SaaS / Cloud-Native
Hosted by eMudhra on managed cloud infrastructure. Auto-scaling, elastic, per-API billing. Fastest time to first verification.
Best for
- Enterprises & fintechs
- Start-ups validating product-market fit
- Programmes with no residency hard-stop
Private Cloud / GovCloud
Deployed in the customer's cloud account — AWS, Azure, GCP, or national cloud — and managed by eMudhra. Data plane stays inside the customer's perimeter.
Best for
- Banks & large NBFCs
- Government agencies on national cloud
- Programmes with strict residency rules
On-Premise / Air-Gapped
Full installation in the customer's own data centre with no external network calls. Source code escrow, key custody, audit-witnessed deployment.
Best for
- Defence & intelligence services
- Sovereign national ID programmes
- Classified environments
Hybrid Patterns
Most National Programmes End Up Mixed
Sovereign enrollment with cloud-scale authentication is a common pattern for national ID. Local data, global access — carefully partitioned.
Enrollment On-Prem, Authentication via Cloud
Biometric enrollment and the ID repository stay inside the country. Authentication services scale via cloud to handle peak service-delivery loads.
Data Residency Per-Module
Some modules (biometric templates) stay residency-locked; others (anonymised analytics, partner-management UI) ride a managed control plane.
Multi-Tenant CSP
Cloud service providers offering IDPaaS to downstream customers — tenant isolation, downstream billing, white-label.
Residency & Compliance
Country-Specific Data Localisation, Out of the Box
Each deployment maps to the applicable data-protection regime. Residency configuration is per-component, not just an account-level setting.
DPDP
India
Digital Personal Data Protection Act — consent, processing-purpose, retention.
GDPR
EU
Data subject rights, lawful basis, cross-border transfer mechanisms.
PDPL
Saudi Arabia
Personal Data Protection Law — data localisation requirements honoured.
POPIA
South Africa
Protection of Personal Information Act — processing oversight, consent records.
Upgrade Path
Start Light. Grow Sovereign.
Many programmes begin with managed SaaS APIs to validate the use case and iterate quickly. As volumes grow and regulatory scrutiny tightens, the same workloads migrate into private cloud and eventually on-premise — without rewriting the integration.
That deployment continuum is by design. The contract layer is stable across topologies; only the operations posture changes.
