type must
be value exposed in
Service definition
Non- Mandatory
Remittance amount
being
sent
or
received
iuser
ipassword
1000009010000
090
6407814020617
511501
6110119876547
0308-5126899
ANSI
15000
28
Remittance type
String
16
Mandatory
Remittance
type
indicate whether OTC
transaction is for
transfer or receive
money. Remittance
Type value defined in
Service as Enum
Citizen number or
Account number of
recipient/secondary
applicants
1. money transfer
send
2. money transfer
receive
3. ibft
Secondary/Receiver
Citizen Number
String
13
Mandatory if
remittance type is
money
transfer/receive.
Non-Mandatory for
Account Number
String
24
Non- Mandatory
Account number of
recipient/secondary
applicants
Contact
No
of
Secondary/Receiver
e.g. mobile no.
4130891229519
69
Secondary/Receiver
Contact Number
String
16
Mandatory
Description
Example
100
Successful
4130891229519
0333-5126899

Field Name
Field type
Length
Code
String
Constraints (if
any)
Mandatory
Message
String
256
Mandatory
Message explaining
response code
Session ID
String
19
Mandatory
400110000010371
9929
Primary/Sender
Citizen Number
String
Mandatory
Primary/Sender
Citizen
Number
Name
String
Mandatory
Finger Index
String[]
Secondary/Receiver
Citizen Number
String
Non
Mandatory
Where
verification
result is not
successful
NonMandatory

Bio-VeriSys. This session ID
Contains
Primary/Sender
citizen number
Contains the urdu name of
the Primary/Sender citizen
number
This is the list of available
finger indexes
4130891229519
Secondary/Receiver
Name
String
Contains the detail of the

Secondary/Sender citizen
number
Contains the urdu name of
the
Secondary/Sender
citizen
NonMandatory
the
6110119876547

1,2,4,6
7.2.1.3 Code description

Sr. No.
Code
Description
1
3
100
110
successful
citizen number is not verified
29
4
5
7
8
10
11
12
13
14
15
111
112
114
115
120
121
122
123
124
125
finger not found in citizen database

error generating session id
invalid verification reference number
Invalid service provide transaction id
invalid input finger template
invalid finger index
Fingerprint does not matched
invalid finger template format
Citizen is not verified. please advise to visit NADRA center
Invalid citizen number

Field Name
Field type
Length
Franchisee ID
String
Constraints
(if any)
Unique
Session ID
String
19
Mandatory
Username
String
Max
12
characters
Mandatory
Password
String
Max
15
characters
Mandatory
Primary/Sender
Citizen Number
String
13
Mandatory
Photograph
Base
string
Max 10 KB
Mandatory
64
Description
Example

NADRA
issued
Username of Service provider
issues by NADRA for BioVeriSys
1234

Photograph
of
the
Primary/Sender Citizen. The
colored photograph should
comply with normal portrait
photograph standards.
6110119876547
Description
Example
100
100000901000009
0
iuser
ipassword

Field Name
Field type
Length
Code
String
Constraints
(if any)
Mandatory
Message
String
256
Mandatory
Message explaining
response code
Session ID
String
19
Mandatory

issued
1000009010000090
Primary/Sender
Citizen Number
String
13
Mandatory

6110119876547
the
Successful
30

Sr. No.
1
2
3
4
5
6
7
Code
100
130
131
132
133
134
135
Description
successful
photograph does not match
this operation will only be enabled if biometric verification of all available fingers is failed
invalid photograph data
no eyes detected
photograph size is greater than specified limit
image quality is not good
7.2.3 Secret Identity Demographics Data

Field Name
Field type
Length
Constraints
(if any)
Unique
Description
Example
Franchisee ID
String

NADRA
Username
of
Service
for Bio-VeriSys
1234
Username
String
Max
12
characters
Mandatory
Password
String
Max
15
characters
Mandatory
Session ID
String
19
Mandatory

issued
1000009010000090
Primary/Sender
Citizen Number
String
13
Mandatory

session id is issued.
6110119876547
Description
Example
100
iuser
ipassword

Field Name
Field type
Length
Code
String
Constraints
(if any)
Mandatory
Message
String
256
Mandatory

response code
Successful
Session ID
String
19
Mandatory

issued
1000009010000090
Religion
String
Mandatory
Citizen religion
Islam
Mother Name
String
Mandatory
Citizen mother name
Birth Place
String
Mandatory
Citizen place of birth
Lahore
Native Language
String
Mandatory
Citizen native language
Urdu
31
Photograph
Base
string
64
Max 10 Kb
Mandatory
Photograph of the Primary

Citizen.

Sr. No.
1
2
3
Code
100
140
141
Description
Successful
Citizen verification system is down. Please try again later.
This operation will only be enabled if biometric verification of all available fingers and photo
verification are failed
7.2.4 Submit Manual Verification Results

Field Name
Field type
Length
Franchisee ID
String
Constraints
(if any)
Unique
Session ID
String
19
Mandatory
Username
String
Max
12
characters
Mandatory
Password
String
Max
15
characters
Mandatory
Primary/Sender
Citizen Number
String
13
Mandatory
Verification Result
String
16
Mandatory
Description
Example

by NADRA
issued
Username
of
Service
for Bio-VeriSys
1234

Manual verification result
through secret question
data
6110119876547
Description
Example
100
1000009010000090
iuser
ipassword
Successful
Not successful

Field Name
Field type
Length
Code
String
Constraints
(if any)
Mandatory
Message
String
256
Mandatory

response code
Successful
Session ID
String
19
Mandatory

will be used for the billing
to the service providers
400110000010371
9929
32
Citizen Number
String
13
Mandatory

6110119876547
Description
Example

by NADRA
Username
of
Service
for Bio-VeriSys
1234
This
is
the
unique
provider provided for
verification
64078140206175115
01

Sr. No.
1
2
3
4
Code
100
150
151
152
Description
successful
secret question data was not requested

Field Name
Field type
Length
Constraints
(if any)
Unique
Franchisee ID
String
Username
String
Max
12
characters
Mandatory
Password
String
Max
15
characters
Mandatory
Service
Provider
Transaction ID
String
19
Unique per
session
Numeric
Primary/Sender
Citizen Number
String
13
Mandatory
Description
Example
100
Successful
iuser
ipassword
6110119876547

Field Name
Field type
Length
Code
String
Constraints
(if any)
Mandatory
Message
String
256
Mandatory
Message contains
verification result
Session ID
String
19
Mandatory

issued
1000009010000090
Primary/Sender
Citizen Number
String
13
Mandatory
6110119876547
Verification
Functionality
String

Functionality which was
called last time
Mandatory
last
Fingerprint
verification
33

Sr. No.
1
2
3
Code
100
150
151
Description
successful
7.3 Generic Codes description

Sr. No.
1
2
3
4
5
6
7
8
Code
102
103
104
105
106
107
108
109
Description
invalid xml
invalid user name/password
Invalid session id
user do not has access to this functionality
Invalid franchisee id
Citizen verification Service is down. Please try again later.
Exception: system has encountered an unexpected error. Administrator has been informed, please
try again later.
34

BioVeriSys Interface V 6.1

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BioVeriSys Interface V 6.1

Uploaded by

Copyright:

Available Formats

Bio-VeriSys Specification Document

NADRA | STATE BANK BUILDING, SECTOR G-5/2ISLAMABAD

First draft with main content

Added remittance type in

Bank account Number filed

Intended Audience .......................................................................................................................... 4

Technical Interface Specifications................................................................................................... 6

Verification for Mobile Bank Account ..................................................................................... 6

Fingerprint Verification .................................................................................................. 8

Photograph Verification .................................................................................................. 8

Verification through Secret Identity Demographic Data ................................................ 9

Submit Manual Verification Result ............................................................................... 10

Last Verification Result ................................................................................................. 10

Submit Mobile Bank Account Details ............................................................................ 11

Verification for OTC Transaction ........................................................................................... 12

Fingerprint Verification ................................................................................................. 14

Photograph Verification ................................................................................................ 14

Verification through Secret Identity Demographics Data ............................................. 15

Submit Manual Verification Result ............................................................................... 16

Last Verification Result ................................................................................................. 16

Biometric Standards ...................................................................................................................... 18

Fingerprint Standards ........................................................................................................... 18

Photograph Standards .......................................................................................................... 18

Verification for Mobile Bank Account Creation .................................................................... 19

Fingerprint Verification ................................................................................................. 19

Photograph Verification ................................................................................................ 21

Secret Identity Demographics Data .............................................................................. 22

Submit Manual Verification Results .............................................................................. 23

Last Verification Result ................................................................................................. 25

Submit Mobile Bank Account Details ............................................................................ 27

Verification for OTC Transaction ........................................................................................... 28

Fingerprint Verification ................................................................................................. 28

Photograph Verification ................................................................................................ 30

Secret Identity Demographics Data .............................................................................. 31

Submit Manual Verification Results .............................................................................. 32

Last Verification Result ................................................................................................. 33

Generic Codes description .................................................................................................... 34

5 TECHNICAL INTERFACE SPECIFICATIONS

Verification For Mobile Bank

Verification For OTC

5.2 Verification for Mobile Bank Account

Service will generate unique session id.

The 8 attempts for fingerprints verification can be requested.

Each fingerprint can be submitted only twice for verification.

If the verification is successful, the session will expire automatically.

act Verification Flow -Mobile bank Account

Yes perforrm 1:1 Fingerprint

Send verification result as

Session time< 30 Min &

Session time< 30 Min &

Send Mobile Bank Account

Session time< 30 Min &

Yes Send Secret question

Submit Wallet details

Receive Mobile Bank Account

Bio-VeriSys verification for Mobile Bank Account

5.2.1 Fingerprint Verification

NOTE: Session id is a billable entry

The operation produces a response as mentioned in Annexure A: 7.1.1. Fingerprint

5.2.2 Photograph Verification

The operation takes input as mentioned in Annexure A: 7.1.2. Photograph Verification

ICAO Compliance: Photograph will be checked for ICAO compliance.