In one of its strongest crackdowns on cyber fraud, the Department of Telecommunications (DoT) has ordered mandatory SIM-binding for messaging apps and compulsory installation of the Sanchar Saathi app on all mobile phones sold in India. The government says the twin moves will plug major loopholes exploited by scam networks. But the directives have also sparked a familiar debate on privacy and digital overreach.
Why SIM-Binding Has Become Non-Negotiable
India’s cyber fraud nightmare has grown steadily. Losses crossed ₹22,800 crore in 2024, with a large chunk linked to scams run from abroad using Indian mobile numbers. Messaging apps allow accounts to stay active even after the associated SIM is removed or used overseas — a loophole that lets criminals impersonate officials, run “digital arrest” rackets, or operate investment scams with little risk of detection.
Under the new rules, apps like WhatsApp, Telegram, Signal, Snapchat, ShareChat, Josh, Arattai and JioChat must:
- stay linked to the active SIM used during registration,
- block access if the SIM is not present in the device,
- force logout of web versions every six hours,
- allow only QR code–based relinking.
Companies have 90 days to put the system in place and another 30 days to file compliance reports.
Sanchar Saathi to Be Default on All Phones
The second directive makes Sanchar Saathi — the government’s telecom-security app — compulsory on all new smartphones. Manufacturers must ensure it appears during first-time setup and cannot be disabled. Even devices already in the supply chain are expected to get the app through software updates.
Sanchar Saathi lets users:
- check whether a handset’s IMEI is genuine,
- report fraud calls or suspicious numbers,
- see mobile connections issued in their name,
- flag lost or stolen phones.
With India’s huge second-hand phone market and growing incidents of cloned IMEI numbers, the government says the app is essential to prevent misuse of devices and protect buyers.
Supporters Say It’s Needed. Critics See Red Flags.
The new rules have predictable supporters and sceptics.
Those backing the move say SIM-binding is standard security practice in banking and UPI apps. They argue that criminals have exploited lax verification on messaging platforms for too long, and stronger checks are overdue.
Critics, however, warn of possible downsides:
- Continuous SIM-device linking could increase tracking of user behaviour.
- Mandatory pre-installed government apps reduce user choice.
- Frequent logout of web sessions may disrupt legitimate work.
- India still lacks a fully mature data-protection ecosystem.
The question many are asking: How much user data will be created by these new systems, and who can access it?
Impact on Users and Industry
For everyday users, the impact will be mixed. The rules could reduce online scams, especially those involving impersonation and remote access. But multi-device users — journalists, businesses, remote workers — may find repeated logout cycles inconvenient.
For platforms, the changes mean redesigning authentication flows and strengthening device-SIM checks. For phone manufacturers, the Sanchar Saathi requirement adds another compulsory pre-installation layer, at a time when bloatware is already a contentious issue.
The Bottom Line
The DoT’s latest moves underline how seriously the government views cyber fraud. With more Indians coming online and scam networks getting more sophisticated, policymakers see stricter controls as essential.
But the debate over privacy and digital autonomy is not going away. Stronger security is welcome, but it needs equally strong safeguards and clear checks on state access to user information.
Whether the new system improves safety without sliding into deeper surveillance will become clear only in the months ahead.
