For most of the last decade, India’s digital public infrastructure was a domestic story: a way to move money, prove identity, and exchange documents at population scale. That story is now going abroad. Where countries once bought finished payment systems and identity products from foreign vendors, India is offering something different — the architecture itself. The framing matters. New Delhi is not selling a closed product; it is sharing a blueprint and the consulting muscle to localise it. For Indian startups, this opens a genuinely new export surface. For policymakers and citizens, it raises questions the country has not fully answered at home.
What DPI actually is
Digital public infrastructure, or DPI, is best understood as a set of foundational rails rather than a single app. In India’s case it rests on three interoperable layers. The first is identity — a verifiable, digital way to confirm who someone is, anchored by Aadhaar. The second is payments — a real-time, account-to-account system, embodied by the Unified Payments Interface (UPI), that lets money move between any two participants regardless of which bank or app they use. The third is data exchange — consent-based mechanisms that let individuals share verified documents and financial information with providers they choose.
What makes these rails distinctive is that they are open and interoperable by design, and they operate at population scale. As of March 2026, India had generated more than 144 crore Aadhaar numbers, according to IBEF, and roughly 85.5% of households own a smartphone. That combination — near-universal identity plus widespread connectivity — is the base that makes India a credible reference model. The argument India makes to other governments is simple: build the plumbing as a public good, set common standards, and let private players compete on top. The state defines the protocol; the market builds the products.
The export story
The export of DPI is happening through diplomacy and licensing rather than conventional software sales. As of February 2026, India had signed memoranda of understanding or cooperation agreements with 24 countries on India Stack and DPI collaboration, per figures from PIB and IBEF. UPI itself is now live in eight or more countries, including the UAE, Singapore, Bhutan, Nepal, Sri Lanka, France, Mauritius, and Qatar. Each deployment looks slightly different — some are merchant-acceptance arrangements for Indian travellers, others are deeper integrations into a host country’s own payment landscape.
The institutional machinery behind this is worth naming. NPCI International Payments Limited (NIPL), the global arm of the body that runs UPI, handles the work of taking the payment rails abroad — sometimes by enabling acceptance, sometimes by helping a country stand up its own UPI-like system. On the identity side, MOSIP — the Modular Open Source Identity Platform, developed in India — has been adopted by several governments looking to build foundational ID systems without locking themselves into a single vendor. The model is explicitly architecture-sharing: countries adopt open standards and reference code, then localise and govern the systems themselves, often with Indian consulting and licensing support layered on top.
This is a meaningfully different posture from the export playbooks of other large economies. Rather than exporting a platform that creates dependency, India is exporting a method. That framing has soft-power value — it positions India as a partner to the Global South rather than a vendor — and it sidesteps some of the geopolitical resistance that closed, foreign-controlled systems attract.
Opportunity for startups
For Indian startups, the export of DPI changes the size of the addressable market. The original promise of India Stack was that founders could build on top of shared rails instead of reconstructing identity verification, payments, and consent flows from scratch. That promise now extends beyond India’s borders. A company that has built lending, insurance, or onboarding tools on top of Indian rails has a head start when a partner country adopts a compatible stack, because the underlying grammar is familiar.
The most immediate opportunity sits in cross-border payments and remittances. India is one of the world’s largest recipients of remittances, and UPI’s expansion into corridors like the UAE, Singapore, and Nepal points toward cheaper, faster money movement that has historically been dominated by high-fee intermediaries. Startups that can sit in these corridors — handling compliance, foreign-exchange conversion, merchant acceptance, and reconciliation — have a clear runway. Beyond payments, there is room for firms offering fraud detection, consent management, identity verification, and the integration services that newly adopting governments will need.
- Corridor-specific fintech: remittance, merchant acceptance, and FX tooling along live UPI corridors.
- Integration and consulting: helping host countries and their banks plug into rails they have just adopted.
- Compliance and risk infrastructure: fraud, KYC, and consent layers that travel across markets.
- Vertical apps: lending, insurance, and benefits products built on interoperable identity and data-exchange layers.
The caution here is that opportunity is not the same as advantage. Familiarity with the rails helps, but each market brings its own regulation, language, and trust dynamics. Founders who treat foreign DPI deployments as a copy-paste of the Indian market will find the localisation harder than the demo suggested.
The hard questions
The export narrative is compelling, but it travels with unresolved problems — and exporting a system also means exporting its blind spots. The first is privacy. India’s data protection regime, the Digital Personal Data Protection Act, was passed but its operational rules and enforcement architecture have lagged the deployment of the very systems that generate sensitive data. When a country adopts Indian-origin rails, it inherits design assumptions about consent and data flows that were built before a mature privacy framework was fully in force at home. Promoting architecture-sharing while the domestic guardrails remain incomplete is a tension that deserves honest scrutiny rather than diplomatic gloss.
The second is governance. DPI works because it concentrates critical functions into shared rails — but that concentration is also a single point of failure and a question of accountability. Who governs the standards once they are deployed across two dozen countries? What recourse does a citizen in a partner country have when a system built on Indian-origin code fails them, or excludes them? The open-source framing helps, because it means countries are not locked into a vendor, but it does not by itself answer questions about oversight, audit, and redress.
The third is exclusion. Population-scale systems that work for the majority can quietly fail the people at the margins — those whose biometrics do not read cleanly, who lack reliable connectivity, or who fall outside the categories the system was designed for. India’s own experience with Aadhaar-linked benefits has shown how authentication failures can translate into denied entitlements. Exporting the architecture without exporting the lessons about exclusion would repeat avoidable harm.
None of this argues against the export project. DPI as a public good is a genuinely better model than vendor lock-in, and India has earned the right to make the pitch. But the credibility of that pitch depends on India treating privacy, governance, and inclusion as first-class design requirements rather than afterthoughts to be patched later. The architecture India is sharing will outlive the headlines about the latest MoU. The honest test is whether the rails being exported are not just open and interoperable, but trustworthy — at home first, and then abroad.
