
In a bid to enhance digital security due to increasing episodes of online fraud and mobile-related cybercrime, India has released two key directives. These new rules demand compliance from Over The Top (OTT) communication platforms and smartphone manufacturers.
The Department of Telecommunications (DoT) in India has instructed messaging platforms such as WhatsApp, Telegram, Snapchat, Signal, and Arattai to enable SIM binding within a 90-day timeframe. According to the Telecommunications (Telecom Cyber Security) Rules, 2024, these applications must remain connected to the mobile number and active SIM card of a user’s device. Moreover, web and desktop versions must log users out every six hours, requiring them to reauthenticate via QR code pairing. Non-compliance will result in penalties as stipulated by the Telecommunications Act.
This decision has been made in response to the increasing number of cyber fraud cases involving OTT apps accessed without the corresponding SIM or from foreign locations. Such situations allow for identity spoofing and misuse. This order has been issued following nearly a year of discussions between government officials and OTT companies.
Representatives of the industry have expressed concerns about the impacts on user experience and technical feasibility. They emphasized that not all platforms, particularly iOS, can consistently carry out SIM checks. They also warned about potential disruptions for legitimate uses, including eSIM and dual-SIM devices, international travel, small businesses relying on persistent desktop sessions, and elderly user accessibility. Companies are also unsure if SIM binding will effectively decrease fraud involving Indian SIM cards obtained through intermediaries.
On the same day, the telecom ministry of India issued another mandate for leading smartphone manufacturers including Apple, Samsung, Vivo, Oppo, and Xiaomi. They are required to preload the government’s Sanchar Saathi cyber safety app on all new devices sold in the country. Users will not have the option to delete or disable this app. Devices that are already in the supply chain must receive the app via software updates.
Sanchar Saathi, launched in January, allows users to block and track lost or stolen phones, verify device authenticity, and detect fraudulent mobile connections. Government data reveals that the app has assisted in the recovery of over 700,000 phones, including 50,000 in October alone, and has facilitated the blocking of over 3.7 million lost or stolen devices. Additionally, more than 30 million fraudulent mobile connections have been disconnected using its systems.
What is the purpose of the new directives issued by India’s Department of Telecommunications (DoT)?
The new directives aim to tighten digital security due to rising incidents of online fraud and cybercrime related to mobile devices. They introduce new compliance requirements for Over The Top (OTT) communication platforms and smartphone manufacturers.
What measures are messaging platforms expected to implement under these directives?
Messaging platforms such as WhatsApp, Telegram, Snapchat, Signal, and Arattai are required to implement SIM binding, which means these apps must remain linked to the user’s mobile number and active SIM card. Web and desktop versions of these apps must also log out users every six hours and require reauthentication through QR code pairing.
What is the Sanchar Saathi app and why are smartphone manufacturers required to preload it on new devices?
The Sanchar Saathi app is a cyber safety application launched by the Indian government. It allows users to block and track lost or stolen phones, check device authenticity, and identify fraudulent mobile connections. Smartphone manufacturers are required to preload this app on all new devices sold in India to enhance digital security.