Identity verification in Pakistan
Pakistan is the world's fifth most populous country (~240 million) and one of South Asia's most consequential fintech and financial-inclusion stories. The compliance stack is built around the Computerised National Identity Card (CNIC) and its biometric successor Smart National Identity Card (SNIC), both issued by the National Database and Registration Authority (NADRA); the Anti-Money Laundering A
Documents supported
(Government IDs from 220+ countries)
Average verification time
Countries covered
(Government-issued IDs validated)
Market overview
Pakistan is South Asia's second-largest economy after India, with an estimated population of ~240 million, a median age under 21, and a mobile penetration exceeding 195 million connections per the Pakistan Telecommunication Authority (PTA). Financial inclusion has historically been among the lowest in the region, but a decade of reforms — the launch of branchless banking in 2008, the National Financial Inclusion Strategy (NFIS) in 2015, and the rollout of Raast (Pakistan's first instant-payment system, developed by the State Bank of Pakistan with Bill & Melinda Gates Foundation support) in 2021 — has widened the formal base to more than 100 million mobile wallet accounts, driven by JazzCash, Easypaisa (recently converted into Pakistan's first fully digital retail bank), NayaPay, SadaPay an
Supported documents
Didit templates cover national IDs, passports, residence permits and regional documents — plus 14,000+ documents globally for cross-border flows.
NADRA
Laminated card bearing a 13-digit identity number, photograph, signature, name in English and Urdu, date of birth, father/husband name, permanent and present address
The foundational Pakistani KYC document. Every SBP- and SECP-licensed entity must capture the 13-digit number and verify it against NADRA. The CNIC is the legal basis for bank accounts, mobile wallets
NADRA
ICAO-9303 / ISO/IEC 7816-4 compliant smart card with contact chip, 36 security features, biometric linkage (10 fingerprints + 2 iris + facial photo on the NADRA backend)
The current-generation national ID. Machine-readable and biometrically deduplicated. Didit reads and parses all currently-circulating SNIC generations including the latest UV-secured variant.
NADRA
Polycarbonate card / SNICOP smart variant issued by Pakistani consulates
Proof of Pakistani citizenship for overseas residents; accepted by banks for NRP (Non-Resident Pakistani) account opening, Roshan Digital Account onboarding, and Pakistan-side property / pension acces
NADRA
Card issued to foreign nationals of Pakistani origin and their spouses
Grants visa-free entry and (with limitations) equal treatment with Pakistani citizens for financial and property matters. Accepted by banks operating Roshan Digital Accounts.
Ministry of Interior — Directorate General of Immigration & Passports
ICAO-9303 biometric booklet
Primary travel document and a secondary KYC document; cross-verified against NADRA via the shared citizen database.
NADRA
Paper / smart card for minors under 18
Used for welfare enrolment, school, passport issuance for minors; not a standalone adult KYC document.
National Aliens Registration Authority (NARA), now under NADRA
Card for registered foreign residents
Required for KYC of foreign residents; typically paired with the foreign passport.
NADRA / Pakistan Digital Authority
Mobile-app credential under the Digital Nation Pakistan Act 2025
Emerging digital ID; long-term intended as the default mobile-friendly credential for remote onboarding.
Regulators
AML supervisor
NADRA
regulated
Biometric (fingerprint + photo), 98%+ population coverage
NADRA
regulated
New digital ID via PAK ID mobile app under Digital Nation Pakistan Act 2025
FBR (Federal Board of Revenue)
regulated
SECP
open
Government & regulated databases
Compliance framework
AML framework
Supervised by AMLA 2010
Primary AML statute. The Anti-Money Laundering Act, 2010 (AMLA 2010) is Pakistan's umbrella AML/CFT law, enacted in March 2010 and amended substantively in 2015, 2016, 2020 (AMLA Amendment Act 2020), and further through 2022 to address FATF action-plan items. AMLA 2010 criminalises money laundering, establishes the Financial Monitoring Unit (FMU) as Pakistan's FIU, obliges reporting entities to carry out CDD, keep records for a minimum of five years, file STRs (no threshold) and CTRs (PKR 2 mill
Data protection
Supervised by not
- PECA 2016 requires service providers to retain traffic data (logs, metadata) for at least one year and hand it to the FIA on lawful request. It does not impose blanket localisation. - SBP outsourcing and IT security circulars require banks and EMIs to keep a complete, readable and auditable copy o
Penalties for non-compliance
2. Audit-trail depth. SBP and SECP examiners routinely sample historical onboarding files. A missing liveness score, Verisys response or consent record is a supervisory finding, and repeat findings drive administrative fines and licence restrictions.
Use cases
Neobanks, EMIs, payment institutions, lenders, brokerages.
SBP-supervised remote onboarding follows a tiered model calibrated around the CNIC and NADRA biometric verification. The framework was laid down by the Branchless Banking Regulations (BPRD) and extended by the EMI Regulations 2019 (revised 2023) and subsequent KYC/biometric circulars.
Exchanges, custodians, wallets, on/off-ramps.
Virtual assets are in active regulatory transition. The Virtual Assets Ordinance 2025 (promulgated 8 July 2025) and the subsequent Virtual Assets Act 2025 (passed by Parliament later in 2025) created the Pakistan Virtual Asset Regulatory Authority (PVARA) — an 11-member board including the SBP Gover
Sports betting, online casinos, age-gated platforms.
iGaming is prohibited. The federal Prevention of Gambling Act, 1977 (Act XXVIII of 1977) criminalises wagering, running a common gaming house, and being found in one; parallel provincial ordinances (notably the Sindh Prevention of Gambling Ordinance, 1978) extend the prohibition across Pakistan. Ope
Gig platforms, delivery, creator economy, e-commerce.
Pakistan's marketplace economy — Daraz (Alibaba-owned), Foodpanda, Bykea, Careem, inDrive, Airlift successors, and a growing cohort of freelance platforms serving Pakistan's ~2-million-strong freelancer base (one of the world's largest on Upwork and Fiverr) — is not directly subject to SBP or SECP A
Biometric liveness
SBP's regulatory posture is unusually explicit on biometrics: - SIM cards. Since 2014–2015 the PTA, acting together with NADRA, mandated biometric verification (fingerprint against the NADRA template) for every SIM issuance and re-issuance. This created the deepest CNIC-to-phone-number binding in South Asia. - Branch account opening. SBP has required biometric verification against the NADRA database for every new individual bank account opened in branch since 2017, in response to the Panama Pape
CERTIFICATIONS
Our platform meets the highest international standards for information security, data privacy, and biometric accuracy.
Full EU data protection compliance
Information security management
PAD (liveness + face match)
TRUSTED WORLDWIDE
Join thousands of companies that trust Didit for their verification needs
Didit’s NFC + active biometrics technology blocks the most advanced fraud scenarios, offering a level of security equivalent to or superior to in-person verification.
Spanish Financial Sandbox
CNMV, SEPBLAC & Spanish Treasury — Conclusions Report
Didit is an exceptionally valuable partner, delivering a stable and highly adaptable solution”.
Vuk Adžić
Head of the E-Business Department at Crnogorski Telekom
Didit offered us a robust technology with a simple implementation and adaptability to different markets”.
Fernando Pinto
CEO & CoFounder at TucanPay
Thanks to Didit we have been able to reduce manual processes and improve data extraction accuracy”.
Diana Garcia
Trust & Safety Executive at Shiply
Didit’s integration slashed verification times and costs, freeing resources for other projects”.
Guillem Medina
COO at GBTC Finance
Didit removed KYC costs, enabling faster scaling with high verification standards and less fraud.”
Paul Martin
VP Marketing & Growth at Bondex
Didit’s secure, user-friendly verification boosts customer trust and optimizes our process.”
Cristofer Montenegro
Executive assistant to the CEO at Adelantos
Didit ensures a precise, secure digital onboarding without slowing negotiations or client time.”
Ernesto Betancourth
Gerente de riesgos at CrediDemo
FAQ
Yes. Pakistan permits remote KYC onboarding under its national AML framework, including document verification, biometric liveness and video identification where required by regulation.
Didit verifies all major national IDs, passports and residence permits issued in Pakistan, plus 14,000+ document types globally for cross-border flows.
Didit charges $0.30 per verification with 500 free checks per month. No contracts, no minimums. Competitors typically charge $1.00–$2.50+ per verification.
Yes. Didit screens against 1,000+ global watchlists including PEP databases, sanctions lists (EU, UN, OFAC, OFSI), and adverse media — covering all AML obligations in Pakistan.
Most regulated sectors in Pakistan require or strongly recommend biometric liveness detection for remote onboarding. Didit provides ISO 30107-3 PAD Level 2 certified liveness.
Yes. Didit supports document verification, liveness, AML screening and ongoing monitoring aligned with Pakistan’s crypto regulatory framework, including EU Travel Rule compliance where applicable.
Yes. Didit provides document-based age verification and identity confirmation suitable for Pakistan’s iGaming regulatory requirements.
500 free verifications per month. No contracts, no minimums. $0.30 per verification after the free tier.
