Permanent Account Number (PAN) is a unique code that acts as an identification for Indian citizens who pay Income Tax. This 10-character alphanumeric identifier is assigned to all individuals identifiable under the Income Tax Act, 1961. An example is BJSPK7865D. This is issued by the Income Tax Authority of India and acts as a proof of identification. The primary usage of PAN is to identify and track all financial transactions and ensure the absence of tax evasion by tracking all economic transactions, especially those of high net worth individuals (HNI).

PAN has become an indispensable tool for KYC for India focused applications. Here is a short tutorial on how to integrate PAN verification into your app.

The PAN API Integration facility is an interface that allows the user to make an online verification of PAN by accessing the verification-site through a software application.

Following are the steps to achieve the verification process

  1. Digital Signature Certificate
  2. NSDL e-Gov Registration
  3. Server Setup
  4. Integration with Laravel

1. Digital Signature Certificate (DSC)

The entity must have a Digital Signature Certificate (Class II or Class III) from any of the licensed Certifying Authorities specified below for digitally signing the application and the files uploaded online.

The Digital Signature Certificate can be procured from the following Certifying Authorities.

Pre-requisite for the API is a Digital Signature Certificate. We need to apply for a DSC , in the name of the applicant. When we are going for a hosted environment, in a cloud server a .PFX format is required. This can be acquired from eMudhra or any other certificate providers.

2.NSDL e-Gov Registration

Online PAN verification must be done by registering with NSDL e-Gov with DSC (Digital Signature Certificate) from Certifying Authorities.
Details required to be provided at the time of online registration are as mentioned below:

  • Organisational Details
  • Reason for availing PAN verification facility
  • Payment details
  • Digital Signature Certificate (DSC)
  • Details of DSC are optional at the time of online registration. However, DSC is mandatory for PAN verification. For details related to DSC, kindly refer https://www.tin-nsdl.com/pan-verify/pan-verification-prerequisite.php

Once the registration is made, the entity should forward the following documents to NSDL e-Gov:

  • Authorisation letter
  • Signed copy of the Terms & Conditions should be provided on the letterhead of the Entity
  • Demand Draft/ Cheque (subject to realization) for applicable Charges
  • Screen shots of DSC*
  • Supporting document to category (if applicable & requested by NSDL e-Gov). For ex. RBI certificate, SEBI certificate etc.

3.Server Setup

Get Digital Signature Certificate from Certifying Authorities in the format of .pfx file and password.

Download  Java based sample code for PAN verification API( using “java based .pfx code”).

Extract the file using NSDL user account password.

To run the API, you need to have latest Java installed on your server.

Set class-path in the following manner.

  • To create the pan folder within the public folder and move the sample code, .pfx file.
  • Open Terminal and type the following (Replace /path/to/ with the path to the respective files)
    CLASSPATH=.:/path/to/bcmail-jdk16-144.jar:/path/to/bcprov-jdk16-144.jar:$CLASSPATH
    export CLASSPATH
    

To convert pfx into a jks (java key store) run the keystore converter.

  • Move to deliverable folder, compile the p2j.java & pkcs7gen.java files using below command
    javac p2j.java pkcs7gen.java
    
  • convert pfx into a jks using below command
    java p2j certi.pfx pfxpswd oupt.jks
    

where
certi.pfx is the name of the .pfx file containing the certificate and the private key.
pfxpswd is the password of the pfx.
oupt.jks is the name of the java key store which will be generated by executing p2j.

 

To modify the  APIBased.java file.Open the APIBased.java file in editor, find the below code

prop.load(new FileInputStream("params.properties"));
data=prop.getProperty("data");
signature=prop.getProperty("signature");

 

Replace the below code

data=args[0];    //"V0139201^AMXPP6546K";
BufferedReader br = null;
String file_name="";
file_name="deliverable/"+args[1];		//"deliverable/out.sig"
br = new BufferedReader(new FileReader(file_name));
String line;  
while ((line = br.readLine()) != null) {
    signature+=line;
}
br.close();

 

Replace the new URL for API

eg: String urlOfNsdl="https://59.163.223.205/TIN/PanInquiryBackEnd";

 

For generating the .sig file and calling api, we have to run the bellow java command

java pkcs7gen oupt.jks pfxpswd user_id^pan_no out.sig
javac APIBased.java
java APIBased user_id^pan_no out.sig

 

The sample output will be like this:

Output: 1^AMXPP6546K^E^PATIL^BHUSHAN^

Here “1” is the return code and followed by details.

Return Codes with Descriptions

Error Code

Error Description

1

Success

2

System Error

3

Authentication Failure

4

User not authorized

5

No PANs Entered

6

User validity has expired

7

Number of PANs exceeds the limit (5)

8

Not enough balance

9

Not an HTTPs request

10

POST method not used

11

Slab Change Running

4.Integration with Laravel

Integrating with Laravel using shell execution command.Here are a few code snippets for the Laravel API calls.

Add the following route in the routes.php:

Route::group(['prefix' => 'pan/'], function () {	   		 					
	Route::post('verification', 'PanVerificationController@panVerification');
});

 

Add the following controller file PanVerificationController.php with function panVerification

public function panVerification(Request $request)
{
  
    $validator = Validator::make($request->all(), [
        'pan_no' => 'required'
        ]);

    if ($validator->fails()) {
      return response(array(
        'message' => 'parameters missing',
        'missing_parameters' =>  $validator->errors()
      ), 400);
    }
     
    $pan_no = $request->input('pan_no');
    // PAN Verification api call
    $file_name='pan_request/oupt'.strtotime(date("Y-m-d").date("H:i:s")).'.sig';
    $pan_user = config('pan.pan_user');  //V0139201
    $pan_password = config('pan.pan_password');    //nsdl@1234

    // To generate oupt.sig file
    shell_exec('cd pan/deliverable; java pkcs7gen oupt.jks '.$pan_password.' '.$pan_user.'^'.$pan_no.' '.$file_name);
    shell_exec('cd pan; javac APIBased.java');
    $output = shell_exec('cd pan; java APIBased '.$pan_user.'^'.$pan_no.' '.$file_name);
    $panArray = explode("^", $output);
       
    if($output){
        if($panArray[0]!=1){
            return response()->json(['errmessage'=>'PAN Verification Not Successful'],400); 
        }else{
            return response()->json(['message'=>'PAN Verification Successful'],200);
        }
    } else{
        return response()->json(['errmessage'=>'PAN Verification Not Successful'],400);
    }
}

 

Sample API call for Aadhaar verification:

http://128.199.50.45:8000/api/v1/pan/verification

 

Input:

{"pan_no":"AMXPP6546K"}

 

Output:

{"message":"PAN Verification Successful"}

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>