Will Repliant deploy on MeghRaj, or on our department's on-prem infrastructure if required?
Both. Repliant deploys on MeghRaj via MeitY-empanelled CSPs, on community-cloud arrangements your state already holds, or on department-owned on-prem infrastructure — including air-gapped configurations for security-classified workloads. The choice sits with the department's IT secretary and CISO, not with us. We bring the deployment artefacts, the runbook, and the on-prem hardening guide; your team owns the environment.
How does Repliant handle Aadhaar authentication and consent under the DPDP Act 2023? Where is the consent artefact stored, and who can audit it?
Aadhaar authentication runs through your department's existing AUA/KUA arrangement — we do not become an AUA on your behalf. The consent capture, the purpose statement, and the TTL are part of the agent's policy contract and are written into a signed, immutable consent ledger. The ledger sits in your data residency; your privacy officer, your CISO, and (where applicable) the Data Protection Board's designated officer have direct query access. The citizen's right to withdraw consent and the right to access their own data are wired to the same record.
What is your STQC certification status, and which audit cycle are you currently in?
Repliant's platform is engineered against the STQC software-security and quality benchmarks, and we share the current cycle status, the auditor, and any open findings under NDA during security review. We will not state a specific cycle number on a public page; that is the kind of claim that should be verified inside your security-review process, not absorbed from a marketing page.
If a CERT-In incident occurs in a system Repliant is part of, what is your reporting workflow, and what is your contractual SLA on the six-hour window?
A named SPOC on Repliant's side notifies a named SPOC on the department's side within one hour of detection, with a structured incident report that contains everything needed to file with CERT-In well inside the six-hour window mandated under the April 2022 CERT-In Directions. Our standard SLA is contractually shorter than the regulatory window so the department has time for its own internal review. Post-incident, we participate in the joint root-cause and the regulator-facing brief; we do not disappear after the report is filed.
How do you handle code-mixed speech — a citizen who alternates Hindi and English in the same sentence, or a Tamil-English mix in Chennai?
The agent does not flinch at a mid-sentence switch — Hinglish, Tanglish, Banglish are handled as natural register, not as edge cases. Response language follows the citizen's lead: if the citizen drifts into English, the agent follows; if they shift back into Tamil, the agent shifts back. We do not force a citizen to choose one language at the start of the call and stay in it. That request is the original sin of most government IVRs.
Can Repliant operate in a strict on-prem, air-gapped deployment for security-classified workloads?
Yes — with stated trade-offs. The platform ships as a deployable artefact that runs in your isolated environment; model updates, language packs, and policy bundles are delivered on a controlled physical-media or signed-transfer cadence agreed with your security team. Latency, telemetry, and update frequency look different from a MeghRaj deployment, and the operating runbook reflects that. We do not pretend an air-gapped deployment is the same product.
What is your policy on call recordings and transcripts — retention, access, and deletion under a data principal request?
Recordings and transcripts are stored under your KMS, in your residency, with retention configured per the department's record-management policy and the DPDP Act 2023 obligations. PII is redacted before model invocation; the raw audio remains under the department's control. A data principal's right to access and right to erasure under DPDP are honoured through the same workflow your department uses for its existing data-subject requests — we do not stand up a parallel queue.
We have a long tail of legacy state systems on Oracle Forms and on a mainframe. How do you integrate without a multi-crore middleware project?
Repliant integrates against SOAP, flat-file drops, scheduled batch reconciliation, and signed gateway patterns where the modern API does not yet exist. For Oracle-Forms-class systems, we use a read-only integration pattern that does not require schema changes and that keeps the department's authoritative record exactly where it is. We have shipped against state revenue systems older than the Right to Information Act. None of this requires a middleware overhaul as a prerequisite to the first call landing.
What stops the agent from hallucinating a wrong scheme eligibility rule or a wrong tax demand amount?
The agent quotes only from your scheme guidelines, your demand register, your beneficiary database and your nodal-officer directory — never from training data. Eligibility rules are evaluated against the department's authoritative configuration; if the rule is not present, the agent says so and routes to a human officer. Tax-demand amounts are read from the issuing system; the agent does not compute liability, does not interpret a section, and does not offer a waiver. Where the agent does not have a deterministic answer, it tells the citizen so — plainly, in their language — and books a callback with the right human.
Can our empanelled SI — TCS, Wipro, Infosys, HCL, LTIMindtree or NIC — implement and maintain this, or are we locked into Repliant's services team?
Your SI can. The platform ships with documented APIs, SDKs, deployment artefacts, an SI-facing runbook and a hardening guide. Repliant's role is to support the SI's engineers during build and the department's operations team during run; we do not require a Repliant engineer permanently embedded on site for the deployment to succeed. We have done knowledge-transfer engagements with each of the major SIs and with NIC implementation teams, and we are comfortable participating in a tender as the technology partner under an SI's prime.