Compare Systems
Side-by-side comparison of Digital Public Infrastructure systems across all analysis dimensions.
| Property | Aadhaar | ONDC | DigiLocker | AA | UPI | FASTag |
|---|---|---|---|---|---|---|
| Governance | partial Governed by UIDAI under Ministry of Electronics and IT; development by UIDAI with private vendors | yes Section 8 company backed by government and industry; multi-stakeholder governance | partial NeGD under MeitY operates; government departments as issuers | partial RBI-regulated framework; private sector Account Aggregators licensed by RBI | yes NPCI (non-profit) governs; regulated by RBI; member banks participate in development | partial NPCI operates; NHAI mandates usage; banks issue FASTags |
| Economic Model | partial Free for government services; nominal fees for private sector authentication | yes Low transaction fees; aims to reduce platform commissions for sellers | yes Free for citizens; departments pay for integration | partial Fee-based model; AAs charge for data fetch transactions | yes Zero MDR for most transactions; cross-subsidized by other payment products | partial Tag issuance fees; transaction charges to toll operators; bank revenue from float |
| Openness | no Closed-source core; APIs documented but proprietary; limited public audit | yes Open protocol specifications; Beckn protocol is open-source | partial APIs for document issuers and requesters; core platform closed-source | yes Open API specifications; ReBIT maintains technical standards | partial API specifications available to licensed entities; closed-source core | no Proprietary RFID technology; closed specifications |
| Security | partial Biometric encryption; multiple reported vulnerabilities; no public bug bounty | partial Decentralized architecture; security responsibilities distributed across network participants | partial Aadhaar-based authentication; documents fetched from source; encrypted storage | yes End-to-end encryption; data never stored by AAs; security audits required | yes Device binding, UPI PIN, transaction limits; fraud monitoring systems | partial RFID encryption; vehicle-tag binding; fraud detection for cloned tags |
| Data Practices | no Centralized biometric and demographic data; extensive linking across services | yes No central data repository; data stays with respective network participants | partial Document metadata stored; actual documents fetched from issuing authorities | yes User-controlled data sharing; data flows directly between FIPs and FIUs | partial Transaction data with NPCI and banks; used for credit scoring and analytics | no Vehicle movement data collected at toll plazas; potential for tracking |
| Consent | no De facto mandatory for many services despite Supreme Court restrictions | yes User choice of apps and providers; no platform lock-in | yes Voluntary service; sharing requires explicit consent per document | yes Explicit consent required for each data request; granular control over sharing | partial Voluntary adoption; becoming de facto required due to merchant preferences | no Mandatory for all four-wheelers on national highways since 2021 |
| Accountability | no UIDAI publishes usage statistics; limited independent oversight | partial Network participant grievance redressal; evolving oversight mechanisms | partial NeGD oversight; usage statistics published; IT Act provisions apply | partial RBI oversight; Sahamati ecosystem governance; public usage dashboards | yes RBI oversight; NPCI publishes transaction statistics; dispute resolution mechanisms | partial NHAI publishes adoption statistics; grievance mechanisms through banks and NHAI |
Legend
Scores indicate how well the system performs on each dimension from a public interest perspective:
- yes — Strong protections / good practices
- partial — Mixed or partial implementation
- no — Weak protections / concerning practices