India's Identity Security Platform

Sovereign identity security,
built for how India actually works

e91 ISP secures access for government agencies, BFSI institutions, and critical-infrastructure enterprises — on-premises, in the cloud, or fully air-gapped. Plug into your existing identity provider. Ship in weeks, not years.

Request a demo See how it works
Designed for DPDP · RBI CSCRF · CERT-In · MeitY
The identity problem in India

Global vendors weren't built for how Indian enterprises operate

Most identity tools on the market were built for companies that live entirely in the cloud, store data wherever it's cheapest, and update authentication on a SaaS vendor's schedule. Indian reality is different.

PROBLEM 01

Data residency isn't a preference, it's a mandate

DPDP, RBI, and sector regulators require identity data to stay in India. Most global identity vendors can't guarantee that — and when they can, it costs a premium and still leaves audit gaps.

PROBLEM 02

Rip-and-replace is a 12-month risk

Global vendors want you to migrate away from Azure AD, Active Directory, or LDAP onto their platform. That's an 18-month project with board-level risk. Most CIOs simply can't commit to that timeline.

PROBLEM 03

Defense and critical infra can't use SaaS at all

Air-gapped networks — defense installations, SCADA environments, classified systems — can't phone home to a vendor's cloud. Most identity products structurally can't operate there. The gap stays open.

Why e91 ISP

Four architectural choices that change the math

We didn't build another MFA tool. We built an identity security platform designed from day one for sovereign, regulated, complex environments.

Sovereign by design

Every byte of identity data stays in India. DPDP, RBI CSCRF, SEBI, IRDAI, CERT-In compliance is baked into the product, not bolted on afterward. Your audit evidence is always one click away.

DPDP · RBI · CERT-In ready

Deploy anywhere

Cloud, on-premises, or fully air-gapped. The only identity platform that serves both a fintech startup on AWS and a defense installation with zero internet connectivity — using the same code and the same operating model.

Cloud · On-prem · Air-gap

Plug in, don't replace

e91 ISP works with what you already have — Azure AD, Okta, on-prem AD, LDAP. No rip-and-replace migration, no directory consolidation project. Deploy in weeks, not quarters, and keep your IdP of record intact.

IdP-agnostic

Post-quantum ready

NIST FIPS 203, 204, and 205 alignment via a pluggable crypto layer. When RBI, CERT-In, or NCIIPC mandates post-quantum cryptography in the next 2–3 years, you flip a config flag. Competitors start an 18-month migration.

ML-KEM · ML-DSA · SLH-DSA
The product suite

One platform, an expanding identity security stack

Today we ship a government-grade MFA platform. Over the next 36 months, the same foundation powers SSO, Privileged Access, Governance, and Zero Trust — all on one unified audit log.

Shipping today

e91 ISP · Multi-Factor Authentication Platform

Eight token types, four KMS backends, tamper-proof audit logs, and the most flexible deployment model in the market. Built for Indian regulated environments.

TOTP FIDO2 / passkeys Push + number matching RADIUS delegation HOTP hardware tokens Self-service enrollment 500 req/sec per node 99.9% uptime
On the platform roadmap
Single Sign-On
SAML 2.0 + OIDC bundled with the MFA platform. One login across every enterprise app.
Next 6 months
Privileged Access
Session recording, credential vaulting, just-in-time elevation for admins.
12 months
Identity Governance
Access reviews, joiner-mover-leaver workflows, audit-ready certifications.
18 months
Zero Trust Access
Next-generation VPN replacement tied to identity, device, and real-time risk.
24 months
Built for real environments

Who e91 ISP serves

We focus on three segments where our architectural choices create material advantage — and where the cost of getting identity wrong is existential.

Segment 01

Banking, financial services & insurance

Banks, NBFCs, insurers, and asset managers under RBI, SEBI, and IRDAI oversight.

  • RBI CSCRF compliance evidence in one console
  • MFA coverage across legacy banking apps that don't speak SAML
  • Audit log that passes forensic integrity checks
  • Deploy inside existing Azure AD / AD environments
Segment 02

Government & defense

Central and state government, PSUs, defense establishments, critical research institutions.

  • Full air-gap deployment with on-site support
  • MeitY empanelment and STQC certification ready
  • Post-quantum cryptography architecture today
  • INR pricing, GEM portal procurement
Segment 03

Critical infrastructure

Power utilities, telecom, oil & gas, railway, healthcare, manufacturing under NCIIPC and CERT-In oversight.

  • Works with legacy SCADA and OT environments
  • RADIUS delegation for VPN and network equipment
  • CERT-In aligned logging and incident workflows
  • High-availability design for 24×7 operations
How it works

Three steps from signed contract to production

No migration project. No displacement risk. e91 ISP slots alongside your existing identity stack.

1

Connect to your IdP

e91 ISP plugs into Azure AD, Okta, Active Directory, or LDAP via our standard connectors. Your directory stays the source of truth — we add the second factor and the audit layer.

2

Roll out MFA by cohort

Start with one cohort — typically privileged users or a specific application — and expand. Self-service enrollment, 8 token types, deployment in cloud, on-prem, or air-gapped.

3

Produce audit evidence

Every authentication event hits a tamper-proof, chain-hashed audit log. Export DPDP-, RBI-, CERT-In-ready evidence in minutes, not weeks.

Standards & compliance

Audit-ready out of the box

Pre-mapped to the frameworks your regulators actually ask about.

DPDP
Digital Personal Data Protection Act
RBI CSCRF
Cybersecurity framework
SEBI
Cybersecurity circular
IRDAI
Information security guidelines
CERT-In
Incident reporting directives
NIST 800-63B
Digital identity guidelines
ISO 27001
Information security controls
FIDO2
W3C WebAuthn Level 2
For system integrators & resellers

The Indian identity product your cybersecurity practice has been missing

A Made-in-India identity platform with enterprise-grade architecture, competitive margins, and a growing roadmap. Built for your customer base, priced for your market, supported by a team down the street.

01

Partner-led margins

Significantly higher than global OEMs. Deal registration protection, MDF support, and clear commercial terms.

02

Sell what your clients want

Made-in-India, MeitY-empanelled, air-gap-capable identity security. Every RFP you respond to gets a cleaner answer.

03

Joint GTM & enablement

Technical certification for your delivery teams, joint pipeline planning, named SE support, and co-marketing funds.

Become a partner

Let's talk about your identity security stack

A 30-minute conversation is usually enough to understand whether e91 ISP fits your environment. No slide deck. No pressure. Just a straight answer.

Request a demo Partner inquiries