The National Payments Corporation of India (NPCI) has sent a letter to fintechs to stop using the UPI (Unified Payment Interface) system , for any other service other than payments and settlements.

Currently, there are instances where fintechs are using virtual IDs created on UPI to access customer names, bank account statuses, alternate UPI IDs, and to verify customer mobile numbers. This is unauthorized by NPCI and the Reserve Bank of India as per rules.

NPCI, in a letter to fintechs earlier this month, instructed these firms to shut down such services, according to an Economic Times report.

“NPCI has observed instances of unauthorised use of UPI APIs by certain participants. In accordance with the guidelines set forth…the UPI APIs provided by NPCI are strictly for the purpose of facilitating “UPI payments” for customers and for required verification of users for fraud prevention. These APIs must not be used independently for any other purposes other than the above mentioned,” the letter read, as reported by ET.

The report added that Idfy, Cashfree and other fintechs offer this service by using UPI APIs offered by NPCI, either directly or through their partner entities like banks and third party payment applications like PhonePe, Paytm and such. 

Participating members with access to these APIs are prohibited from entering into commercial arrangements with third parties for the provision of “APIs as a service”, NPCI said in its letter.

“Any violation of these compliance guidelines will be dealt with the utmost severity, including the imposition of penalties or cessation of UPI services," the letter added.