Aadhaar Masking

Endpoint Overview

POST /api/v1/ocr/mask-aadhaar

Description

The Aadhaar Masking API provides a secure way to mask sensitive information on Aadhaar cards. It accepts an Aadhaar card image (JPEG/PNG) or PDF document and returns a download link to a masked version of the Aadhaar card where personally identifiable information is obscured while maintaining the document's validity for verification purposes. This helps organizations comply with privacy regulations while still being able to use Aadhaar for KYC processes.

Key Benefits

Ensures compliance with UIDAI guidelines for Aadhaar data protection

Prevents unauthorized access to sensitive personal information

Reduces risk of identity theft and fraud

Simplifies document management while maintaining privacy

Use Cases

Financial Services

Insurance

HR & Employment

KYC verification while protecting customer PII data

Secure document storage for loan applications

Compliant customer onboarding for banking services

Technical Implementation

Authentication

All API requests require authentication using a JWT Bearer token. Authentication follows these steps:

Obtain API Credentials: Register with Surepass to receive your API key.

Generate JWT Token: Use your API key to generate a JWT token.

Include in Requests: Add the token to the Authorization header as Bearer TOKEN.

Different authentication tokens are used for sandbox and production environments:

Sandbox: https://sandbox.surepass.io

Production: https://kyc-api.surepass.io

Request Parameters

Request Headers

Header	Required	Description
Authorization	Yes	Bearer token authentication using JWT
Content-Type	Yes	multipart/form-data

Request Body

1. For File Upload

Parameter	Type	Description
file	Image	Upload Cheque Image
use_pdf	Boolean	If the file type is PDF, set this to true

2. For Base64 Input

Parameter	Type	Description
base_64	String	Cheque Image in Base64 format

3. For Image URL Input

Parameter	Type	Description
link	String	Cheque Image Link/URL

Example Request

Process Response

Response Parameters

Parameter	Type	Description
data	Object	Contains the response data
data.client_id	String	Unique identifier for the client request
data.masked_image	String	URL to download the masked Aadhaar image
status_code	Integer	HTTP status code of the response
success	Boolean	Indicates if the request was successful
message	String or null	Additional information about the response
message_code	String	Code indicating the status of the request

Example Successful Response

{
    "data": {
        "client_id": "aadhaar_masking_tldsfdgdfgsdfhdkTadgsKnMhePiDB",
        "masked_image": "https://aadhaar-kyc-docs.s3.amazonaws.com/link"
    },
    "status_code": 200,
    "success": true,
    "message": null,
    "message_code": "success"
}

Possible Error Responses

Authentication Error

Invalid Image

Invalid File Format

Server Error

{
    "error": null,
    "message": "Your token is invalid. Please ensure that correct token is being used.",
    "status_code": 401,
    "success": false,
    "message_code": "invalid_token"
}

Occurs when the JWT token is missing, invalid, or expired.

Integration Best Practices

Security Recommendations

Store the masked Aadhaar images securely with appropriate access controls

Implement TLS/SSL for all API communications

Delete original unmasked Aadhaar documents after processing

Implement proper error handling to avoid exposing sensitive information

User Experience Guidelines

Inform users that their Aadhaar will be masked for privacy protection

Provide clear instructions on acceptable file formats and sizes

Implement a progress indicator during file upload and processing

Display appropriate error messages when validation fails

Code Samples

cURL

Python

Node.js

Related APIs

OCR Aadhaar API: Extracts information from Aadhaar cards

Aadhaar Verification API: Verifies Aadhaar details with UIDAI

Document Verification API: Verifies authenticity of various identity documents

Compliance and Legal Considerations

The Aadhaar Masking API helps organizations comply with the UIDAI's Aadhaar Act regulations, which prohibit storing unmasked Aadhaar numbers. Organizations must ensure they have appropriate consent from users before processing their Aadhaar information, even in masked form. The masked Aadhaar should be used and stored in accordance with applicable data protection laws.

Provide your bearer token in the

Authorization

header when making requests to protected resources.

Example:

Authorization: Bearer ********************

{ "data": { "client_id": "aadhaar_masking_tldsfdgdfgsdfhdkTadgsKnMhePiDB", "masked_image": "https://aadhaar-kyc-docs.s3.amazonaws.com/link" }, "status_code": 200, "success": true, "message": null, "message_code": "success" }

Aadhaar Masking

Aadhaar Masking#

Description#

Use Cases#

Technical Implementation#

Request Headers#

Request Body#

1. For File Upload#

2. For Base64 Input#

3. For Image URL Input#

Example Request#

Response Parameters#

Example Successful Response#

Possible Error Responses#

Integration Best Practices#

Code Samples#

Request

Responses

Aadhaar Masking

Description

Use Cases

Technical Implementation

Request Headers

Request Body

1. For File Upload

2. For Base64 Input

3. For Image URL Input

Example Request

Response Parameters

Example Successful Response

Possible Error Responses

Integration Best Practices

Code Samples