A registered drone in India still cannot legally take off without an approved NPNT permission artefact. The rule applies to most commercial operations under the Drone Rules 2021. It covers agriculture, infrastructure inspection, surveying, logistics, and industrial drone missions.

Since July 2025, India’s drone governance system has operated through two connected platforms. eGCA now manages registration and certification workflows. DigitalSky handles flight permissions, airspace validation, and NPNT enforcement.

The split changed operational workflows across the country. Commercial operators had to adjust registration, approval, and mission-planning processes under the new structure. The change also clarified how India plans to expand civilian drone operations while keeping airspace access controlled. (Ministry of Civil Aviation, 25 August 2021)

Separating registration from flight control

India launched the DigitalSky platform in 2018 under the Ministry of Civil Aviation. The same year, the Directorate General of Civil Aviation released the first Civil Aviation Requirements for remotely piloted aircraft systems. Those rules formally introduced the No Permission No Takeoff (NPNT) architecture in India. The framework was later formalised and expanded under the Drone Rules 2021. (DGCA Civil Aviation Requirements, 27 August 2018)

Before 2025, DigitalSky handled almost every civilian drone workflow inside one platform. Registration, pilot certification, mission approvals, and airspace permissions all ran through the same system. That changed after DGCA migration notices issued between July 3 and July 15, 2025.

The government moved drone regulatory form workflows from DigitalSky into eGCA. The migration covered Form D-1 for fresh Type Certificate applications, Forms D-2 and D-3 for UIN issuance and transfer, and Form D-4 for Remote Pilot Certificate generation. DigitalSky kept operational airspace functions such as flight permissions, the national airspace map, and NPNT enforcement.

The table below summarises how the two platforms now divide responsibilities.

Platform

Primary function

Operational role

eGCA

Registration and certification

Type Certificate (D-1), UIN issuance and transfer (D-2, D-3), RPC issuance (D-4)

DigitalSky

Flight permissions and airspace access

NPNT approval, zone validation, Permission Artefact issuance, flight log verification

DGCA Airspace Map

Airspace classification

Green, Yellow, and Red zone enforcement

The split matters because operators now use two systems during one mission cycle. A commercial pilot flying a DJI Agras spraying mission must validate registration and pilot records in eGCA first. Only then can they request flight approval inside DigitalSky.

The change also reflects scale. India crossed more than 35,000 registered drones by late 2025. Agricultural spraying, mining surveys, infrastructure inspection, and industrial mapping all expanded nationwide. (DGCA India, December 2025)

Building the NPNT enforcement layer

The DigitalSky NPNT architecture is India's firmware-linked drone permission framework. The system prevents a compliant drone from arming without a digitally signed approval. That approval must be linked to a valid mission request.

The approval is called a Permission Artefact (PA). DigitalSky generates the artefact after a mission request passes zone, altitude, timing, and operator checks. The drone validates that artefact before takeoff.

Enforcement operates across multiple layers. The platform first performs airspace classification and permission validation. The aircraft firmware then checks whether the mission parameters match the approved flight profile. After the mission ends, the signed flight log uploads back to DigitalSky for compliance verification.

The onboard enforcement component is called the Registered Flight Module (RFM). DGCA guidance documents describe three main RFM functions:

  • Registration validation: confirms the drone is registered and identified.
  • Permission-to-fly check: verifies the Permission Artefact matches the mission profile.
  • Flight log signing: produces a tamper-proof log after the flight.

If the Permission Artefact does not match the approved location, altitude, or time window, the aircraft does not arm.

The framework also defines two security levels. Level 0 stores security keys in software on the companion computer. Level 1 adds chip-level hardware security using FPGA-supported protection mechanisms. The distinction matters for enterprise operators and government procurement teams evaluating firmware integrity standards.

India's first DigitalSky-enabled NPNT flight took place in 2020 using Asteria Aerospace's A200 micro drone. That flight was the proof-of-concept for the firmware-level enforcement model now applied across the commercial fleet.

Most public-facing articles describe NPNT as a simple online approval system. In practice, the architecture combines platform-level permissions with firmware-level enforcement inside the aircraft itself.

Managing permissions through DigitalSky

DigitalSky acts as the operational gatekeeper for most civilian drone flights in India. Operators submit mission requests through the platform before every compliant commercial operation.

The DigitalSky NPNT permission workflow follows a clear sequence:

  1. The operator logs into DigitalSky and selects a registered drone with a valid UIN.
  2. The mission area is plotted on the airspace map.
  3. The platform checks whether the location falls inside a Green, Yellow, or Red zone.
  4. The operator submits altitude, mission timing, and operational purpose details.
  5. DigitalSky validates pilot credentials and aircraft compliance records.
  6. Approved flights receive a digitally signed Permission Artefact.
  7. The artefact loads into the drone before takeoff.
  8. The onboard RFM validates the artefact during arming.
  9. After landing, the signed flight log uploads back to DigitalSky for verification.

If the mission profile falls outside the approved location, altitude, or time window, the drone remains locked. The post-flight log step closes the compliance loop between approval and execution.

Green Zone operations below permitted altitude limits may receive near-instant approval. Yellow Zone operations require additional coordination with air traffic authorities. Red Zone operations stay restricted unless government agencies issue special clearance.

Most civilian drone operations remain capped at 120 metres or 400 feet AGL under current Indian drone rules. (Drone Amendment Rules, 2022)

Managing airspace through zone enforcement

NPNT enforcement changes depending on the airspace category attached to the mission location. Green, Yellow, and Red zones each behave differently inside the system.

Green Zones support the fastest approval workflows. They sit outside controlled or sensitive airspace regions. Operators conducting agricultural spraying or corridor inspections can automate large parts of their planning cycle.

Yellow Zones operate differently. These areas require additional coordination with air traffic authorities before approval is issued. Operators near airports or controlled aviation corridors often face longer processing timelines.

Red Zones stay restricted by default. Missions inside these areas need government-level authorisation. They may involve strategic infrastructure, military facilities, border regions, or high-security locations.

This layered structure explains why NPNT operates as more than a registration system. The framework links airspace classification directly with aircraft firmware restrictions. A compliant drone cannot legally arm without matching the approved operational envelope generated through DigitalSky.

Expanding operational compliance

Most commercial drone fleets in India now require NPNT compliance. That includes agricultural spraying drones, industrial inspection platforms, mapping UAVs, and infrastructure-monitoring systems. Survey firms, utilities, and government contractors all operate inside this framework.

The requirement affects aircraft from DJI, ideaForge, Garuda Aerospace, Marut Drones, and Asteria Aerospace. Most commercial platforms fall inside the Micro or Small drone categories under Indian rules. Those categories require UIN registration, pilot certification, and NPNT-linked permissions for legal operations.

The DJI question matters because operators search for it frequently. DJI stated earlier that it did not intend to redesign global firmware specifically around India's NPNT architecture. That position affected legal deployment pathways for several imported commercial drone models. It also accelerated demand for Indian-manufactured NPNT-compliant systems across agriculture, inspection, and government procurement programmes.

Indian manufacturers increasingly market aircraft built around DGCA compliance requirements. The shift became more visible after India tightened drone import restrictions. Domestic manufacturing incentives under the Production Linked Incentive scheme also expanded the local market. (Ministry of Civil Aviation, 30 September 2021)

Limitations still exist inside the current framework. BVLOS operations continue under controlled experimental programmes rather than nationwide automated approvals. Night operations remain restricted in many environments. Foreign recreational operators face additional barriers because DigitalSky workflows rely on Indian identity-linked verification systems.

India's policy direction stays consistent. Controlled integration comes before unrestricted scaling.

Extending enforcement under the Civil Drone Bill framework

India's proposed Civil Drone (Promotion and Regulation) Bill, 2025 expands the enforcement framework around unauthorised drone operations and NPNT bypass attempts. The draft bill was released for public consultation on September 16, 2025.

The proposed framework introduces graded penalties for violations. First offences may include fines up to ₹50,000 or imprisonment extending to three months. Repeat offences may increase to fines up to ₹1 lakh and imprisonment extending to six months. Certain violations linked to unlawful or high-risk drone activity may carry imprisonment terms extending to three years.

The draft also proposes stronger seizure and detention powers for authorities investigating suspected violations. Legal analyses cite detention periods ranging between three and seven days, depending on how enforcement provisions are interpreted.

The bill signals tighter coordination between civil aviation authorities, law enforcement agencies, and defence organisations. That matters because drone enforcement increasingly overlaps with counter-UAS concerns. Airports, strategic infrastructure, border regions, and government facilities all sit inside this scope.

Commercial operators should expect tighter audit requirements over the next several years. Firmware integrity, permission records, and signed flight-log verification will all face closer scrutiny. Procurement teams buying enterprise drone fleets will likely treat NPNT compliance as a baseline operational requirement rather than an optional feature.

At Kodainya, we view NPNT not as a compliance hurdle but as the architectural decision that lets India scale drone operations without surrendering airspace control. The next regulatory phase will deepen that bet, not retreat from it.