SDG 9: Industry, Innovation, and Infrastructure | SDG 16: Peace, Justice and Strong Institutions
Institutions: Ministry of Communications | Department of Telecommunications (DoT)
The Department of Telecommunications (DoT) has issued uniform, enforceable directions to major App-Based Communication Services (like WhatsApp, Telegram, Signal, and others) to safeguard the integrity of the telecom ecosystem and combat surging cyber fraud. This mandate follows the classification of these platforms as Telecommunication Identifier User Entities (TIUEs) under the Telecommunication Cybersecurity Amendment Rules, 2025. The government justifies the move by citing cyber-fraud losses exceeding ₹22,800 crore in 2024 alone.
The directions, which platforms must comply with within 90 days, mandate:
Continuous SIM Binding: The app service must be continuously linked to the specific, active SIM card associated with the mobile number used for registration, making it impossible to use the app if the SIM is removed, deactivated, or moved abroad.
Periodic Web Logout: The web service instance of the mobile app must be logged out periodically (not later than six hours), requiring users to re-link the device using a QR code for re-authentication.
SIM binding is a security mechanism that links a user’s digital identity on a messaging or authentication service directly and continuously to the physical Subscriber Identity Module (SIM) card installed in the device. It prevents misuse by ensuring that the application session is permanently anchored to a live, KYC-verified SIM, thereby restoring traceability and preventing remote hijacking or anonymous scams. The DoT states this is a proportionate measure essential to plug a “concrete security gap” exploited by cybercriminals for large-scale, often cross-border, digital frauds and impersonation scams. Compliance reports must be submitted within 120 days.
Policy Relevance
This mandate represents an institutional expansion of regulatory oversight, classifying major messaging platforms as TIUEs and bringing them under telecom-level security obligations. The continuous SIM binding and automatic logout rules establish a verifiable identity layer, critically bolstering national cyber security, ensuring traceability of digital communications, and strengthening consumer trust in India’s digital financial ecosystem.
Relevant Question for Policy Stakeholders: How will the DoT address the industry and consumer concerns regarding service disruption for legitimate use cases, such as international travelers and users of secondary devices (tablets/PCs), without compromising the intended cyber security gains?
Follow the full news here: DOT’s directions for SIM binding for prevention of misuse of telecommunication identifiers for ensuring telecom cyber security