101

Aadhaar — India’s Digital Identity: Complete 101 Guide Last updated: March 2026 What is Aadhaar? Aadhaar (आधार) is India’s unique 12-digit identity number issued by the Unique Identification Authority of India (UIDAI). It is the world’s largest digital identity system, covering 1.4+ billion residents - nearly every Indian citizen and resident. Key Facts Enrolment: 1.4+ billion1 Monthly Authentications: 231+ crore (November 2025)2 Legal Framework: Aadhaar Act 20161 Aadhaar Structure The 12-Digit Number 1 2 3 4 XYZ: First 3 digits = state/region code YY: Next 2 digits = enrollment year (00-99) ZZZZ: Next 4 digits = unique number CCCC: Last 4 = checksum (verhoeff algorithm) Enrollment Data Collected Biometric Demographic Fingerprints Name Iris Scan Date of Birth Photo Gender Signature Address Mobile (optional) Email (optional) UIDAI — The Authority About UIDAI Established: 2009 (under Planning Commission) Moved to: Ministry of Electronics & IT (MeitY) Headquarters: New Delhi Regional Offices: 5 (Bengaluru, Delhi, Mumbai, Kolkata, Chennai) CEO: Saurabh Goyal (2026) UIDAI Functions Aadhaar enrollment and authentication Policy for identity management Data security and privacy Grievance resolution Types of Aadhaar 1. Regular Aadhaar Standard enrollment at centers Full biometric capture 2. e-Aadhaar Digital copy from uidai.gov.in Password-protected PDF Equal to original for KYC 3. m-Aadhaar Mobile app version Aadhaar on phone Multiple family members 4. Aadhaar PVC Card New PVC card format Secure, durable Includes QR code Aadhaar Authentication Methods Type Description Use Case Biometric Fingerprint/Iris/Face Banking, mobile OTP One-time password Mobile verification Demographic Name, DOB match Simple verification Virtual ID Temporary替代 Privacy protection Authentication Flow 1 User → Service Provider → UIDAI → Biometric Match → Yes/No → Service Monthly Statistics (2026) Total Auth: 100+ crore Biometric: 60+ crore OTP: 30+ crore Demographic: 10+ crore Aadhaar Services For Individuals Enrollment/Update Aadhaar download Virtual ID generation Address change Mobile linking For Businesses eKYC service Aadhaar vault Aadhaar API integration Authentication service Aadhaar & Digital Payments Aadhaar Payment Bridge (APB) Direct benefit transfers (DBT) DBT to Jan Dhan accounts Subsidy payments Pension disbursements Aadhaar Enabled Payment System (AEPS) Banking through Aadhaar Withdrawals at BC points Balance inquiries Mini statements Aadhaar & UPI Aadhaar-linked bank accounts UPI via Aadhaar number Seamless payments Security & Privacy Privacy Features Virtual ID: Temporary number代替Aadhaar Masked Aadhaar: Hide first 8 digits Aadhaar Lock: Biometric lock Access Control: Bio-metric enable/disable Security Measures Data Encryption: AES-256 Biometric Template: Non-reversible UIDAI Security: ISO 27001 certified CBI Investigation: Regular audits Concerns Addressed Data Breach: No biometric data leaked (court-verified) Surveillance: No profiling (UIDAI clarifications) Exclusion: Alternative authentication available Aadhaar & Government Schemes DBT (Direct Benefit Transfer) Scheme Beneficiaries Amount PM-KISAN 11 crore ₹60,000 crore/year MGNREGA 5 crore ₹1 lakh crore Ayushman Bharat 50 crore ₹5 lakh cover Benefits Leakage reduction (from 70% to 14%) Direct transfer (no middlemen) Real-time tracking Aadhaar Global International Adoption UK: Aadhaar for visa applicants UAE: Residency verification Singapore: Employment pass Mauritius: Social security India Stack Global Aadhaar-like systems: Nepal, Bangladesh Digital public goods: India exports DPI UNDP: Model for developing nations Aadhaar Statistics (2026) Metric Value Total Enrolled 1.4+ billion Active (12 months) 1.1+ billion Verifications/Month 100+ crore Enrolment Centers 50,000+ Banks Using 140+ Related Topics Learn More 101 DigiLocker - Document Storage 101 ONDC - Open Network for Digital Commerce 101 API Setu - Government APIs Conclusion Aadhaar has transformed identity verification in India, enabling direct benefits delivery, financial inclusion, and digital service delivery. While controversies exist, its impact on reducing fraud and ensuring targeted welfare is undeniable. ...

DigiLocker — India’s Document Wallet: Complete 101 Guide Last updated: March 2026 What is DigiLocker? DigiLocker is India’s cloud-based platform for issuing, storing, and verifying documents digitally. It acts as a “digital locker” for citizens to store important documents like Aadhaar, PAN, driving license, and educational certificates. The platform eliminates the need for physical document copies. Key Facts Launch: July 2015 Parent Ministry: MeitY (Ministry of Electronics & IT) Users: 100+ crore registered Documents Issued: 800+ crore Storage: Free, unlimited How DigiLocker Works Architecture 1 2 3 4 5 DigiLocker Platform ├── Issuer APIs (Gov agencies) ├── Repository (Cloud storage) ├── Verifier APIs (Business) └── User App (Android/iOS/Web) Document Flow Issuing: Government agency pushes document to user’s locker Storage: Document stored in encrypted cloud Retrieval: User accesses via app/web Verification: Business requests document with user consent Sharing: Document shared via secure link/API Key Features 1. Document Storage Types: All government issued documents Capacity: Unlimited, free Security: 256-bit encryption Access: Mobile app, web, USSD 2. e-Sign Aadhaar-based: Digital signature Legal: IT Act 2000 compliant No USB Token: Fully online Use: Agreements, contracts, forms 3. Document Sharing QR Code: Quick verification Short Link: Share via message/email API Integration: Direct business access 4. Auto-Fetch Aadhaar: Auto-populated Driving License: From RTO Vehicle RC: From Parivahan Educational: From boards (CBSE, ICSE) Document Categories Identity Documents Document Issuer Aadhaar UIDAI PAN Income Tax Voter ID ECI Passport MEA Driving License RTO Financial Documents Document Issuer Income Tax Returns CBDT Form 16 Employers Bank Statements Banks Insurance Policies IRDAI Educational Documents Document Issuer Marksheets Boards/Universities Certificates Institutions Aadhaar-linked All DigiLocker Statistics (2026) Metric Value Registered Users 100+ crore Documents Stored 800+ crore Documents Issued/Month 50+ crore e-Signs/Month 10+ crore Partner Agencies 1,500+ DigiLocker Ecosystem Issuers (Data Providers) Central: UIDAI, CBDT, IRDAI, SEBI State: RTOs, Education boards Private: Employers, universities Verifiers (Data Consumers) Banks: KYC verification Telecom: SIM verification Govt: Service delivery Private: Loan, employment Technology Stack Layer Technology Storage AWS India (Gov cloud) Security Aadhaar authentication Encryption AES-256 API REST + XML DigiLocker Use Cases 1. KYC Verification Bank account opening SIM card purchase Loan applications Insurance purchase 2. Government Services Passport application Visa processing Scholarship applications Utility connections 3. Employment Job applications Background verification Document submission 4. Travel Railway booking Flight check-in (ID proof) Hotel check-in Security Features Identity Verification Aadhaar Login: Mandatory for new users OTP: Mobile/Email verification Session Timeout: Auto-logout Document Security Encryption: At rest and in transit Access Logs: Full audit trail Consent-based: User controls sharing Privacy Controls Document Hiding: Hide sensitive docs Expiry Links: Time-bound access One-time View: Single-use sharing DigiLocker vs Cloud Storage Feature DigiLocker Google Drive/Dropbox Document Type Government-issued Any file Verification ✅ Built-in ❌ Manual e-Sign ✅ Integrated ❌ Third-party Legal Validity ✅ IT Act compliant ⚠️ Variable Cost Free Paid for storage Issuer Direct ✅ Yes ❌ No Integration Options For Businesses API Access 1 2 3 4 # Document Fetch API GET /api/v1/document Header: X-Auth-Token Query: document_type=aadhaar Verification Real-time: API for instant verification Batch: Bulk document verification QR Code: Offline verification For Government e-Office Integration: Document workflow State Portals: 28+ states connected G2C Services: Citizen services DigiLocker App Features Android/iOS: Free download Storage: Unlimited Auto-Sync: Document updates Offline Access: View downloaded docs Dark Mode: ✅ Languages English Hindi 10+ Indian languages Recent Updates (2025-2026) New Features e-Sign 2.0: Bulk document signing DigiLocker for Minors: Child accounts Corporate Locker: Business document storage OCR Scanning: Physical doc to digital Integration Expansion UPI: Payment integration ONDC: E-commerce documents Healthcare: Medical records Education: Academic credentials Related Topics Learn More 101 Aadhaar - Digital Identity 101 ONDC - Open Network for Digital Commerce 101 API Setu - Government APIs Conclusion DigiLocker has transformed how Indians store and share documents. From eliminating paperwork to enabling instant verification, it’s a key pillar of India’s Digital Public Infrastructure. Every citizen should use it for secure, free document storage. ...

ONDC — Open Network for Digital Commerce: Complete 101 Guide Last updated: March 2026 What is ONDC? ONDC (Open Network for Digital Commerce) is India’s government-backed protocol for digital commerce that connects buyers and sellers through an open network. Think of it as a “UPI for e-commerce” - enabling anyone to buy and sell online without platform lock-in. Key Facts Launch: April 2022 (pilot in 5 cities) Parent: DPIIT (Department for Promotion of Industry and Internal Trade) Current Scale: 4+ crore transactions/day Network Participants: 5+ lakh sellers, 5+ crore orders/month Goal: 10% of India e-commerce via ONDC by 2027 How ONDC Works Traditional E-commerce (Closed) 1 2 3 4 Amazon/Flipkart Amazon/Flipkart | | Seller → Platform → Buyer Seller → Platform → Buyer (Dependent on platform) (Dependent on platform) ONDC (Open Network) 1 2 3 4 5 6 ONDC Protocol | +---------+---------+ | | | Buyer Gateway Seller App (Beckn) Network Transaction Flow Discovery: Buyer searches across all ONDC sellers Selection: Buyer adds to cart Order: Buyer confirms purchase Fulfillment: Seller ships via ONDC logistics Settlement: Payment via ONDC Gateway Delivery: Buyer receives product ONDC Architecture Core Layers Layer Function Beckn Protocol Communication standard Buyer App Consumer interface (Snapdeal, Paytm) Seller App Merchant interface (Seller app, Dukaan) Gateway Payment, logistics, authentication Registry Participant directory Beckn Protocol Open API specification Language/Platform agnostic Used by: India, Saudi Arabia, UAE, Philippines ONDC vs Traditional E-commerce Feature ONDC Amazon/Flipkart Open ✅ Yes ❌ Closed Data Ownership Seller keeps Platform owns Commission 2-10% 15-35% Seller Reach Network-wide Platform-only Interoperability ✅ Cross-app ❌ Siloed Buyer Choice Multiple apps Single app ONDC Participants Buyer Apps (Where You Shop) App Category Paytm General Snapdeal General Meesho Social commerce PhonePe General Flipkart General (pilot) Seller Apps (Where You Sell) App Target ONDC Seller App Small sellers Shopify India E-commerce Dukaan Quick commerce Amazon/Flipkart Large sellers Gateway Providers Payment: Paytm, Razorpay, Bank gateways Logistics: Shiprocket, Ecom Express, India Post Tech: B2B e-commerce platforms ONDC Use Cases 1. Retail Commerce Fashion, electronics, groceries Direct from manufacturer to consumer Competitive pricing via transparency 2. Grocery & Quick Commerce Local kirana online Same-day delivery 2+ crore daily grocery orders 3. B2B Commerce Wholesale transactions MSME procurement Agricultural produce 4. Services Hotels, travel bookings Food delivery Local services (plumbing, cleaning) ONDC Statistics (2026) Metric Value Daily Transactions 4+ crore Monthly Orders 5+ crore Registered Sellers 5+ lakh Buyer Apps 15+ Seller Apps 50+ Cities Covered 700+ Benefits of ONDC For Sellers Reach: Access customers across multiple apps Lower Fees: 2-10% vs 15-35% Data Ownership: Customer relationships No Platform Lock-in: Operate independently Easy Integration: Simple API For Buyers Choice: Compare prices across apps Trust: Verified sellers Price Discovery: Transparent pricing Local Products: Support local sellers Standard Experience: Consistent interface For MSME Digital Presence: Go online in minutes Credit Access: Working capital loans Pan-India Reach: Beyond local market Lower Costs: Reduced marketing spend ONDC Governance Structure 1 2 3 4 5 ONDC Network ├── Founder Members (Initial promoters) ├── Board of Directors (Governance) ├── Management Team (Day-to-day) └── Advisory Council (Industry experts) Key Personnel (2026) CEO: Piyush Kumar Board: MeitY, DPIIT, NPCI, industry experts Regulatory Framework DPIIT: Parent ministry Competition Commission: Antitrust oversight RBI: Payment regulations ONDC Technology Beckn Protocol Open source API-first design Modular architecture Secure (encryption, authentication) Integration APIs 1 2 3 4 5 6 7 8 { "search": "Find products across network", "select": "Choose specific item", "init": "Initialize order", "confirm": "Complete order", "status": "Track order", "cancel": "Cancel order" } ONDC Security Buyer Protection Escrow: Payment held until delivery Dispute Resolution: Buyer protection fund Rating System: Seller ratings Seller Protection Grievance: Quick resolution Data Privacy: Seller data not shared Anti-fraud: Verification norms ONDC Challenges Current Hurdles Awareness: Low seller/buyer awareness Quality Control: Product authenticity concerns Logistics: Last-mile delivery gaps Tech Adoption: Digital literacy needed Standardization: Category-specific standards Government Push Marketing: ₹2,000 crore campaign Seller Onboarding: Free registration drives Credit: MSME loan schemes ONDC Global Impact Countries Adopting Beckn UAE: ONDC partnership Saudi Arabia: Digital commerce pilot Philippines: Beckn adoption Indonesia: Interest expressed India’s DPI Leadership ONDC positions India as: ...

ABHA — Ayushman Bharat Health Account What is ABHA? ABHA (Ayushman Bharat Health Account) is a unique 14-digit health ID that allows citizens to store and share their health records digitally. Part of the Ayushman Bharat Digital Mission (ABDM), it connects patients, healthcare providers, and insurers. How ABHA Works Creation Process Aadhaar Linking: Verify identity via Aadhaar Mobile Number: Must be linked to Aadhaar ABHA Number Generated: P-XXXX-XXXX-XXXX format Profile Creation: Add basic health info Link Records: Connect existing health documents Health Record Access ABHA Address: Like email, share to receive records PHR Apps: Personal Health Record applications Healthcare Provider Link: Doctors can view with consent ABDM Ecosystem Three Pillars ABHA: Unique health identifier Health Records: Digital PHR applications Healthcare Professionals Registry: Verified doctor IDs Stakeholders Patients: Control their data Doctors: Create and access records Hospitals: Link to ABDM network Insurers: Process claims digitally Govt: Monitor health trends Benefits for Citizens Convenience Universal ID: Works across all ABDM-participating facilities Paperless: No carrying physical records Quick Access: Emergency medical history available Portability: Records follow you anywhere Healthcare Benefits Better Diagnosis: Doctors see complete history Reduced Costs: No duplicate tests Continuity of Care: Records persist over time Insurance Claims: Faster processing Privacy & Security Data Protection Consent-Based: Must approve every sharing ABHA Address: Not tied to Aadhaar directly Encryption: End-to-end security Audit Trail: Every access logged Citizen Control View Access History: See who accessed records Revoke Consent: Remove access anytime Delete Records: Can request removal Data Portability: Export in standard format Linking to Services Healthcare Facilities Government Hospitals: All empaneled under Ayushman Bharat Private Hospitals: Increasingly joining ABDM Clinics: Modern practices going digital Diagnostic Labs: Reports directly to ABHA Insurance Cashless Claims: Direct hospital-insurer settlement Pre-Authorization: Digital approval process Policy Linking: ABHA to policy mapping Current Status (2024) ABHA Cards: 500+ million created Health Records Linked: 50+ million Healthcare Providers: 200,000+ Participating Facilities: 50,000+ Common Issues Problems ABHA Not Created: Check Aadhaar-mobile linkage Records Not Syncing: Ensure consent given Access Denied: Verify doctor is ABDM-registered Solutions Update Profile: Ensure mobile is correct Re-consent: For each new healthcare provider Use Verified PHR Apps: Check ABDM compatibility Prime References ABDM Official - Registration and guides ABHA Portal - Create and manage ABHA NHA - National Health Authority This 101 guide is part of DPIWatch’s citizen education initiative. Last updated: March 2026. ...

API Setu — India’s Open API Platform What is API Setu? API Setu is MeitY’s open API platform that provides secure, standardized APIs for government and private sector services. Think of it as a “digital marketplace” where developers can access government services programmatically—enabling innovation while maintaining security. How API Setu Works Architecture API Gateway: Single entry point for all services Authentication: OAuth 2.0, API keys Rate Limiting: Prevents abuse Monitoring: Real-time usage tracking Process Organization Registration: Business/entity verification API Subscription: Select needed APIs Integration: Developer uses documentation Testing: Sandbox environment provided Production: Live API access Available APIs (2024) Identity & Verification eKYC API: Aadhaar-based identity verification eSign API: Digital document signing DigiLocker API: Document access Government Services Vehicle Registration: RC, permit verification GST Data: Tax return information PF Status: EPFO data access Passport Status: Application tracking Financial Services Bank Account Verification: VIA IFSC/Bank code GST Return Filing: Integrated filing MSME Registration: Udyam verification Statistics (2024) APIs Available: 8,000+ Registered Developers: 50,000+ Daily API Calls: 50+ million Organizations: 10,000+ Use Cases Banking & Finance Instant KYC: Verify customer identity Loan Processing: Auto-verify documents Account Opening: Reduced paperwork E-Commerce GST Verification: Validate business legitimacy Delivery Address: PIN code serviceability Document Storage: DigiLocker integration Government Service Delivery: Multi-channel access Data Sharing: Across departments Citizen Services: Single window access For Developers Getting Started Register: https://apisetu.gov.in Documentation: API specifications provided Sandbox: Free testing environment Production: Apply for live access Technical Requirements Authentication: API key + OAuth token Rate Limits: Vary by API SLA: 99.9% uptime commitment Benefits For Government Efficiency: Reduced manual processing Transparency: Audit trails Innovation: Private sector builds on APIs For Citizens Faster Services: Instant verification Less Friction: No repetitive submissions Digital Ecosystem: Unified experience For Businesses Cost Reduction: Automated processes Compliance: Regulatory adherence Innovation: Build new services Privacy & Security Data Protection Consent-Based: User must authorize Minimal Data: Only necessary information shared Encryption: TLS 1.3 for data in transit Audit Logs: Every access logged Regulatory Compliance Aadhaar Act: Data handled per UIDAI rules DPDP Act: Personal data protection IT Act: Legal framework for e-governance Challenges Awareness: Many businesses don’t know APIs exist Technical Skills: Need developer resources Data Quality: Varying data accuracy across sources Integration Complexity: Legacy systems Prime References API Setu Portal - Official platform MeitY - Parent ministry Developer Portal - Documentation This 101 guide is part of DPIWatch’s citizen education initiative. Last updated: March 2026. ...

Bharat BillPay — One Platform for All Bills What is Bharat BillPay? Bharat BillPay (BBPS) is India’s unified platform for paying all utility bills—electricity, water, gas, mobile, DTH, and more—through a single network. Operated by NPCI, it offers a one-stop solution for recurring payments. How BBPS Works Transaction Flow Consumer Selects Biller: From BBPS network Enters Consumer Number: Account/mobile number System Fetches Bill: Real-time or pending amount Payment: Via UPI, cards, net banking Confirmation: Instant receipt generated Network Participants Billers: Utility companies, service providers Agent Institutions: Banks, payment wallets BAI: Business correspondents for offline access Billers Available Utilities Electricity: All state discoms (BSES, Tata Power, etc.) Water: Municipal corporations Gas: PNG, cylinder bookings Telecom Mobile: Prepaid, postpaid DTH: Tata Sky, DishTV, Airtel Digital Financial Insurance Premiums: LIC, general insurance Loan EMIs: Banks, NBFCs Credit Card: Major issuers Government Property Tax: Municipal payments Road Tax: Vehicle registration Education: School fees Benefits For Consumers Convenience: Single platform for all bills Trust: Verified biller network Timely Payments: Avoid late fees Digital Records: Transaction history For Businesses Collection Efficiency: Reduced payment defaults Pan-India Reach: Rural coverage via BCs Instant Confirmation: Real-time payment alerts Lower Costs: Vs individual integrations Access Channels Digital Bank Apps: UPI apps have BBPS integration Bharat BillPay Website: Direct portal UPI Apps: PhonePe, Paytm, GPay Offline Bank Branches: Over-the-counter payments Business Correspondents: Doorstep collection ATM: Some support bill payments Transaction Limits & Charges Limits Per Transaction: ₹50,000 Daily Limit: ₹2,00,000 (varies by bank) Charges Standard Billers: Usually free Credit Card: May have convenience fee Convenience Fee: ₹0-10 depending on biller BBPS vs Direct Payments Feature BBPS Direct Biller Single Platform ✅ Yes ❌ No Verified Billers ✅ Yes Varies Transaction History ✅ Yes Limited Multiple Accounts ✅ Single View Multiple Apps Offline Access ✅ Via BCs ❌ No Grievance Redressal Consumer Protection Transaction ID: Every payment gets unique ID SLA: Credit within 3 working days Refund: For failed transactions Customer Support: 1800 number + online Dispute Resolution Raising Issue: Within 30 days Biller Response: 14 days BBPS Escalation: If unresolved RBI/Consumer Court: Final resort Current Status (2024) Billers Onboarded: 20,000+ Transactions Monthly: 50+ crore Coverage: 2.5+ districts Registered Users: 20+ crore Security Features OTP Verification: Every transaction Tokenization: Card data protection Encrypted Data: End-to-end Fraud Monitoring: Real-time alerts Prime References Bharat BillPay - Official portal NPCI BBPS - Product page RBI Guidelines - Regulatory framework This 101 guide is part of DPIWatch’s citizen education initiative. Last updated: March 2026. ...

CERT-In — India’s Cybersecurity Guardian What is CERT-In? CERT-In (Indian Computer Emergency Response Team) is the national cybersecurity agency under MeitY. It coordinates responses to cybersecurity incidents, issues advisories, and protects India’s digital infrastructure. Functions Incident Response Cyber Incident Reporting: For attacks on Indian entities Rapid Response: Contain and mitigate threats Forensic Analysis: Investigate attacks International Coordination: With global CERTs Advisory & Guidelines Vulnerability Disclosures: Security alerts Best Practices: For organizations Compliance Requirements: Mandatory reporting Powers (Updated 2022 Directions) Directives 6-Hour Reporting: Incidents must be reported within 6 hours Log Retention: 180-day mandatory log storage KYC Sync: Customer details synchronization VPN Provider Data: 5-year retention Enforcement Penalty: Up to ₹1 crore for non-compliance Imprisonment: Up to 3 years for certain offenses IP Blocking: Can order blocking of malicious sites Incident Categories Reportable Incidents Malicious Code: Virus, ransomware, trojans Unauthorized Access: Hacking attempts Data Breach: Leaks of sensitive information DDoS Attacks: Service disruptions Phishing: Fraudulent emails/websites Identity Theft: Impersonation What to Report Government systems compromised Financial sector attacks Healthcare data breaches Telecom network incidents Critical infrastructure attacks Reporting Process How to Report Portal: https://www.cert-in.org.in Email: incidents@cert-in.org.in Phone: +91-1800-11-4649 (Toll-free) Format: Incident report template available Information Required Incident description Date/time of detection Systems affected Impact assessment Preliminary mitigation taken Services For Organizations Vulnerability Assessment: Scanning services Penetration Testing: Security testing Incident Response: 24/7 support Forensic Services: Evidence preservation For Citizens Advisories: Public alerts Malware Removal: Tools and guides Awareness: Cybersecurity tips Recent Initiatives Cyber Swachhta Kendra Botnet Cleaning: Free malware removal DNS Sanitization: Clean internet access Mobile Security: Android/iOS tools Cyber Surakshit Bharat Awareness Programs: For enterprises CISO Training: Security officer certification Best Practices: Guidelines Statistics (2024) Incidents Handled: 14+ lakh Breaches Reported: 200% increase Critical Infrastructure: 500+ protected Advisories Issued: 500+ Compliance for Organizations Mandatory Requirements Incident Reporting: 6 hours Log Retention: 180 days Synchronization: Customer data KYC Designated Officer: CISO appointment Sectors Affected Finance: Banks, NBFCs, insurance Healthcare: Hospitals, diagnostic labs Telecom: ISPs, operators Government: All ministries How Citizens Can Help Personal Security Update Software: Patch vulnerabilities Strong Passwords: Unique, complex Two-Factor Auth: Enable where possible Phishing Awareness: Don’t click suspicious links Reporting Cybercrime National Portal: https://cybercrime.gov.in State Police: Local cyber cell CERT-In: For critical infrastructure Prime References CERT-In Official - Main portal Incident Reporting - Report portal Cyber Swachhta - Cleaning tools MeitY - Parent ministry This 101 guide is part of DPIWatch’s citizen education initiative. Last updated: March 2026. ...

DigiYatra — Seamless Air Travel with Digital ID What is DigiYatra? DigiYatra is a biometric-based paperless airport entry system that uses facial recognition to verify passengers at various checkpoints—from entry to boarding. Currently operational at 20+ airports, it aims to eliminate physical boarding passes and ID checks. How DigiYatra Works Registration Process Download App: DigiYatra from Play Store/App Store Aadhaar/PAN Verification: Link identity document Face Capture: Take live photo for recognition Boarding Pass Scan: First flight booking to link Ready to Use: At participating airports Airport Journey Entry: Face recognition at airport entry gate Security: Face match at security checkpoint Boarding: Face verification at boarding gate No Physical ID:boarding pass needed after registration Technical Flow 1 2 3 Face Biometric → Encrypted → Stored Locally (on device) ↓ Airport Scanner → Face Match → Access Granted Airports Live (2024) Major International Delhi T3: First to launch Mumbai T2: Full implementation Bangalore: Terminal 2 Hyderabad: GMR-led Major Domestic Chennai: Multi-terminal Kolkata: Being upgraded Ahmedabad: Regional hub Pune: New terminal Expanding To Goa: Tourism focus Jaipur: Heritage route Lucknow: North India gateway Benefits For Passengers No Queue: Skip document checks Paperless: Digital boarding experience Speed: 2-5 seconds vs 30+ seconds manual Convenience: Hands-free after initial setup For Airports Efficiency: Faster passenger flow Cost: Reduced manual staffing Data: Passenger analytics Security: Better verification Privacy Features Data Protection On-Device Storage: Face template on phone only No Central Database: Decentralized matching Biometric Not Shared: Only mathematical representation Deletion Option: Remove data anytime Consent-Based Explicit Permission: Every use authorized Purpose Limitation: Only for airport entry Audit Trail: Every access logged What Happens to Data Temporary at Airport: Deleted within 24 hours Local Only: Not stored on cloud Aadhaar Unlinked: Separate from UIDAI database Supported Airlines Full Integration Air India: All domestic routes SpiceJet: Most connections IndiGo: Being rolled out Vistara: Premium cabins Partial/Beta Air Asia: Selected routes Go First: Being implemented How to Use Step-by-Step Pre-Flight: Register on DigiYatra app Reach Airport: Use dedicated DigiYatra queue Face Scan: Look at camera at entry gate Proceed: Walk through without stopping Security: Another quick scan Board: Final face verification Comparison Feature Traditional DigiYatra Queue Time 15-30 mins 2-5 mins Documents ID + Boarding Pass Face Only Physical Contact Multiple checks Single scan Experience Manual Seamless Common Issues Registration Problems Face Not Recognized: Ensure good lighting, remove glasses/mask Aadhaar Not Linking: Check mobile linked to Aadhaar App Crash: Update to latest version Airport Issues Scanner Not Working: Use regular queue Multiple Attempts: Wait 30 seconds between tries Staff Assistance: Request help if needed Security Concerns Addressed Data Breach: Only mathematical hash stored Misuse: Biometric can’t be recreated Tracking: No GPS data collected Third-Party: Not shared with airlines Prime References DigiYatra - Official portal Delhi Airport DigiYatra - Implementation UIDAI - Aadhaar integration This 101 guide is part of DPIWatch’s citizen education initiative. Last updated: March 2026. ...

DPDP Act — India’s Data Protection Law What is the DPDP Act? The Digital Personal Data Protection Act (DPDP) is India’s comprehensive data protection legislation, enacted in 2023. It governs how personal data is collected, processed, and stored—protecting citizen privacy while enabling digital innovation. Key Definitions Personal Data Any information that can identify an individual Includes: Name, phone, email, biometrics, location Even online identifiers: IP addresses, cookies Data Fiduciary Organization: Determines purpose of processing Examples: Companies, apps, websites Obligations: Must protect data Data Principal Individual: Whose data is being processed Rights Holder: You have rights over your data Your Rights as a Citizen Data Rights Access: Get copy of your data held Correction: Fix inaccurate data Erasure: Request deletion (“right to be forgotten”) Portability: Transfer data to another service Grievance: File complaints How to Exercise Submit request to data fiduciary Must respond within specific timeline Can escalate to Data Protection Board Obligations for Businesses Consent Requirements Explicit Consent: Clear, specific permission Purpose Limitation: Only for stated reason Withdrawal: Must be as easy as giving consent Children’s Data: Parental consent required (<18) Data Fiduciary Duties Purpose Limitation: Process only for stated purpose Data Accuracy: Keep data accurate Security: Reasonable safeguards Breach Notification: Notify affected individuals + Board Data Retention: Delete when no longer needed Exemptions Government Exemptions National Security: For defense, security Legal Proceedings: Court cases Regulatory Functions: RBI, SEBI powers Other Exemptions Research: Anonymized data Employment: Employee records Emergency: Life-threatening situations Data Protection Board Structure Chairperson: Appointed by Central Government Members: 2-6 technical/financial experts Powers: Enforcement, penalties, appeals Functions Grievance Redressal: Handle complaints Compliance Audits: Check organizations Cross-Border Transfers: Approve agreements Penalties Minor Breach: ₹50,000 - ₹5 crore Serious Breach: ₹5 crore - ₹25 crore Repeated Breach: Up to ₹50 crore Key Differences from GDPR Aspect DPDP Act GDPR Consent Opt-in Opt-in Children <18 years <16 years Data Transfer Listed countries only Adequacy mechanism Regulator Board DPA Cross-Border Data Transfer Allowed Destinations White-listed Countries: As notified by Government Standard Contractual Clauses: Approved agreements Binding Corporate Rules: Intra-group policies India’s Position No explicit “adequacy” from EU yet Negotiations ongoing Data localization for some sectors Compliance Timeline Phased Implementation Phase 1: Key provisions (2024) Phase 2: All obligations (2025) Phase 3: Full enforcement Who Must Comply All Data Fiduciaries: Operating in India Digital Platforms: Apps, websites Government Bodies: Local and state Your Data Rights in Action Access Request Example 1 2 3 4 5 6 7 8 9 10 11 To: [Company Privacy Team] Subject: Data Access Request - [Your Name] I am requesting access to all personal data you hold about me, including: - Account information - Transaction history - Communication records - Any third parties with whom shared Please provide within 30 days as required by DPDP Act. Filing a Complaint Internal: First to the organization Board: If unresolved in 30 days Appellate Tribunal: Next level High Court: Final appeal Key Sectors Impacted Tech Companies Social Media: Must remove content on request E-Commerce: Consent for data usage Fintech: Aadhaar, KYC data protection Healthcare Hospital Records: Patient data protection Insurance: Medical history privacy Research: Anonymization requirements Government Aadhaar: UIDAI data handling Service Delivery: citizen data protection Surveillance: Checks and balances Best Practices for Citizens Protecting Your Data Minimize Sharing: Only provide necessary data Read Policies: Understand how data used Revoke Consent: When no longer needed Request Deletion: Periodically clean up Use Privacy Tools: VPN, ad blockers Red Flags Excessive Permissions: Apps asking too much No Opt-Out: Can’t withdraw consent Unclear Purpose: Why they need data unclear Prime References DPDP Act 2023 - Full text MeitY DPDP - Implementation Data Protection Board - Complaints This 101 guide is part of DPIWatch’s citizen education initiative. Last updated: March 2026. ...

eSign — Digital Signatures for All What is eSign? eSign is an online electronic signature service in India, legally recognized under the IT Act 2000. Unlike physical digital signature certificates, eSign is Aadhaar-based and can be obtained instantly—eliminating the need to visit certification authorities. How eSign Works Process Flow Document Upload: User uploads document needing signature Aadhaar Authentication: Identity verification via OTP/biometric Signing: Cryptographic signature applied to document Certificate Generation: Signed PDF returned Verification: Anyone can verify signature validity Technical Details Standard: X.509 certificate based Algorithm: RSA 2048-bit encryption Certificate Validity: Typically 1-2 years Legal Standing: Same as handwritten signature (Section 5, IT Act) Use Cases Personal Property Documents: Register property online Legal Agreements: Contracts, affidavits Government Services: Submit forms digitally Business MCA filings: Company incorporation, annual returns GST Returns: Signed tax submissions Bank Documents: Loan applications, agreements Employment Contracts: Remote hiring Government Digital Locker: Sign stored documents Aadhaar Services: Update requests Income Tax: ITR verification eSign Service Providers ###MCA-Authorized ...