The DigiLocker outage, which disrupted digital KYC processes for fintech#fe firms, brokers, and other businesses, has led to calls from companies and tech experts to improve the resilience of digital public infrastructure (DPI) to avoid similar issues in the future.
They said the government should consider implementation of redundancy systems, by developing a backup, or failover system for DigiLocker that ensures that businesses can continue functioning even in case of technical failures.
A power outage at the data centre of the government’s National Informatics Centre (NIC) on December 31 in Delhi led to disruptions at the DigiLocker for the next two days. DigiLocker is a cloud-based platform for storage, sharing and verification of documents, and certificates. The outage also affected many government websites, leading to a slow or no response.
Officials said the data centre power outage has been restored.
The issue, however, slowed down user onboarding for companies who are required to do digital KYC before signing up users to verify their identity.
“We got thousands of support tickets because of delayed KYC approvals. DigiLocker has restored its services as of now,” said Neeraj Khandelwal, co-founder of CoinDCX.
As of December 30, 2024, DigiLocker has 434.53 million registered users and has issued 9.41 billion documents.
Abhishek Saxena, co-founder and MD of Omnicard, a corporate expense management company, said, “While it was not a complete shutdown, there was a 50% drop in onboarding of users due to the DigiLocker issue.”
According to Saxena, outages are common in the technology world but it is really important for the government to have more such platforms in place so that DigiLocker is not overloaded.
Notably, DPI stacks such as Unified Payments Interface (UPI), DigiLocker, and Aadhaar, among others, have so far been effective in bringing digital services to the masses in a cost-effective and timely manner.
“Initiatives such as DigiLocker have shown the fundamental impact that DPI use cases can have on efficiencies in our digital economy. However, such DPI initiatives need to have exceptional cyber resilience, security and redundancies in place to ensure business continuity and user trust,” said Dhruv Garg, partner at Indian Governance and Policy Project (IGAP) and a tech lawyer.
“Any outages will significantly reduce the confidence in such initiatives,” he added.
Currently, not every company uses DigiLocker for e-KYC. Many companies also leverage other solutions, such as Aadhaar-based e-KYC through the UIDAI system, or integrate third-party KYC providers.
Sandeep Agrawal, founder and director of Teamlease Regtech said, “Establishing communication channels for outage alerts and regular stress testing of platforms to identify vulnerabilities could help mitigate such disruptions.”
According to Agrawal, it’s crucial to implement redundant systems and geographically distributed data centres. “These measures can ensure that, even if one system or location faces disruptions, others can take over to maintain service continuity,” he said.
According to analysts, some of the challenges with DPI include lack of inter-operability between different digital platforms, lack of digital literacy skills, limited language options, and limited reach beyond government services.
Agrawal said the government should set up a task force to drive adoption of DPI and shall consider partnerships with startups and enterprises.
Notably, India has signed a memorandum of understanding (MOU) on cooperation in the field of sharing successful digital solutions implemented at population scale with 10 countries – Armenia, Sierra Leone, Suriname, Antigua and Barbuda, Papua New Guinea, Trinidad and Tobago, Tanzania, Kenya, Cuba and Colombia. Many other countries are also enquiring about India’s DPI stack.
