India has mandated an active SIM linkage for messaging apps like WhatsApp, Telegram and Signal to work on a device in the coming days, with the government asserting that 'SIM binding' is essential to plug security gaps cybercriminals exploit to perpetrate large-scale, often cross-border, digital fraud.
The missive has, however, polarised stakeholders, with mobile operators under COAI coming out in its support, while digital platforms under the aegis of Broadband India Forum (BIF) expressing "serious concerns" around overreach and calling for a pause in implementation of timelines.
Here is a snapshot of what the directive says, and the reactions it has drawn from players:
DoT's November 28 Directive
Messaging platforms have to ensure, within 90 days, that services will only work if an active SIM is in the user's device. Also, within 90 days, any web version of the app must automatically log users out at least once every six hours; users can then sign in again by re-linking the device using a QR code.
All players providing app-based communication services in India have been asked to submit compliance reports to the Telecom Department within 120 days from the issue of the directions. The department has warned that failure to comply with the directives will attract action under the Telecommunications Act, 2023, the Telecom Cyber Security Rules, and other applicable laws.
At present, these app-based communication services link to a subscriber's mobile SIM card during initial installation and verification. These applications then continue to function even if the SIM is removed, replaced or deactivated.
Messaging Apps Affected
The move impacts users of various messaging apps, including WhatsApp, Telegram, Signal, Arattai, Snapchat, Sharechat, Jiochat, and Josh, in India.
Government's Rationale For 'SIM Binding'
The government says the requirement of an active SIM for using messaging apps is "essential" to plug a concrete security gap that cybercriminals are exploiting to run large-scale, often cross-border, digital frauds.
With cyber-fraud losses topping Rs 22,800 crore in 2024 alone, continuous SIM linkage and periodic logout would ensure that every active account and web session is anchored to a live, KYC-verified SIM, restoring traceability of numbers used in phishing, investment, digital arrest and loan scams.
The Centre has clarified that direction does not affect cases where the SIM is present in the handset, and the user is on roaming.
What telcos say Industry body COAI - whose members include Reliance Jio, Bharti Airtel and Vodafone Idea - asserts that the directive will bolster national security and safeguard citizens.
It argues that continuous linkage ensures complete accountability and traceability for any activity undertaken by the SIM card and its associated communication app.
It will close "long-persistent gaps that have enabled anonymity and misuse", COAI has said, pledging commitment to supporting seamless implementation of the directives.
Concerns Flagged By BIF
Another industry fraction, Broadband India Forum (BIF), which represents major technology firms like Meta, Google, and others, says directions raise significant questions of jurisdiction, consumer impact, and risk, creating obligations that extend far beyond the mandate of the Telecom Act or the purpose of the Telecom Cyber Security Rules.
BIF has urged the Centre to pause the implementation of timelines and hold stakeholder consultations on the SIM-binding issue.
(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)
