India has implemented a mandatory SIM-binding requirement for messaging applications, including WhatsApp, Telegram, Signal, Snapchat, and others.
The Department of Telecommunications issued a directive on November 28 requiring all app-based communication services to ensure that users maintain an active SIM card in their devices to access messaging features.
Under the new rules, messaging platforms must comply within 90 days by ensuring services only function when an active SIM is present.
New SIM-Binding Rule
Additionally, web versions of these applications must automatically log users out every 6 hours, requiring them to re-authenticate via QR code.
All service providers must submit compliance reports to the Telecom Department within 120 days. Non-compliance attracts penalties under the Telecommunications Act, 2023, and related cybersecurity regulations.
The government justified this measure by citing escalating losses from digital fraud, which reached Rs 22,800 crore in 2024.
Officials argue that continuous SIM linkage will restore traceability to accounts used in phishing schemes, investment scams, digital arrest fraud, and predatory loan operations.
By anchoring every active account to a KYC-verified SIM, authorities claim they can effectively track.
Prevent cross-border digital crimes that exploit the current system, in which messaging apps continue to function after SIM removal or deactivation. The directive has sparked divided responses among industry stakeholders.
The Cellular Operators Association of India (COAI), which represents major telecom providers such as Reliance Jio, Bharti Airtel, and Vodafone Idea, strongly supports the measure.
COAI argues that continuous SIM linkage ensures complete accountability and closes persistent security gaps that have enabled Privacy and misuse of communication platforms.
However, the Broadband India Forum (BIF), representing technology giants including Meta and Google, expressed serious concerns about the directive.
BIF argues that the requirements extend beyond the mandate of telecommunications regulations and create significant jurisdictional, consumer impact, and operational risks.
According to the reports, the government has urged them to pause implementation timelines and conduct wider stakeholder consultations before proceeding.
The ruling applies to all messaging applications operating in India and affects millions of users. The government clarified that the directive does not impact users who maintain active SIM cards in their devices while roaming internationally.
Service providers now face a critical 90-day window to redesign their authentication systems and comply with these evolving regulations.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
