India's DPI stack in 2026: what each layer actually does

Digital Public Infrastructure is a phrase that risks meaning everything and nothing. In government briefings it covers anything from biometric ID to national broadband. In India's case it has a more specific meaning: open, interoperable digital rails built by the state that any registered participant (bank, startup, NBFC, platform) can build on.

Five layers, not one stack

The five layers that make up India's DPI in 2026 are: Aadhaar (identity), UPI (payments and credit), ONDC (commerce), Account Aggregator (data consent), and OCEN (contextual credit). Each is governed separately, has its own API surface, and has a different adoption curve. They are not a single integrated product: they are five distinct protocols that happen to be composable.

The IMF estimated in 2025 that every dollar invested in India's DPI generates between $3.2 and $4.0 in broader economic returns. India has signed DPI export agreements with 23 countries. Understanding what's actually in the stack is worth the time.

Aadhaar: 2,707 crore authentications per year

Aadhaar is India's biometric identity database: 12-digit numbers linked to fingerprint, iris scan, and photo for roughly 1.4 billion residents. UIDAI, the issuing authority, also runs the authentication API that any authorised entity can call to verify identity against that database.

In FY2024-25, Aadhaar recorded 2,707 crore authentication transactions. The cumulative total crossed 150 billion in 2025. Three authentication modes matter for builders.

Aadhaar eSign, where authentication generates a legally valid electronic signature, is one application layer on top of this infrastructure. But Aadhaar authentication underpins far more: welfare delivery, tax filing, bank account opening, insurance, and the KYC entry points inside all four of the other DPI layers.

The access constraint: Aadhaar eKYC requires a UIDAI-authorised Authentication Service Agency. You do not call UIDAI APIs directly. This bottleneck is deliberate for privacy reasons: the data returned is sensitive, and the authorisation requirement means an audit trail exists for every call.

UPI: 21 billion transactions a month

UPI processed 21.70 billion transactions worth Rs 28.33 lakh crore in January 2026. The base protocol is by now a utility: a Virtual Payment Address maps to a bank account, the NPCI-operated switch routes real-time credit between banks in under three seconds, and licensed apps (PhonePe, Google Pay, BHIM, and hundreds of others) expose the same underlying rails.

What's changed in 2026 is at the edges of the protocol.

UPI Credit Lines: the Reserve Bank of India extended pre-sanctioned credit line drawdown via UPI to Small Finance Banks in late 2024. A borrower can draw against a lender's pre-approved facility directly via a UPI transaction; the disbursement hits their VPA in real time. The debit account is a credit facility, not a deposit account. The user experience is nearly identical to a normal payment.

UPI Mandate is replacing NACH (National Automated Clearing House) for recurring payments in digital lending. NACH mandate registration takes days and involves paper. UPI Mandate registration is real-time, confirmed on the borrower's phone, and the first debit can be scheduled immediately. For fully digital lending journeys, this difference matters.

Access constraint: NPCI membership, or a relationship with a licensed Payment Service Provider, gates UPI access. You build through a PSP, not directly against NPCI.

ONDC: the open protocol for commerce

ONDC is the layer most frequently misunderstood. It is not an e-commerce platform. It is a protocol: a set of open APIs built on the Beckn specification that separates the buyer-facing app (Buyer App, or BAP) from the seller-facing catalogue and fulfilment stack (Seller App, or BPP), with ONDC's gateway routing discovery queries between them.

By early 2026: 7 lakh sellers are live across 1,200 cities. Daily order volume is around 150,000. Cumulative transactions have crossed 150 million. The network has expanded beyond retail into food delivery, mobility, financial services, FMCG, and agriculture.

The practical meaning of this architecture: a seller onboarded to one platform (say, a local logistics partner's seller panel) is discoverable to buyers on any ONDC-compliant buyer app. The catalogue is not trapped in a single platform's database. For a seller, this is meaningful. For a buyer, the quality of search and returns currently varies across buyer apps and trails proprietary platforms.

For builders, ONDC is interesting if you are building a seller tool that wants cross-app discovery without negotiating with each platform individually, a buyer app that needs a broad product catalogue without managing seller relationships directly, or a logistics provider: fulfilment is a first-class object in the Beckn protocol, not an afterthought.

Account Aggregator: 2.61 billion enabled accounts

The Account Aggregator framework is the consent layer for financial data. The mechanism: a user instructs a licensed AA to pull their financial information from one institution (a bank, an insurance company, the income tax authority) and share it with another (a lender, a wealth manager), without the user ever receiving the raw data to pass manually.

The numbers as of December 2025: 179 Financial Information Providers, 955 Financial Information Users, 17 live Account Aggregators, and 223 million active users with 2.61 billion enabled accounts.

Lending through the AA framework in H1 FY2025-26: Rs 1.47 lakh crore across 1.5 crore loans. At the current monthly run-rate of Rs 24,000 crore, up 71% from roughly Rs 14,000 crore monthly a year earlier, one in ten personal loans by volume now flows through the AA framework.

The common builder pattern: instead of asking a loan applicant to upload PDF bank statements, request 12 months of statements via AA. The applicant consents on their phone, the AA fetches structured JSON from their bank, the lender gets it directly. What previously required 48 hours of PDF-chasing takes minutes.

The coverage constraint: FIP participation is strong for PSU banks, major private banks, and large NBFCs. Regional rural banks and cooperative banks are not fully live. If your use-case serves Tier 3 and beyond customers, FIP coverage gaps will affect your data-fetch success rates.

OCEN: contextual credit at the network layer

OCEN is the least-understood layer, partly because it is the newest and partly because it has no consumer-facing moment. Its job: standardise the interaction between a Loan Service Provider (an entity with customer context, such as a GST filing platform, an ONDC seller app, or a payroll tool) and a regulated lender (a bank or NBFC).

The LSP presents a borrower. OCEN carries the credit offer and acceptance messages. The lender underwrites and disburses. Crucially, the LSP does not need a lending licence: it surfaces the borrower in context and passes them to a regulated entity. The platform becomes a distribution channel, not a lender.

In 2025, OCEN enabled approximately 70,000 loans worth Rs 1,600 crore. These numbers are small relative to UPI or AA. OCEN is genuinely early infrastructure. The friction point today is finding a regulated lending partner who has already integrated the OCEN protocol.

Where the five layers connect, and where they don't yet

The DPI advantage is composability. A fully digital lending journey in 2026 can chain all five layers: Aadhaar eKYC verifies the borrower's identity; Account Aggregator pulls 12 months of bank statements and ITR data under consent; OCEN carries the credit offer from lender to the borrower's context; UPI handles disbursement and mandate-based repayment; DigiLocker holds the signed loan agreement if eSign is used. Three years ago, assembling this required months of bilateral integration work with each institution. Today the protocol surface is standardised.

Three gaps remain worth noting. ONDC and OCEN are not yet formally connected: a seller's ONDC transaction history is a natural creditworthiness signal, but the data flow from ONDC buyer apps to OCEN loan service providers is not standardised. GST-return-based and bank-statement-based credit decisions are easier today than ONDC-GMV-based ones.

Aadhaar face authentication is most useful in low-literacy, low-connectivity settings, exactly where the financial inclusion upside is largest, but device quality variance and connectivity gaps mean coverage is uneven. And FIP depth in Account Aggregator remains a constraint for rural and cooperative-bank customers that urban-focused FIP lists do not yet reach.

None of these are design failures. They are integration problems, and the rate at which both UPI and Account Aggregator went from pilot to mainstream within four years gives a reasonable forward curve for the layers that are still maturing.