13 - FAQ & Glossary
Common backend questions + glossary of terms specific to the eKYC domain.
Frequently Asked Questions
FAQWhy Clean Architecture with 5 projects?
The separation forces the business logic in Application to be independent of infrastructure decisions (DB, external APIs, queues). You can swap PostgreSQL for SQL Server, or Kafka for RabbitMQ, without touching Application code. Tests can mock interfaces without hitting a real DB.
FAQWhy no CQRS MediatR framework?
The project uses Command and Result DTOs but calls services directly instead of going through MediatR. This is a deliberate simplification - fewer layers, easier to trace, no magic pipeline behaviors. If you need pipeline behaviors (logging, validation, transactions), they are handled by middleware, filters, and EF Core SaveChanges already.
FAQWhy is ApiService so large in the frontend but services are split in the backend?
Frontend has setState-based architecture where one ApiService exposes all endpoints. Backend has stage-specific services because each stage has non-trivial business logic (validation, state transitions, provider orchestration, downstream events). Splitting on the backend keeps each service under 500 lines.
FAQWhy so many PAN providers?
PAN verification is regulated and must work 100% of the time. MOSL has commercial relationships with multiple providers (Zintlr for phone-to-PAN lookup, Hyperverge and NSDL for direct verify, UTI and CVL KRA as fallbacks, NDML for edge cases). The provider chain executor tries them in configured priority order until one succeeds.
FAQWhy does Decentro bank auto-verify run at Stage 2 (OTP) and not at Stage 6 (Bank)?
By running it in the background right after OTP verification, the bank details are typically ready by the time the user reaches Stage 6. This creates a seamless "We found your bank account" experience where the user just confirms instead of typing account details. If Decentro fails or returns a non-active-savings account, the user falls back to the normal UPI / manual flow at Stage 6.
FAQWhy 75 tables? Is that too many?
Each verification stage has its own attempt / result table for auditability. Plus 22 reference master tables (states, cities, pincodes, bank IFSC codes, KRA error codes, etc.) that are loaded from external sources. Plus admin / audit / config tables. The count is high but each table is small and focused.
FAQWhy no EF Core migrations yet?
The project currently uses code-first configurations but has not generated migration files. The schema is created via EntityTypeConfiguration classes in OnModelCreating. For production, you will need to run dotnet ef migrations add InitialCreate and then incrementally for each change. See 12 - How-To Guides.
FAQWhere are the sync tables populated from?
From the existing MOSL data lake and legacy systems - not from the new eKYC backend itself. Tables like client_master, branch_master, employee_pan_master are daily syncs from back-office. bank_ifsc_masters is synced from RBI. negative_list_entries is synced from SEBI. See the Sync Tables Master List and 10 - Database.
FAQWhy does the backend ship with both StackExchange.Redis and InMemory cache?
The Redis NuGet is present for future use but the current cache implementation is InMemoryCacheService. This keeps local dev simple (no Redis instance needed) and the cache is not yet used for cross-instance state. When production needs a distributed cache, swap the DI registration to a Redis-backed implementation without changing consuming code.
FAQWhy is snake_case used for tables and columns?
PostgreSQL convention and matches existing MOSL DB naming. EFCore.NamingConventions automatically translates C# PascalCase properties to snake_case columns (LeadId → lead_id, CurrentStage → current_stage).
Glossary
| Term | Meaning |
|---|---|
| eKYC | Electronic Know Your Customer - digital identity verification for account opening |
| Lead | A customer in the journey. Identified by leadId (Guid). Row in leads table. |
| Stage | One step in the 16-stage journey (0=Arrival, 1=Registration, ..., 15=Activation) |
| State | Current status within a stage (INITIATED, OTP_VERIFIED, BANK_VERIFIED, DROPPED, etc.) |
| STP | Straight-Through Processing - account created instantly at Stage 14 without manual review |
| Non-STP | Requires manual verifier review. User sees pending message at Stage 15. |
| CS Journey | Customer Service escalation flow for stuck/flagged leads |
| KRA | KYC Registration Agency. CVL KRA and NDML KRA provide centralized PAN verification. |
| NSDL | National Securities Depository Limited. PAN verification and eSign provider. |
| UTI | UTI Infrastructure Technology and Services. PAN verification provider. |
| CVL | Central Depository Services (India) Ltd. Ventures. KRA provider. |
| NDML | NSDL Database Management Ltd. KRA provider. |
| DigiLocker | Indian government digital document wallet. Used for Aadhaar verification at Stage 5. |
| AINXT | MOSL internal AWS Lambda wrapper for multiple external APIs (DigiLocker, Face Match, Liveness, Signature, etc.) |
| HyperVerge | Identity verification provider. Used for PAN, Bank RPD, Face Match, eSign. |
| Decentro | Fintech aggregator. Used for mobile-to-bank auto-verify at Stage 2. |
| SETU | Bank account verification API. Reverse penny drop provider. |
| Karza | PAN, bank, email, document verification provider. |
| Digio | Face match and eSign provider. |
| eMudhra | Certificate authority and eSign provider. |
| Zintlr | Phone-to-PAN and background check provider. |
| C-SAFE | MOSL internal anti-money-laundering / fraud screening system. |
| CBOS | MOSL Central Back Office System. Creates actual Demat accounts at Stage 14. |
| OneMoney | Account Aggregator. Fetches income proof via consented bank data. |
| Razorpay / EPay | Payment gateways used at Stage 15 for initial fund transfer. |
| AOF | Account Opening Form - the PDF generated at Stage 12 and signed at Stage 13. |
| RPD | Reverse Penny Drop - UPI-based bank verification where the bank debits ₹1 from user (reverse direction) |
| IFSC | Indian bank routing code (11 chars, format: [A-Z]{4}0[A-Z0-9]{6}) |
| MICR | Magnetic Ink Character Recognition - 9-digit bank branch code |
| VPA | Virtual Payment Address - UPI ID format like user@upi |
| FATCA | Foreign Account Tax Compliance Act declaration required for US persons |
| SEBI | Securities and Exchange Board of India - regulatory body for Indian markets |
| WarRoom | Internal monitoring dashboard (React app at warroom/ folder) that consumes /api/v1/warroom/* endpoints |
| Hangfire | Background job library with PostgreSQL storage. Dashboard at /hangfire. |
Where to Find Things
| I need... | Look in |
|---|---|
| A controller for a specific route | backend/src/MO.Ekyc.Api/Controllers/StageN/ or Common/ or Admin/ |
| Business logic for a stage | backend/src/MO.Ekyc.Infrastructure/Services/StageN/ |
| External provider implementation | backend/src/MO.Ekyc.Infrastructure/ExternalProviders/ |
| EF Core DbContext | backend/src/MO.Ekyc.Infrastructure/Persistence/EkycDbContext.cs |
| Entity definitions | backend/src/MO.Ekyc.Domain/Entities/ |
| Route constants | backend/src/MO.Ekyc.Shared/Constants/ApiRoutes.cs |
| Error codes | backend/src/MO.Ekyc.Shared/Constants/ErrorCodes.cs |
| Stage definitions | backend/src/MO.Ekyc.Shared/Constants/StageDefinitions.cs |
| DI composition root | backend/src/MO.Ekyc.Api/Program.cs |
| Configuration | backend/src/MO.Ekyc.Api/appsettings.json + appsettings.Development.json |
| Sync tables list | Sync Tables Master List |
| Stage-by-stage BRD deep dive | brd_analysis/ folder |