---
page_source: https://juspay.io/in/docs/lotuspay/web/nach-debit-flow/esign-emandate-authorisation-modes
page_title: eSign eMandate authorisation modes
---


# eSign eMandate authorisation modes




## Customers authorise NACH Debit mandates on your branded page on the LotusPay secure site. eSign eMandates can be authorised via OTP, biometric, iris or facial recognition. Customers have to agree to the NACH consent.



Whatever route customers go through, they will land on your electronic mandate ('eMandate') authorisation page on our secure website. This page is branded with your company's logo and name. On this page, the customer checks the mandate details, agrees to the NACH consent, and proceeds with authorising it via the eSign gateway.

With eMandates authorised via Aadhaar eSign, the customer needs to enter their Aadhaar number or [Aadhaar Virtual ID](https://juspay.io/in/docs/lotuspay/web/nach-debit-flow/esign-emandate-with-aadhaar-virtual-id) number on the eSign gateway page.

'eSign eMandates' are the type of eMandates that are created via an eSign gateway. They are authorised via OTP, biometric (fingerprint), iris or facial recognition. The customer should already have Aadhaar, their mobile number updated in their Aadhaar, and their Aadhaar number updated in their bank account.

All authorisation modes are available for any live destination bank i.e. if they have integrated that auth mode with NPCI. For a full list of live banks and authorisation modes, please see the [NPCI website](https://www.npci.org.in/what-we-do/nach/live-members/e-mandates).

NPCI operates a general policy that a NACH bank may go live as a sponsor bank for a particular variant only after they have first gone live as a destination bank for that variant.

General prerequisites for eSign eMandate:

* The customer should have Aadhaar.
* The customer must have their mobile number updated in their Aadhaar.
* The customer should have their Aadhaar number updated in their bank account.
* (For biometric fingerprint auth mode) The customer must have their mobile number available to receive the OTP.

The [Mandate variants and types article](https://juspay.io/in/docs/lotuspay/web/nach-debit-flow/mandate-variants-and-types) explains how you can identify the mandate variant and auth mode by specific characters in the UMRN.

You can direct your customers to a page on your app/website to show them a step-by-step guide to authorising their Aadhaar eSign eMandate. You may copy and edit/customise our example from [here](https://juspay.io/in/docs/lotuspay/web/knowledge-base/authorising-an-esign-emandate).


## Auth mode: OTP



This is the default auth mode. The customer will be directed to the eSign gateway. Here they enter their Aadhaar number or virtual ID, accept the resident consent, and do the eSign.

The customer will receive the one-time password as an SMS text message on the mobile number linked to their Aadhaar. To know whether the customer has a mobile number linked to their Aadhaar, the customer can simply check their latest Aadhaar card - if a mobile number is updated, it will show on the card itself. The customer can also check on the [UIDAI](https://resident.uidai.gov.in/aadhaar-services) website or mAadhaar app.


## Auth mode: Biometric (fingerprint), Iris, Facial recognition



You'll need to purchase UIDAI-approved biometric devices from the market, and integrate them into your workflow/app on your representative's mobile/tablet/computer. This requires the customer's physical presence with your representative e.g. at the customer's residence, at your branch office, at a store location etc.

You would install a specific Android APK app file to get the biometric device to communicate with our checkout page. Once the customer is redirected to the eSign gateway with this auth mode, they enter their Aadhaar number or Virtual ID, and proceed. The browser will invoke the device drivers to initiate the biometric authorisation on the biometric device attached to this mobile/tablet/computer.

Please contact Support for more information.


## NACH Debit consent



The customer must agree to the NACH Debit consent. This is a requirement from the National Payments Corporation of India wherein the customer is giving consent for direct debit of their bank account. The text is as follows:

1. _I am authorising LotusPay, on behalf of_ _**[MERCHANT NAME]**_ _, to debit my account based on the instructions herein._
2. _I understand that the bank where I have authorised the debit may levy one time mandate processing charges as mentioned in the bank's latest schedule of charges._
3. _I understand that I am authorised to cancel/amend this mandate by appropriately communicating the cancellation/amendment request to_ _**[MERCHANT NAME]**_ _or the bank where I have authorised the mandate._

Most banks do not charge their customers for setting up mandates on their bank accounts.


## Resident consent



The customer must agree to the resident consent. This is a requirement from the Unique Identification Authority of India (UIDAI) wherein the customer is giving consent for their Aadhaar eKYC to be used for the specific purpose mentioned. The text on the LotusPay eSign gateway page is as follows:

_I hereby authorize [ESP name] to -_ 

1. _Use my Aadhaar / Virtual ID details (as applicable) for the purpose of digitally signing the NACH Debit eMandate for/with LotusPay Solutions Private Limited and authenticate my identity through the Aadhaar Authentication system (Aadhaar based e-KYC services of UIDAI) in accordance with the provisions of the Aadhaar (Targeted Delivery of Financial and other Subsidies, Benefits and Services) Act, 2016 and the allied rules and regulations notified thereunder and for no other purpose._
2. _Authenticate my Aadhaar / Virtual ID through OTP or Biometric for authenticating my identity through the Aadhaar Authentication system for obtaining my e-KYC through Aadhaar based e-KYC services of UIDAI and use my Photo and Demographic details (Name, Gender, Date of Birth and Address) for the purpose of digitally signing the NACH Debit eMandate for/with LotusPay Solutions Private Limited._
3. _I understand that Security and confidentiality of personal identity data provided, for the purpose of Aadhaar based authentication is ensured by Protean and the data will be stored by Protean till such time as mentioned in guidelines from UIDAI from time to time._