Skip to main content

Individual Customer Onboarding

The individual customer onboarding process handles new user registration, identity verification, and account activation within the Kulpay ecosystem. To maximize financial inclusion, Kulpay implements a Tiered KYC (Know Your Customer) approach that allows instant account opening with progressive identity verification.

Onboarding Strategy

Kulpay follows a "Progressive Disclosure" philosophy: don't ask for everything at once. Collect what is needed to get the customer started, then request additional verification (biometrics, formal documents) as their transaction volume grows.

KYC Tiers

TierAccess LevelRequirementsTransaction Limits
Tier 1 (Lite)Instant account with basic featuresPhone verification + National ID (BI) or Voter's Card via OCR + Selfie liveness checkLower daily/monthly limits
Tier 2 (Full)Full account with all featuresTier 1 + In-person fingerprint capture at an agent location + NUIT validationHigher limits unlocked

Channels

ChannelTarget AudienceDescription
USSDFeature phone users, low-connectivity areasText-menu-based registration flow
Data-lite AppSmartphone users with limited dataLightweight mobile app optimized for low bandwidth
Standard AppSmartphone usersFull Kulpay mobile app

Participants

ParticipantRole
CustomerInitiates registration via USSD, data-lite app, or mobile app
Kulpay APIProcesses registration, runs verifications
LiveAIEngineBiometric liveness detection, face matching, and document OCR
NUIB APINational identity verification
AgentFacilitates in-person fingerprint capture for Tier 2 upgrade
Back Office ReviewerReviews KYC documents and approves/rejects

Process Flow

Step-by-Step

Phase 1: Phone Verification

  1. Customer enters their phone number (E.164 format) via app or USSD
  2. System checks for duplicate registrations
  3. If new, an OTP is sent via SMS
  4. Customer enters the 6-digit OTP to verify ownership

Phase 2: Document Capture & Liveness (Tier 1)

  1. Customer selects their ID document type (BI, Voter's Card, passport, or DIRE)
  2. Document is captured via OCR — auto-fills name, date of birth, and ID number
  3. Customer captures a live selfie
  4. LiveAIEngine performs a liveness check and face match against the national ID database
  5. Customer reviews and confirms the extracted data

Phase 3: Instant Account Activation (Tier 1)

  1. Customer defines their access PIN
  2. Account is created immediately with Tier 1 (Lite) status
  3. Customer can begin transacting with lower daily and monthly limits
  4. No back-office review required for Tier 1

Phase 4: Tier 2 Upgrade (In-Person at Agent)

  1. When ready, the customer visits a physical agent location
  2. Agent captures the customer's fingerprint (biometric Phase 2)
  3. Customer enters their NUIT (tax identification number)
  4. System validates the NUIT
  5. Registration is submitted for back-office review

Phase 5: Back Office Review (Tier 2)

  1. Reviewer accesses the pending customer list
  2. Reviewer views customer details and uploaded documents
  3. NUIB verification is performed against government records
  4. Customer is checked against regulatory lists (sanctions, PEP)
  5. A risk level is assigned to the customer
  6. Based on risk assessment: account is upgraded to Tier 2 or upgrade is rejected
  7. Customer is notified of the outcome via SMS

Biometric Capture

Biometric capture follows a phased approach to minimize onboarding friction:

PhaseTimingMethodApplies To
Phase 1During signupFacial recognition (selfie) via smartphoneAll individual customers
Phase 2At agent locationFingerprint capture during first Cash-Out or Tier 2 upgrade visitCustomers upgrading to Tier 2

This validates the digital identity with a physical touchpoint without creating upfront barriers to account opening.

Authentication (Existing Users)

For returning customers:

  1. Enter PIN (3 attempts allowed)
  2. After 3 failed attempts: account is suspended for 60 minutes
  3. PIN recovery options:
    • SMS/email OTP recovery
    • Customer support assisted recovery (security questions)
EndpointPurpose
POST /v1/customers/initiateStart registration, send OTP
POST /v1/customersVerify phone with OTP
PUT /v1/customers/{id}Update customer details
POST /v1/customers/{id}/upload-documentUpload ID document
POST /v1/customers/{id}/upload-selfieUpload selfie for verification
GET /v1/customers/{id}/kycList KYC verifications
PUT /v1/customers/{id}/kyc/{kyc_id}/reviewsReview KYC
GET /v1/system/config/supported-docsGet accepted document types

Business Rules

  • Phone number is the primary account identifier
  • OTP codes are 6 digits
  • PIN has a maximum of 3 attempts before suspension
  • Account suspension lasts 60 minutes
  • KYC document types: bi, voters_card, passport, dire
  • Face match and liveness are required for Tier 1 activation
  • Fingerprint capture is required for Tier 2 upgrade
  • NUIB verification is mandatory for Tier 2 Mozambican customers
  • Tier 1 accounts have lower transaction limits to allow immediate use
  • Tier 2 limits are unlocked after full biometric validation and back-office approval