Vishwasa-Antarkriyashilata: Trust and Interoperability

The Philosophy Behind Open Architecture

When a Google Pay user pays a PhonePe merchant, two competitors' apps work seamlessly together. This isn't an accident, it's the result of deliberate design choices rooted in ancient principles of trust and openness. This lesson explores how *vishwasa* (trust) and *antarkriyashilata* (interoperability) became the philosophical foundations of UPI, why NPCI chose openness over control, and what temples that served as trusted third parties can teach us about designing systems where rivals cooperate.

Two Rivals, One Transaction

A split scene of an instant UPI transfer between Priya and her father

March 2024, 8:47 AM. Priya opens Google Pay on her iPhone to pay for her morning coffee at a small café in Indiranagar, Bangalore. The café owner, Ramesh, has a PhonePe QR code displayed at his counter, not Google Pay.

Priya doesn't hesitate. She scans the PhonePe QR code with her Google Pay app. Within two seconds, ₹180 moves from her HDFC account to Ramesh's ICICI account. She receives a confirmation; Ramesh hears a 'PhonePe!' notification. Transaction complete.

Neither Priya nor Ramesh thinks this is remarkable. But pause and consider what just happened:

In America, this transaction would be impossible. You cannot pay from Venmo to Cash App. You cannot pay from Apple Pay to Google Pay. American payment apps are walled gardens, deliberately incompatible to lock in users.

India chose differently. And that choice, encoded in UPI's architecture, reflects a philosophy older than fintech, older than banking itself: the principle that trust enables openness, and openness creates value for all.

The Temple as Trusted Third Party

A medieval temple courtyard witnessing a merchant agreement

To understand UPI's trust architecture, we must visit an unlikely source: ancient Indian temples.

In medieval India, temples were not just religious centers, they were commercial infrastructure. The great temples of Tirupati, Thanjavur, and Srirangam served as neutral spaces where merchants from rival communities could transact safely. The temple's sanctity provided something precious: trusted third-party verification.

A merchant from Gujarat and a merchant from Tamil Nadu might not trust each other. But both trusted the temple. So they would deposit goods or money with temple authorities, who would verify, hold, and release based on agreed terms. The temple was the original escrow service.

देवालये विश्वासः सर्वेषां, तत्र वाणिज्यं निर्भयम्

Devālaye viśvāsaḥ sarveṣāṃ, tatra vāṇijyaṃ nirbhayam

"In the temple, all have trust; there, commerce is without fear."

This principle, that a trusted neutral party enables transactions between parties who don't trust each other, is exactly what NPCI provides for UPI. Google doesn't trust PhonePe. PhonePe doesn't trust Google. But both trust NPCI, and that shared trust enables interoperability.

The temple model had another crucial feature: non-extraction. Temples facilitated commerce but didn't seek to dominate it. They earned through donations and offerings, not by taxing every transaction. NPCI operates similarly, a non-profit that facilitates without extracting.

The Architecture of Trust: How UPI Works

UPI's interoperability isn't magic, it's careful architecture. Understanding the technical design reveals the trust philosophy embedded within.

Layer 1: The Rails (NPCI)

At the foundation, NPCI operates the payment rails, the infrastructure through which all UPI transactions flow. When Priya pays Ramesh:

  1. Google Pay sends a payment request to NPCI
  2. NPCI routes it to HDFC Bank (Priya's bank)
  3. HDFC debits Priya's account and confirms to NPCI
  4. NPCI routes the credit instruction to ICICI Bank (Ramesh's bank)
  5. ICICI credits Ramesh's account and confirms to NPCI
  6. NPCI notifies PhonePe, which notifies Ramesh

NPCI is the trusted intermediary that both apps and both banks trust. Without this neutral layer, Google Pay and PhonePe would need to negotiate direct trust relationships, which they would never do, being competitors.

Layer 2: The Apps (Third-Party Applications)

Above the rails, apps like Google Pay, PhonePe, and Paytm provide the user interface. They compete fiercely on design, features, and customer experience. But they all speak the same language, UPI's open protocol, which NPCI defines and enforces.

This is controlled openness: anyone can build on UPI (open), but they must follow NPCI's rules (controlled). The rules ensure interoperability, security, and fair play.

Layer 3: The Banks (Trust Anchors)

At the deepest level, banks hold actual money and provide the trust anchor. When Priya pays, it's ultimately her bank (HDFC) guaranteeing the payment. The app is just an interface; the bank is the institution backing the transaction.

This layered architecture distributes trust:

Each layer can focus on its role because it trusts the layer below.

Global Perspectives: Why Open Systems Are Rare

If interoperability creates so much value, why don't more countries build open payment systems?

Paul Graham, Y Combinator founder, observed: "The best way to predict the future is to understand incentives." In most markets, payment providers have no incentive to interoperate. Venmo's value comes from network effects, the more friends you have on Venmo, the more locked in you are. If Venmo interoperated with Cash App, users could leave easily. Closed systems create moats; open systems destroy them.

India's UPI worked because NPCI mandated interoperability. Apps couldn't opt out. Google Pay couldn't refuse to accept PhonePe QR codes. The regulatory mandate overrode commercial incentives for closure.

Tim Wu, Columbia law professor and author of "The Master Switch," argues that communications networks naturally tend toward monopoly unless regulators intervene. UPI is a case study in such intervention, RBI and NPCI actively preventing the winner-take-all dynamics that plague American payments.

China provides a contrasting model. Alipay and WeChat Pay dominate Chinese payments, but they are not interoperable. A merchant must have separate QR codes for each. The duopoly competes, but users are still locked in. India explicitly rejected this model, mandating that all UPI QR codes work with all UPI apps.

System Interoperability Governing Authority Result
India UPI Full (mandated) NPCI (non-profit) Universal access, fierce competition on UX
China Alipay/WeChat None Commercial (Alibaba/Tencent) Duopoly lock-in, limited competition
USA Venmo/Cash App None Commercial (PayPal/Block) Fragmented, users locked in
EU (attempted) Partial Fragmented regulators Struggling to achieve

NPCI officials reviewing WhatsApp Pay's India rollout

The WhatsApp Lesson: Even Giants Must Play by the Rules

The power of UPI's trust architecture was tested when the world's largest messaging app tried to enter Indian payments.

In 2018, WhatsApp (owned by Facebook/Meta) announced WhatsApp Pay for India. With 400+ million Indian users, WhatsApp seemed unstoppable. They could leverage their existing user base to dominate payments overnight.

But NPCI and RBI had other ideas. WhatsApp faced unprecedented regulatory scrutiny:

Data Localization: WhatsApp was required to store all payment data in India, not on Facebook's global servers. This took years to implement.

Interoperability Compliance: WhatsApp Pay had to be fully interoperable, a WhatsApp user must be able to pay any UPI merchant, and WhatsApp merchants must accept any UPI app. No walled garden allowed.

Gradual Rollout: Instead of launching to 400 million users, WhatsApp was limited to 20 million, then 40 million, with permission to expand only after demonstrating compliance.

Market Share Caps: In 2021, NPCI announced that no single app could process more than 30% of UPI transactions, a rule that would prevent WhatsApp (or anyone) from monopolizing the market.

WhatsApp finally launched widely in 2022, four years after their initial announcement. By then, PhonePe and Google Pay had cemented their positions. The world's most powerful messaging platform was forced to compete on a level playing field, following the same rules as everyone else.

विश्वासः नियमैः रक्षितः, बलवान् अपि नियमं मानयेत्

Viśvāsaḥ niyamaiḥ rakṣitaḥ, balavān api niyamaṃ mānayet

"Trust is protected by rules; even the powerful must honor the rules."

This principle, that institutional trust requires rule enforcement, even against powerful players, echoes ancient guild governance where even wealthy merchants were bound by guild rules.

The Dharmic Foundation: Vishwasa as System Design

UPI's architecture embodies a dharmic principle: vishwasa (trust) isn't just a feeling, it's infrastructure. Trust can be designed, built, and maintained through institutions.

The Arthashastra recognizes three types of trust:

  1. Svabhava-vishwasa (natural trust): Trust based on personal relationship, I trust my family
  2. Karana-vishwasa (instrumental trust): Trust based on incentives, I trust because betrayal is costly
  3. Vyavastha-vishwasa (institutional trust): Trust based on systems, I trust because institutions guarantee it

UPI operates primarily on vyavastha-vishwasa. Priya doesn't personally know Ramesh. She doesn't trust Google or PhonePe as companies. But she trusts the system, NPCI, RBI, the banking infrastructure, to ensure her payment reaches the right person.

व्यवस्था-विश्वासः वाणिज्यस्य मूलम्

Vyavasthā-viśvāsaḥ vāṇijyasya mūlam

"Institutional trust is the foundation of commerce."

This is precisely what medieval temples provided, and what UPI provides today. Personal trust doesn't scale; institutional trust does.

Modern Resonance: The 30% Rule and Market Balance

In late 2020, NPCI introduced a rule that would shape UPI's future: no single third-party app could process more than 30% of UPI transactions. At the time, PhonePe and Google Pay together handled over 80% of transactions.

The rule was controversial. PhonePe and Google Pay had earned their market share through better products and marketing. Why should they be penalized for success?

NPCI's reasoning reflected the trust architecture philosophy: concentration threatens interoperability. If one app dominates, it gains leverage to demand special treatment, resist rules, or eventually undermine openness. The temple model worked because no single merchant could dominate the temple; the 30% rule ensures no single app dominates UPI.

The rule also creates space for competition. New entrants like WhatsApp Pay, Amazon Pay, and bank-specific apps can compete knowing that incumbents can't lock up the entire market.

As of 2024, the rule is being implemented gradually, with PhonePe and Google Pay required to reduce their market share over time. Whether this succeeds, balancing innovation incentives with market diversity, remains an ongoing experiment.

Your Turn: Trust Architecture in Your Life

UPI's trust architecture offers principles applicable far beyond payments:

  1. Trusted Neutrals Enable Cooperation: When rivals need to cooperate, a neutral party (like the temple, like NPCI) can enable transactions that bilateral trust cannot.

  2. Rules Protect Trust: Open systems require rules that everyone, including the powerful, must follow. Without enforcement, openness degrades into winner-take-all.

  3. Institutional Trust Scales: Personal trust is limited to people you know; institutional trust extends to strangers through shared systems.

Consider your own contexts: What "temples" enable cooperation between rivals in your field? What rules protect openness and prevent monopolization? Where could institutional trust enable transactions that personal trust cannot?

The chaiwala accepting payment from a stranger via UPI participates in a trust architecture that medieval temple administrators would recognize. The technology is new; the principle is ancient.

In our next lesson, we'll explore India Stack, the broader ecosystem of digital public infrastructure that includes Aadhaar, UPI, and more. You'll see how India is building not just payment rails but an entire digital layer for the economy.

Economists like Oliver Williamson analyzed how 'asset specificity' creates hold-up problems, once you invest in a relationship, you're vulnerable to exploitation. Neutral intermediaries reduce this risk by providing credible enforcement. Western solutions typically involve legal contracts; Indian tradition added institutional intermediaries like temples.

India's tradition of institutional intermediaries, temples, guilds, panchayats, provided cultural templates for NPCI's role. The idea that a neutral body could enable transactions between rivals wasn't foreign; it was traditional. This cultural foundation made UPI's design feel natural rather than imposed.

UPI processes transactions between 300+ banks and 40+ apps, all of whom are competitors. This would be impossible without NPCI as neutral intermediary. The volume of cross-app, cross-bank transactions (the majority of all UPI transactions) demonstrates the power of trusted third-party architecture.

Game theory emphasizes that cooperation requires 'credible commitment', the assurance that defection will be punished. In most Western payment markets, powerful players (Visa, Google, Apple) effectively capture regulators, preventing rules that constrain them. India's relatively stronger regulatory stance against powerful players (see WhatsApp case) is unusual globally.

India's regulatory willingness to constrain powerful foreign companies, requiring data localization, mandating interoperability, imposing market share caps, created the conditions for genuine openness. This isn't anti-business; it's pro-competition. The rules that constrain WhatsApp also constrain PhonePe, creating a level playing field.

WhatsApp Pay's delay from 2018 to 2022 demonstrates rule enforcement against the world's largest messaging platform (owned by one of the world's most valuable companies). This sent a signal: the rules apply to everyone. That credibility is essential for trust architecture.

Key terms

Vishwasa
Trust, confidence, or faith, particularly the reliable expectation that commitments will be honored. In commercial context, the assurance that transactions will be completed as agreed.
Antarkriyashilata
Interoperability, the ability of different systems to work together, exchanging data and services seamlessly. In UPI context, the capability for any app to transact with any other app.
Vyavastha-Vishwasa
Institutional or systemic trust, confidence not in individuals but in systems, processes, and institutions that guarantee fair dealing.
Tatastha Madhyastha
Neutral intermediary, a party that facilitates transactions between others without favoring either side. Like a referee or arbiter who ensures fair play.

Key figures

The Temple Treasury Systems of South India

Created the institutional framework for trusted third-party verification in commerce. Merchants from different communities, regions, and castes could transact with confidence because the temple, respected by all, guaranteed fair dealing. This model of neutral, trusted intermediary enabling commerce between rivals directly prefigures NPCI's role in UPI.

Sameer Nigam

Demonstrated that building a massive business is possible within an interoperable ecosystem. PhonePe's success shows that competition on user experience can thrive even when underlying infrastructure is shared. Nigam has been vocal about supporting UPI's open architecture while competing aggressively on product quality.

Tim Wu

Provided the intellectual framework for understanding why open systems require regulatory intervention. His 'master switch' thesis argues that communication networks naturally tend toward monopoly unless actively prevented. UPI's mandated interoperability is a practical implementation of Wu's theoretical insights.

Case studies

WhatsApp Pay: When the World's Largest Messaging App Met Indian Regulations

In February 2018, WhatsApp, with 400+ million Indian users, announced pilot testing of WhatsApp Pay. The company, owned by Facebook (now Meta), saw an obvious opportunity: leverage existing user base to dominate Indian payments. With users already messaging each other daily, adding payments seemed trivial. Industry analysts predicted WhatsApp Pay would crush competitors within months of launch. But WhatsApp faced obstacles they hadn't anticipated: **Data Localization (2018-2019)**: RBI required all payment data to be stored in India, not on Facebook's global servers. WhatsApp argued this was technically unnecessary and costly. Regulators didn't budge. WhatsApp spent over a year rebuilding infrastructure. **Full Interoperability (2019-2020)**: NPCI required WhatsApp Pay to be fully interoperable from day one. WhatsApp couldn't launch a walled garden where only WhatsApp users could pay each other. Every WhatsApp Pay user had to be able to pay any UPI merchant, and vice versa. **Gradual Rollout (2020-2022)**: Instead of launching to all 400 million users, WhatsApp was limited to 20 million, then 40 million, with expansion contingent on demonstrated compliance. This gave competitors time to strengthen. **Market Share Caps (2021)**: NPCI announced that no app could process more than 30% of UPI transactions, a rule that would eventually constrain WhatsApp even if it succeeded. Meta pushed back through various channels, lobbying, legal challenges, international trade pressure. But Indian regulators held firm: these rules apply to everyone, including trillion-dollar companies.

The WhatsApp saga illustrates the principle that **trust architectures require enforcement against the powerful**. If Meta had been allowed to leverage its messaging dominance into payment dominance, the open UPI ecosystem would have been compromised. This reflects the Arthashastra's teaching on danda (enforcement): 'The scepter must fall equally on the mighty and the weak, or it is not justice but caprice.' Indian regulators' willingness to constrain the world's most powerful tech companies sent a message that rules are real. The delay also gave Indian competitors time to build, PhonePe and Google Pay (both operating under the same rules) established themselves before WhatsApp arrived. This wasn't protectionism; WhatsApp eventually launched and competes fairly. It was enforcement of a level playing field.

**Timeline**: WhatsApp Pay took 4 years from announcement (2018) to full launch (2022) **Market Position**: Despite 400+ million WhatsApp users, WhatsApp Pay has achieved only ~1-2% of UPI market share (as of 2024) **Competitive Landscape**: PhonePe and Google Pay remained dominant, with Paytm, Amazon Pay, and others holding significant positions **Precedent Set**: Demonstrated that even the world's most valuable companies must follow Indian rules WhatsApp Pay is now a functioning, fully interoperable UPI app. Meta's massive user base provides potential, but they compete on product quality, not lock-in. The open system worked, it absorbed a powerful new entrant without being captured by them.

Open systems can absorb powerful entrants if rules are enforced consistently. WhatsApp's experience shows that being big doesn't mean being exempt. The lesson for system designers: build enforcement mechanisms that can withstand pressure from the most powerful players, because they will test those mechanisms.

Big Tech's entry into financial services (Apple Pay, Google Pay, Amazon Pay) raises the same regulatory questions WhatsApp Pay faced in India. Should tech giants with billions of users get automatic access to payment infrastructure, or must they earn it through compliance? India's answer is becoming the global template.

Meta's market capitalization (approximately $1 trillion) is larger than India's entire banking sector. Yet Indian regulators successfully imposed conditions that delayed Meta's entry by 4 years. This is rare globally, most regulators defer to companies of this scale.

The 30% Market Share Cap: Balancing Success and Openness

By mid-2020, UPI had a concentration problem. PhonePe processed about 45% of transactions; Google Pay handled about 40%. Together, two apps, both backed by American companies (Walmart and Google), controlled 85% of India's most important payment system. NPCI faced a dilemma. PhonePe and Google Pay had earned their market share through better products, aggressive marketing, and cashback campaigns. Penalizing success seemed unfair and could discourage innovation. But concentration threatened the open architecture: - Dominant apps could pressure NPCI for special treatment - New entrants faced insurmountable network effects - If either app failed (security breach, corporate decision to exit), the system would be crippled In November 2020, NPCI announced the **30% market share cap**: no single third-party app could process more than 30% of UPI transactions. The rule would be implemented gradually, with a deadline (initially January 2023, later extended). Reactions were mixed: - **PhonePe and Google Pay** opposed the rule, arguing it punished success - **Competitors** (Paytm, Amazon Pay) supported it, seeing opportunity - **Consumer advocates** worried about service disruption if popular apps were capped - **Industry analysts** debated whether limiting successful products would reduce innovation

The 30% cap reflects a dharmic tension between **svadharma** (fulfilling one's own nature, i.e., companies competing to win) and **sarva-bhuta-hita** (welfare of all, i.e., maintaining an open ecosystem that serves everyone). Kautilya would recognize this as a *matsya-nyaya* (law of the fish, where big fish eat small) situation requiring state intervention. Left unchecked, market dynamics lead to monopoly; the state must prevent this to preserve commerce for all. The cap also reflects the **temple principle**: the temple served all merchants, not just the biggest. If one merchant dominated the temple's commercial space, others would leave, and the temple's role as neutral ground would be compromised. NPCI's cap prevents any single app from dominating UPI's 'neutral ground.'

**Implementation Status (2024)**: The deadline has been extended multiple times as NPCI works out implementation details **Market Shares (2024)**: PhonePe ~47%, Google Pay ~34%, Paytm ~9%, others ~10% **Ongoing Debate**: How to reduce shares without disrupting users remains unresolved **New Entrants**: WhatsApp Pay, Amazon Pay, and bank-specific apps continue to compete, potentially taking share from leaders The rule's ultimate impact remains uncertain. But its existence signals NPCI's commitment to preventing monopolization, even if implementation proves challenging. The principle is established; execution continues to evolve.

Maintaining open systems requires ongoing vigilance, not just initial design. Market dynamics naturally tend toward concentration; preserving openness requires active countermeasures. The 30% cap may be imperfect, but its existence reflects a commitment to the principle that no single player should dominate shared infrastructure.

The 30% market share cap debate foreshadows global discussions about platform concentration. The EU's Digital Markets Act, the US antitrust cases against Google and Apple, and India's UPI cap all grapple with the same question: how do you prevent open systems from becoming de facto monopolies?

If PhonePe and Google Pay were separate closed systems (like Venmo and Cash App in the US), their 85% combined share would mean 85% of users couldn't pay the other 15%. UPI's interoperability means all users can pay all merchants regardless of app, but concentration still risks ecosystem capture.

Historical context

9th Century CE to 2024

India's tradition of institutional intermediaries, temples, guilds, panchayats, provided cultural templates for understanding NPCI's role. The idea that neutral institutions could enable transactions between rivals wasn't imported from the West; it was indigenous. UPI's trust architecture draws on this heritage, even if designers weren't consciously referencing medieval temples.

Most countries' payment systems are either fragmented (US: Venmo, Cash App, Zelle don't interoperate) or duopolistic (China: Alipay and WeChat Pay dominate but don't interoperate). India's mandated interoperability creates a third model: open infrastructure with private competition on top. This model is now being studied for replication worldwide.

In 2024, approximately 70% of UPI transactions are 'cross-app', the payer uses a different app than the payee. This would be impossible without interoperability. In the US, such transactions literally cannot occur between competing apps.

Understanding vishwasa-antarkriyashilata, the deliberate architectural choice to build trust through openness, explains why UPI feels different from Western payment apps. It's not just technology; it's a philosophy of how financial infrastructure should work, rooted in ancient Indian models of trusted intermediaries.

Living traditions

The principles embedded in UPI, neutral intermediaries, enforced interoperability, institutional trust, are now India's export to the world. Countries from Singapore to France are studying India's model. The ancient temple principle, a trusted neutral space enabling commerce between rivals, is being implemented globally through digital infrastructure.

Reflection

More in UPI Revolution: Dharmic Finance Reborn

All lessons in UPI Revolution: Dharmic Finance Reborn · Banking & Finance Heritage of Bharat course