---
title: "Sender eKYC (Biometric) API Reference"
description: "Initiate biometric Aadhaar eKYC to verify and upgrade a DMT sender's account."
canonical: "https://eps.eko.in/docs/dmt-fino-sender-ekyc"
---


> **Canonical URL:** https://eps.eko.in/docs/dmt-fino-sender-ekyc
> This is a machine-readable Markdown version of the page for AI agents and LLMs. The primary (HTML) version lives at the canonical URL above.

# Sender eKYC (Biometric) API Reference

`PUT https://staging.eko.in/ekoapi/v3/customer/payment/dmt-fino/sender/{customer_id}/otp`

Initiate biometric Aadhaar eKYC to verify and upgrade a DMT sender's account.

Performs biometric eKYC using fingerprint data linked to the sender's Aadhaar number. Requires a compatible biometric capture device. The biometric PID data (XML payload) is captured at the agent's terminal and submitted along with the Aadhaar number. On success the system dispatches an OTP for confirmation; call Validate eKYC OTP next. A successful eKYC upgrades the sender's monthly limit from ₹5,000 to ₹25,000.

> View product & pricing details: [Domestic Money Transfer (DMT)](https://eps.eko.in/products/dmt-api.md)

## Path parameters

| Field | Type | Required | Description |
| --- | --- | --- | --- |
| customer_id | string | yes | Sender's 10-digit mobile number. e.g. 9123456789 |

## Body parameters

| Field | Type | Required | Description |
| --- | --- | --- | --- |
| initiator_id | string | yes | Registered mobile number of the API user (see Platform Credentials). e.g. 9962981729 |
| user_code | string | yes | User code of the retailer/agent the service is run for. e.g. 20810200 |
| client_ref_id | string | no | Unique reference id per API call, generated by your system. e.g. REQ-20260101-001 |
| aadhar | string | yes | 12-digit Aadhaar number of the sender. e.g. 234567890123 |
| piddata | string | yes | XML-encoded biometric PID data captured from a certified biometric device (fingerprint scanner). e.g. <PidData><Resp errCode="0" errInfo="Capture Success" .../></PidData> |

## Headers

| Field | Type | Required | Description |
| --- | --- | --- | --- |
| developer_key | string | yes | Static API key issued to your account after KYC. |
| secret-key | string | yes | Dynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))). |
| secret-key-timestamp | string | yes | Current time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time. |
| content-type | string | yes | application/json e.g. application/json |

## Response

⭐ marks fields highlighted as verifiable.

| Field | Type | Description |
| --- | --- | --- |
| status | number | Primary success indicator (0 = success). |
| message | string | Human-readable response / error message. |
| response_status_id | number | Granular status id; see the shared error-codes table. |
| response_type_id | number | A unique id for every possible response shape (success or error) — useful for client logic branching and analytics. |
| data | object | API-specific response payload. |
| data.kyc_request_id ⭐ | string | Unique identifier for this KYC request. Required for the Validate eKYC OTP step. |
| data.otp_ref_id | string | Reference ID for the OTP sent to the sender's Aadhaar-linked mobile. |
| data.mobile | string | Masked mobile number to which the OTP was dispatched. |

## Example request

```json
{
  "initiator_id": "9962981729",
  "user_code": "20810200",
  "client_ref_id": "REQ-20260101-001",
  "aadhar": "234567890123",
  "piddata": "<PidData><Resp errCode=\"0\" errInfo=\"Capture Success\" .../></PidData>"
}
```

## Example response

```json
{
  "status": 0,
  "response_status_id": 0,
  "message": "OTP sent for eKYC verification",
  "response_type_id": 1388,
  "data": {
    "kyc_request_id": "KYC20240101001",
    "otp_ref_id": "OTPREF20240101001",
    "mobile": "XXXXXXX789"
  }
}
```

## Error scenarios

| Status | Scenario |
| --- | --- |
| 200 | Sender already KYC verified — no further upgrade needed |