1. Presence-less Layer:

Upon enrollment in the Aadhaar program, the demographic and biometric information provided by the enrollee is stored in a centralized government database, with the 12-digit Aadhaar serving as a unique identification key.

Everyday devices today can capture scans of fingerprints or the iris. When a third party service provider such as a bank or a hospital needs to verify the identity of their customer, all they need to do is use these devices to capture and send the customer’s Aadhaar number and biometric information to the centralized database for verification (see Figure 2).

The centralized database uses sophisticated fuzzy-lookup algorithms to match the received information with the stored information. The algorithm then returns “yes/no” information back to the requesting party.

In essence, Aadhaar eliminates the need for a customer to be physically present or even produce ID cards for proof.

Figure 2: The Presence-less Layer

The ability to authenticate identity on demand without a paper ID or physical presence can remove a lot of tiny and big hassles. Imagine walking through the airport without your ID, but still being able to seamlessly check into and board your flight! While the presence-less layer is groundbreaking by itself, the true potential lies in how this layer interacts with the rest of the stack.

2. Paperless Layer: “Red tape” / “Form-ophobia” / “Paper pushing” / “Shuffling documents”

To overcome the drain on productivity that is everyday paperwork, the government has added a Paperless Layer to the India Stack. Sitting right atop the presence-less layer, the paperless layer consists of two simple components:

Digital locker

Digital signature

Digital locker: Each Aadhaar number is uniquely tied to a set of documents that live in a digital locker assigned to that number. As shown in figure 3, documents living in the locker can be issued by government agencies (e.g., land ownership records), third party organizations (e.g., college transcripts), or the individual himself (e.g., legacy paper documents). The individual can choose to share documents from his locker with any entity that requests the information (e.g., a hospital requesting his medical records).

Figure 3: The Paperless Layer — Digital Locker

In order to meet the standards of the Digital Locker ecosystem, the documents need to contain a Document ID as well as a Digital Signature from the issuer. Since all documents in the locker are signed, the third parties accessing the documents can be assured of their accuracy. Meanwhile the individuals can use the locker portal to control who accesses their records and for how long.

This process eliminates fraud, reduces administrative burden, ensures anytime/anywhere document access and gives individuals control over what they wish to share.

Each of the players in the locker ecosystem (Directory, Gateway, Portal, etc.) can provide turnkey solutions. One such use case is a packaged “proof of address” document bundle. In fact, this bundle is so ubiquitously requested that the government already offers it under the banner “e-KYC” (electronic-Know your Customer). So telecom companies, for example, can request for this package, and approve a new account in seconds. Such solutions reduce customer acquisition costs, enabling financial inclusion for millions.

Digital signature: The digital signature capability (which is the second half of the paperless layer) allows individuals to electronically sign a contract with any entity without a paper or pen.

Figure 4: The Paperless Layer — Digital Signature

To get a document signed, the requester (say, a bank) uses the ASP (see figure 4) to capture customer biometrics. The ASP then sends these details (along with the required document attributes) to a certifying authority for identity authentication. Upon authentication, the certifying authority returns a unique digital certificate which the ASP embeds into the original document.

This process allows individuals to securely sign information anywhere, anytime. When implemented together with the digital locker, it eliminates the need for any form of paper, and combined with the presence-less layer, it enables all business to be conducted digitally.

While banks, insurance companies and other entities may build their own ASPs, third party ASPs will emerge to provide tailored document management solutions for both businesses and retail customers.

3. Cashless Layer

To reduce the costs of digital financial transactions, the government has built a Unified Payments Interface (UPI). This interface forms the Cashless Layer of the India Stack.

Underpinning the UPI is a very complex technical architecture built by some very smart people. The cashless layer of the India stack and its impact on the Indian financial system deserves its own post, so we will only give it lip-service in this write-up.

Update: The cashless layer explained in its own post.

From a business / end user perspective, suffice to say that it acts as an instantaneous payments bridge between any two entities.

A quick aside, on what makes the UPI so powerful: Think back to Pre-Venmo times in the US, when every non-cash financial transfer used to take several days. Indeed, even today, Venmo transactions are not truly instantaneous. Apps like Venmo provide only the illusion of an instantaneous transfer. In reality, the transaction has been scheduled and will take its own sweet time to resolve. Why does this matter? Because one can simply cancel the transaction at any point before it truly resolves (like later in the day, after you have already eaten your ice-cream), and your counterparty may never get the money. This is why you cannot load your investment account with Venmo money. The reason for this delay is the complexity associated with authentication of payments sources, which is solved by the India Stack.

Imagine a world where all financial transactions take place instantaneously. The working capital implications for small businesses can be profound.

All transactions can also be dutifully logged and stored in the digital locker for future access. Recall that the locker allows you to share a summary / sanitized version of these transactions with a requesting party — say, a lender who wants to evaluate your credit worthiness.

Powerful stuff! The truly incredible thing is that UPI is a reality today.

4. Consent Layer

Figure 5: The Consent Layer

In addition to the existing infrastructure, the iSPIRT team is working on building an “electronic consent architecture”. The technical details of this architecture are still being ironed out, but the idea behind the architecture is to allow individuals to provide registered entities access to specific data about themselves from the India Stack layers. Access will be provided in the form of consent tokens that are time-bound and identity-verified.

This is where a majority of the power of the India Stack will be realized. By building a digital world around every individual and giving them the ability to determine how much of that world to share, the India Stack will enable rapid innovation in the financial services sector.