India Cloud Telephony: TRAI Compliance and Setup Guide
Master TRAI compliance for cloud telephony in India, including DND registry rules, CLI regulations, and DPDPA requirements for scalable business calling operations.
India's Cloud Telephony Market: Scale and Opportunity
India represents one of the world's largest and most complex telecommunications markets, with over 1.2 billion mobile subscribers, approximately 30 million fixed-line connections, and a cloud telephony market growing at 18% CAGR. The country's business calling landscape is shaped by a unique combination of massive scale, stringent regulatory oversight, and rapid digital transformation driven by government initiatives like Digital India and the BharatNet broadband programme.
For enterprises operating in India — from IT/BPO companies in Bengaluru and Hyderabad to financial services firms in Mumbai and manufacturing companies in Gujarat — cloud telephony platforms have become essential for managing high-volume customer communications across a linguistically diverse, geographically vast market.
TRAI Regulatory Framework
The Telecom Regulatory Authority of India (TRAI) is the primary regulator for telecommunications in India, established under the TRAI Act 1997. The Department of Telecommunications (DoT), under the Ministry of Communications, handles licensing and spectrum allocation. Key regulatory instruments affecting business calling platforms include:
Licensing Requirements
- Unified Licence (UL): The primary licence for providing telecommunications services in India. UL holders can offer access services, internet services, and other telecom services across authorised service areas
- Unified Licence (Virtual Network Operator) — UL(VNO): Allows providers to offer telecom services using infrastructure owned by UL holders. Cloud telephony providers often operate under VNO arrangements
- Internet Service Provider (ISP) Licence: Required for providing internet access services, including internet telephony under specific conditions
- Other Service Provider (OSP) Licence: Previously required for BPO/call centre operations, the OSP licensing regime was significantly relaxed by DoT in November 2020, removing many compliance burdens for businesses operating contact centres
CLI and Calling Number Regulations
TRAI has implemented strict Calling Line Identification (CLI) regulations to combat spam and fraud:
- TRAI Direction on CLI (2018, amended 2024): All calls must present accurate CLI. Telecom Service Providers (TSPs) must verify that CLIs used by enterprise customers are allocated to them
- CLI Spoofing Prevention: TSPs must implement technical measures to detect and block calls with spoofed CLIs. Calls originating from Indian networks with international format CLIs (+91) may be blocked
- Allocated Number Verification: Enterprises using cloud telephony must use only numbers allocated to them through their TSP. Using unallocated or third-party numbers is prohibited
- 10-Digit Numbering Plan: India uses a closed 10-digit numbering plan. Mobile numbers start with 6, 7, 8, or 9. Landline numbers use 2-4 digit area codes followed by the subscriber number
TRAI Regulations on Unsolicited Commercial Communications (UCC)
India has one of the world's most comprehensive regulatory frameworks for controlling spam calls and messages. The Telecom Commercial Communications Customer Preference Regulations (TCCCPR) 2018, commonly known as the DND (Do Not Disturb) Regulations, establish a detailed framework:
DND Registry Categories
Consumers can register their numbers on the DND registry and select specific categories of communications they wish to block:
- Banking/Insurance/Financial Products
- Real Estate
- Education
- Health
- Consumer Goods and Automobiles
- Communication/Broadcasting/Entertainment/IT
- Tourism and Leisure
- Food and Beverages
Consumers can choose to block all categories (fully blocked) or select specific categories while remaining open to others (partially blocked).
Scrubbing Requirements
- All commercial communications (voice calls and SMS) must be "scrubbed" against the DND registry before delivery
- Scrubbing must be performed through TRAI-mandated Distributed Ledger Technology (DLT) platforms operated by TSPs (Jio DLT, Airtel DLT, Vodafone Idea DLT, BSNL DLT)
- Every promotional message template must be registered and approved on the DLT platform before use
- Headers (sender IDs for SMS, CLIs for voice) must be registered on the DLT platform
- Content templates must be pre-approved, and actual messages must match approved templates
Consent Management
- Explicit consent: Required for promotional communications to DND-registered numbers. Must be verifiable and recorded with timestamp
- Transactional communications: May be sent without consent but must be genuinely transactional (OTPs, order confirmations, account alerts) and must not contain promotional content
- Service communications: Related to an existing relationship but may include cross-sell content — subject to DND scrubbing
Penalties and Enforcement
- TSPs are required to disconnect senders found to be in violation
- Enterprises can be blacklisted from using commercial communication services
- Individuals found sending UCC in violation of regulations can face disconnection of all telecom services
- TRAI has directed TSPs to implement AI-based spam detection to complement the DLT framework
Digital Personal Data Protection Act (DPDPA) 2023
The Digital Personal Data Protection Act 2023 (DPDPA) is India's comprehensive data protection legislation, receiving presidential assent in August 2023. While the implementation rules are being phased in, businesses must prepare for compliance:
See AI Voice Agents Handle Real Calls
Book a free demo or calculate how much you can save with AI voice automation.
Key DPDPA Obligations for Calling Platforms
- Consent: Processing of personal data requires the consent of the Data Principal (individual). Consent must be free, specific, informed, unconditional, and unambiguous
- Purpose Limitation: Data may only be processed for the purpose for which consent was given. Call recordings collected for quality assurance may not be repurposed for marketing analytics without fresh consent
- Data Fiduciary Obligations: Businesses (Data Fiduciaries) must implement appropriate technical and organisational measures to protect personal data
- Data Localisation: The DPDPA allows cross-border data transfers except to countries specifically restricted by the Central Government. As of 2026, no restriction list has been notified, but businesses should monitor developments
- Data Principal Rights: Individuals have the right to access, correct, and erase their personal data. Businesses must have processes to locate and manage call recordings upon request
- Penalties: The DPDPA provides for penalties of up to INR 250 crore (approximately USD 30 million) for significant data breaches and non-compliance
Cloud Telephony Architecture for India
Given India's regulatory complexity, cloud telephony platforms serving the Indian market require specific architectural considerations:
DLT Integration
The platform must integrate with all major TSP DLT platforms:
| TSP | DLT Platform | Market Share |
|---|---|---|
| Jio | Vilpower (Jio DLT) | ~38% |
| Airtel | Airtel DLT Portal | ~32% |
| Vodafone Idea | Vi Business DLT | ~22% |
| BSNL | BSNL Smart DLT | ~8% |
All content templates, headers, and consent records must be registered on each DLT platform through which communications will be sent.
Multi-Language IVR
India has 22 official languages recognised by the Eighth Schedule of the Constitution. At minimum, business IVR systems should support:
- Hindi and English (pan-India coverage)
- Regional languages based on target markets: Tamil, Telugu, Kannada, Malayalam, Bengali, Marathi, Gujarati, Punjabi, Odia
- Intelligent language detection based on CLI area code or caller preference
Number Management
- Local geographic numbers for major cities (Mumbai 022, Delhi 011, Bengaluru 080, Chennai 044, Hyderabad 040, Kolkata 033)
- Toll-free 1800 numbers for inbound customer service
- 1860 numbers (shared cost) for customer service with nominal caller charges
- Virtual mobile numbers for SMS-based interactions
Cost Structure for India Cloud Telephony
| Component | Typical Cost Range |
|---|---|
| Inbound calls (toll-free 1800) | INR 1.50 - 3.00 per minute |
| Outbound calls (local) | INR 0.30 - 0.80 per minute |
| Outbound calls (mobile) | INR 0.50 - 1.20 per minute |
| DLT registration (per header) | INR 0 - 5,000 one-time |
| SMS (promotional, post-DLT) | INR 0.15 - 0.25 per message |
| SMS (transactional) | INR 0.10 - 0.18 per message |
| Cloud PBX per seat | INR 500 - 2,000 per month |
| Call recording storage | INR 2 - 5 per GB per month |
For high-volume operations common in India's BPO and financial services sectors, per-minute rates are often negotiated to significantly lower levels based on committed volumes.
CallSphere for India Operations
CallSphere's India deployment operates through partnerships with licensed UL and UL(VNO) holders, with full integration into the TRAI-mandated DLT ecosystem. The platform handles DLT template registration, DND scrubbing, and consent management as part of its core workflow — ensuring that businesses can focus on their calling operations without managing the regulatory complexity manually.
For enterprises operating pan-India contact centres, CallSphere provides multi-language IVR capability, local number provisioning across major cities, and real-time analytics dashboards that track DND compliance rates, scrubbing accuracy, and operational metrics at the agent and campaign level.
Implementation Roadmap for India
Phase 1: Regulatory Setup (Weeks 1-3)
- Register entity on all required DLT platforms (Jio, Airtel, Vi, BSNL)
- Register headers (CLIs for voice, sender IDs for SMS) on each DLT platform
- Submit and get approval for content templates on DLT platforms
- Establish consent collection and management processes
Phase 2: Technical Deployment (Weeks 3-6)
- Provision local and toll-free numbers through licensed TSP partners
- Configure IVR flows with multi-language support
- Integrate DND scrubbing into outbound dialling workflows
- Set up call recording with DPDPA-compliant consent and retention mechanisms
- Deploy CRM integrations (Salesforce, Zoho CRM, Freshsales — all popular in India)
Phase 3: Testing and Compliance Verification (Weeks 6-8)
- Test DLT scrubbing across all TSP platforms
- Verify CLI accuracy on outbound calls
- Test multi-language IVR flows with native speakers
- Conduct DPDPA compliance review of data handling processes
- Load test for expected concurrent call volumes
Phase 4: Operations and Optimisation (Ongoing)
- Monitor DND compliance rates and resolve scrubbing failures
- Track DLT template approval status and update templates as needed
- Analyse calling patterns to optimise time-of-day scheduling across Indian time zones (IST is uniform, but calling patterns vary by region)
- Review and optimise per-minute costs based on actual usage patterns
FAQ
Is VoIP legal in India?
Internet telephony is legal in India under specific conditions. VoIP services that connect to the PSTN must operate through licensed telecom operators (UL or UL(VNO) holders). Pure internet-to-internet calls (e.g., app-to-app) are generally permitted. The DoT has progressively liberalised internet telephony regulations, but PSTN connectivity remains restricted to licensed operators. Cloud telephony platforms that handle PSTN connectivity through licensed partners are fully legal.
How does DLT/DND scrubbing work in India?
Businesses must register on the DLT platforms of each TSP through which they send communications. All content templates and sender headers must be pre-registered and approved. Before making promotional calls or sending SMS, the call/message list must be scrubbed against the DND registry through the DLT platform. Numbers registered on the DND for the relevant category are automatically excluded. This process is mandatory and automated through the DLT infrastructure — manual scrubbing is not permitted.
What are the penalties for sending unsolicited commercial communications in India?
TRAI's regulations provide for a graduated penalty framework. First-time violations can result in warnings, while repeated violations lead to disconnection of the offending telecom resources (numbers, headers). Persistent violators can be blacklisted from commercial communications services for up to two years. TSPs are required to disconnect services within seven days of a confirmed violation. Additionally, DPDPA penalties of up to INR 250 crore may apply for data protection violations related to consent management.
Do I need OSP registration for a call centre in India?
The DoT significantly relaxed OSP regulations in November 2020. Businesses operating domestic call centres no longer need to register as Other Service Providers. However, businesses handling international calls on behalf of overseas clients (international BPO operations) still have specific compliance requirements, including restrictions on PSTN connectivity for international calls and data security obligations. The relaxed regime has significantly reduced the compliance burden for India's domestic cloud telephony market.
How does the DPDPA affect call recording in India?
Under the DPDPA, call recording constitutes processing of personal data and requires a lawful basis — typically consent. Businesses must inform callers before recording begins, state the purpose of recording, provide the ability to opt out where feasible, implement appropriate security measures, and honour data principal rights (access, correction, erasure). Retention periods must be defined and enforced. While implementation rules are still being finalised, businesses should build DPDPA compliance into their calling platforms now to avoid costly retrofitting.
CallSphere Team
Expert insights on AI voice agents and customer communication automation.
Try CallSphere AI Voice Agents
See how AI voice agents work for your industry. Live demo available -- no signup required.