Unlocking Financial Inclusion Using Biometrically Verified SIMs

26 July 2016

In 2015, Pakistan became the first country in the world to leverage biometric SIM verification for remote mobile wallet account opening. The results have been impressive.

Approximately 50% of new registered mobile wallet accounts in 2015 were opened via biometric verification in 2015, a year when the number of these accounts tripled – from 5 million to 15 million.

There’s no doubt the use of biometric SIM verification is helping fuel the push to achieve the goal of 50% financial inclusion by 2020, in a country where overall account penetration remains low (23%). Indeed, both lack of proximity to a bank or agent and paperwork requirements are cited as barriers to account opening (by 7% and 8% of the unbanked population, respectively).

To explore remote account opening and the motivations behind this more deeply, we talked to various members of the Banking Policy and Regulation Department (BPRD) at the State Bank of Pakistan (SBP), which is the primary branchless banking regulatory body in the country.

A New Environment

Pakistan’s 2008 branchless banking regulations for the first time permitted a biometric fingerprint scan at an agent to open the lowest level mobile wallet account as an alternative to visiting a bank branch. But compliance proved difficult due to the high costs of equipping all agent locations with fingerprint readers. Eventually, the regulations were revised in 2011, permitting customers to apply remotely at agents for a branchless banking account using just their digital photos and a photo of their national ID card.

However, in August 2014 a new context emerged: Due to security concerns about unregistered SIMs, the Pakistan Telecom Authority declared that all new SIMs and eventually also all existing SIMs in the market must be registered to the national ID card – a unique number that is linked to an adult citizen’s basic information and biometrics held in a central database. All existing SIMs that were not verified were deemed redundant and shut down. As of May 2016 there are over a 130 million verified SIMs in Pakistan, a country of 75 million adults.

This new environment allowed both branchless banking providers and SBP the opportunity to experiment.

How It Works

In 2015, a branchless banking provider approached the central bank with an innovative idea – to open remote accounts for customers with verified SIMs. The central bank gave permission for a soft launch on the basis of its business case.

According to Rajesh Raheja, Joint Director in SBP’s Banking Policy & Regulations Department, financial inclusion through digital financial services is one of the top priority items on the agenda of the central bank. The fact that each SIM is now directly linked to the biometric ID data held in the national ID database “provided comfort to the State Bank” and allowed it to consider remote account opening on already verified SIMs, as “the primary consideration for the central bank is the proper identification of the account holders.” The hope was that remote account opening could provide a much needed boost to the total number of registered mobile wallet accounts, which until then had stayed relatively low, with the majority of customers using over-the-counter services at agents.

The process is simple and immediate: Customers with biometrically verified SIMs enter a USSD code designated by their providers, to set up an account in less than 30 seconds. The process requires no paperwork and no trip to an agent, let alone a branch. The central bank is clear, though, that the use of biometrically verified SIMs does not change anything with regard to “the responsibility of identifying customers, ownership, and custodianship of customer accounts, as well as biometric data records” – this still lies with the branchless banking providers.

Photo Credit: Ayesha Vellani

What’s Next

The State Bank has recently revised the branchless banking regulations to acknowledge the advantages of using biometrically verified SIMs. Now all branchless banking providers are eligible for remote account opening of the lowest level account after a three-month pilot phase. Furthermore, know-your-customer (KYC) requirements have been simplified and transaction limits for fund transfers increased for customers with biometrically verified SIMs. After 30 June 2017, all over-the-counter transactions without biometric verification will be prohibited – a move that could have a significant impact on the market.

The Pakistan case is still in the early days. More data are required on how the remote account opening phenomenon plays out in the long term, particularly in regard to account activity rates. It also may be unique and hard to replicate for countries without a similarly sophisticated unique ID system and tiered KYC structure in place. However, nations that already have these basic ingredients and suffer from low account penetration and/or small agent networks could benefit from exploring remote account opening in order to advance their financial inclusion agenda.



Very interesting article. i would like to know how many regulators in developing countries have already enabled this option? And with relation to Pakistan, apart form statistics regarding accounts opened, would it be possible to obtain information regarding frauds committed? Can a person open multiple accounts this way? Is there a centralized data base of accounts opened via biometrical SIM identification?

Submitted by Naeha Rashid on
Thanks for your comment! I'm not sure how many other countries have enabled this options so far - as we mentioned I believe Pakistan is the first. SBP records information on frauds committed but they don't share this information in their branchless banking newsletters. In addition the Financial Inclusion Insights surveys ask customers questions about mobile money / agent complaints, but again you would need to get access to their full data set to see this information. The question about multiple accounts is a complex one. In Pakistan a CNIC holder can open up to 5 SIMs against their unique number.. So while an individual could only open one USSD based mobile money account per SIM with their service provider, they could in theory have 5 accounts (one for each SIM). In addition, now that providers have started mobile wallet apps, customers are not limited to opening accounts on just their SIMs service provider. So using a single SIM you could have a USSD based mobile wallet with your service provider, and an app based wallet with another provider. I'm not sure if there is a centralized database of BVS opened accounts. NADRA is the most likely to host this system, but again this would have to be confirmed.

Submitted by Stan on
Thank you for the interesting post. Leveraging SIM registration and KYC requirements for opening accounts is a big step towards financial inclusion. Having a unique key - like biometrics - allows companies and governments to aggregate and process significant amount of data to explore commercially and for surveillance, though. It is important to have adequate privacy protection framework to avoid abusive sharing and usage of this robust data. Can you give us some idea of the data privacy and protection regulation in place in Pakistan?

Submitted by Naeha Rashid on
Thanks for your comment! Data privacy is a big question for Pakistan and will likely be an area of focus in the coming years. The country does have a 2005 Data Protection Act but unfortunately this has not been promulgated into law yet. While all organizations regulated by SBP have to follow consumer protection rules, in the absence of a broader law, data can still be misused.

Add new comment