New Delhi: The Indian government has directed all major messaging applications to remain continuously linked to an active SIM card, introducing a stricter compliance framework aimed at reducing cyber fraud. The Department of Telecommunications (DoT) issued the order on 28 November, requiring platforms such as WhatsApp, Telegram, Signal and other app-based communication services to implement the mandate within 120 days.
The directive, issued under the Telecommunications Act, 2023, addresses a key vulnerability that allows users to operate messaging apps without the SIM associated with their registered mobile number. According to the DoT, this gap has been used from outside India to conduct cyber fraud using domestic mobile identifiers, creating significant challenges for telecom security.
The new rules require apps to disable functionality if the associated SIM is inactive or absent from the device. Web-based access faces additional restrictions, with mandatory logout every six hours and re-authentication through a QR code. All covered platforms must submit compliance reports within the specified timeline or face action under the Act.
While the mandate applies to platforms using Indian mobile numbers for user identification, it remains unclear whether the same restrictions apply to registrations using foreign numbers, an area cybersecurity analysts say could influence the directive’s effectiveness.
Discussion about this post