Optimizing DigiYatra for seamless travel while prioritizing security, transparency, and user control over personal data.

Personal Project

DigiYatra

Team & Role

Arnab Saha (Solo)
Interaction Designer

What i did

Research, Interaction Design,
UX Design and Interface Design

Duration

August 2024

01. Overview

DigiYatra is a biometric-based digital travel initiative by the Indian government that uses facial recognition technology (FRT) to verify a passenger’s identity at airports. It aims to provide a seamless, paperless, and contactless experience by linking a passenger’s boarding pass and ID with their facial biometrics. Once registered, travelers can move through airport checkpoints without showing physical documents, improving efficiency and reducing wait times.

02. Problem

"While DigiYatra offers seamless travel, users lack control over their data. There’s no independent oversight, raising concerns about government surveillance and misuse. Though data is claimed to be decentralized and auto-deleted, passengers have no transparency on access or security measures, making privacy protection unclear and potentially vulnerable."

01. No User Access to Stored Data
Users cannot view, edit, or delete their biometric data once submitted.
No option to track where and how their data is being used.

02. No Control Over Data Retention
While authorities claim data is deleted within 24 hours, users have no way to verify this.
No transparency on how long data is stored before deletion or if backups exist.

03. No Opt-Out or Revocation Option
Once registered, users cannot manually revoke their consent or remove their biometric profile.
The only way to avoid data collection is not using DigiYatra at all.

04. Unclear Data Sharing Policies
Users don’t know if their data is shared with airlines, security agencies, or third parties.
No control over whether their biometric information is used for purposes beyond airport verification.

05. No Independent Oversight for Protection
No regulatory body ensures data security or proper deletion.
p Users must trust government claims without third-party audits or accountability.

03. Secondary Research & Current App Walkthrough

I have conducted extensive research through various articles and online sources regarding privacy and data protection concerns related to DigiYatra. During my research, I came across a detailed and well-documented study by the Internet Freedom Foundation (IFF), which highlights key issues surrounding data collection, user consent, and potential risks of biometric surveillance.

01. Confusion Over Data Storage & Deletion
DigiYatra collects identity, contact details, biometric data, passwords, images, and videos when passengers use the app, kiosks, or e-gates. However, some of this data (like contact details or business information) isn't necessary for verifying a passenger’s identity through facial recognition.

02. No Opt-Out or Revocation Option
DigiYatra claims passenger data is only stored on their device and is deleted from airport systems within 24 hours after departure. But official policy suggests the airport operator (DYBBS) retains travel data for 30 days and can provide access to government authorities when needed. This contradiction raises concerns about how long data is actually stored and who can access it.

These are the current designs for the app.

It’s evident that users have no clear understanding of how their data is being handled. There is no transparency regarding where their data is being stored, how it will be used, or when it will be deleted.
Critical privacy-related information is either buried deep within the interface or entirely missing, leaving users uninformed and unable to make conscious decisions about their personal data. For a more ethical and user-centric design, these details should be clearly communicated in an accessible and intuitive manner.

04. Solution & Hi-Fi Privacy-First Design

I first focused on the onboarding screens, where users are most attentive, to ensure they fully understand privacy, data protection, and their control over personal information from the start. These screens clearly explain how the app works and how it can benefit them.

Onboarding screens provide users with all the essential information they need before giving their consent, ensuring transparency and informed decision-making.

During login, all terms and conditions, along with the privacy policy, are linked so users can review what they are agreeing to before signing up. These links are also easily accessible under the profile section for future reference. This approach ensures transparency and builds trust, allowing users to make informed decisions about their data.

To ensure that users have complete awareness and control over their data, I have incorporated small, easy-to-understand FAQ boxes throughout the app wherever necessary. These FAQs provide clear explanations about how their data is collected, stored, and used, ensuring that no critical information is hidden from them.

Left: The home page displays all upcoming travels, past travel history, and quick access to essential features for a seamless experience.
Right: The credentials screen presents the added credentials along with relevant options for managing and securing them.

Users have full control over their data, allowing them to decide what information they want to share and what they prefer to keep private. If they choose to delete any data, they can do so easily at any time, putting them in charge of their personal information. To further enhance transparency, timely notifications will inform users about how and where their data has been used.
For example, if their credentials are accessed for verification, the app will reflect this activity, allowing them to track past access and travel history.

Additionally, users have the ability to lock their credentials to prevent further use or delete them entirely if they no longer wish to keep them stored in the system. For those who decide to opt out of DigiYatra completely, a simple option to delete their entire profile along with all associated data will be available.

Redesign of Notifications & Profile Screens.

By making data usage fully transparent and giving users clear control over their personal information, I believe that more people will feel comfortable using the app. This level of trust and security encourages wider adoption, as users will no longer have concerns about how their data is being handled. When people feel in control, they are more likely to engage with the platform, explore its features, and use it confidently in their daily lives.

05. Key Takeaways & Future Possibilities

1. Clear information and privacy first design builds trust. I learned that when privacy concerns are addressed from the start, users feel more confident using the platform, leading to greater adoption and engagement.

2. Providing great features doesn’t guarantee a great experience. Seamless design, data transparency, and user control are key to making DigiYatra truly impactful.

Discover case studies

Developing a smart posture control and position reminder device.

Tallinn University Winter School Project

Creating a coach assistant app to streamline scheduling, optimize class management.

Game Theory

Designing a smooth and effortless process for discovering and booking apartments.

Kots World

Building a digital hub for the construction industry, from design inspiration to e-commerce.

Build Bazaar