This KYC deadline for Aadhaar, PAN, Voter ID and Driving License has been extended till January 20

The Indian government has taken steps to strengthen Know Your Customer (KYC) data security. To prevent misuse, they proposed to mask sensitive KYC identifiers such as PAN, Aadhaar, Voter ID and driving license numbers. Originally scheduled for a December deadline, authorities granted an extension until January 20, 2025. This additional time allows individuals to complete the KYC process for various financial institutions and services. This extension gives financial institutions more time to adapt to the new requirements and ensure a smooth transition.
“Considering the requests received from various reporting entities, it has been decided to postpone the date of going live for KYC ID masking from December 16, 2024, after 8:00 p.m., to January 20, 2025, after 8:00 p.m.,” according to a statement official of Central register of KYC records dated December 16, 2024.

How KYC Masking Feature Will Help Users

The new system, scheduled to be implemented on January 20, 2025, will hide sensitive information in KYC documents. Only the last four digits of identifiers such as Aadhaar, PAN, Voter ID and Driving License numbers will be visible. This measure aims to strengthen data confidentiality and security.
The Central KYC Records Registry (CKYCRR) has outlined the process of the new masked KYC system. From January 20, 2025, registered reporting entities (REs) will be able to display only the last four digits of KYC identifiers such as Aadhaar, PAN, Voter ID and Driving License. To access the full KYC records, REs will need to authenticate and upload the record using either the masked KYC ID or a unique CKYC reference ID. This two-factor authentication system aims to strengthen data security and prevent unauthorized access.

CKYC wants to prevent unauthorized use of your KYC data

The Central KYC Records Registry (CKYCRR) is implementing a new security measure to protect user data. This measure consists of restricting access to KYC information based on unique IP addresses. The aim is to prevent unauthorized access and misuse of sensitive data.
Previously, regulated entities (REs) often outsourced KYC collection to third-party service providers. These intermediaries would access the KYC data using their own IP addresses. To enhance security, CKYCRR now requires REs to directly access KYC data using their own IP addresses. This change is intended to limit access to authorized personnel only.
The deadline for implementing this new system is December 31, 2024. REs will need to make the necessary adjustments to comply with this requirement.