top of page
Search

India Mandates Linking Messaging Apps to Active SIM Cards to Combat Fraud

  • Dec 3, 2025
  • 1 min read

Key Findings


  • India's Department of Telecommunications (DoT) has ordered messaging apps to work only with active SIM cards linked to users' phone numbers to prevent fraud and misuse.

  • The amendment to the 2024 Telecom Cyber Security Rules aims to curb fraudulent activities such as phishing, scams, and cyber fraud by preventing the misuse of telecom identifiers.

  • Messaging apps have 90 days to implement the changes and 120 days to report compliance.


Background


  • The DoT has observed that some app-based communication services allow users to consume their services without having the underlying SIM card in the device, which is being misused to commit cyber-frauds, especially from operating outside the country.

  • This security gap has been exploited for large-scale, cross-border fraud, where accounts stay active even after a SIM is removed, deactivated, or taken abroad, making it difficult to trace and take down the activities.


SIM-Binding and Periodic Logout Requirements


  • Mandatory SIM-device binding and periodic logouts (every 6 hours for web sessions) tie every account and web session to a live, KYC-verified SIM, improving traceability in phishing, digital arrest, loan and investment scams.

  • Frequent re-authentication forces criminals to repeatedly prove control of the device/SIM, raising friction and detectability.

  • The rule doesn't affect users roaming with their SIMs.


Objectives and Impact


  • The measure aims to curb the misuse of telecom identifiers for fraudulent activities and restore trust in digital transactions.

  • Similar device-binding practices used in banking are now extended to communication apps heavily abused in cyber fraud.

  • With cyber-fraud losses topping ₹22,800 crore in 2024, these Telecom Cyber Security measures are an attempt to address the issue.


Sources


  • https://securityaffairs.com/185265/laws-and-regulations/india-mandates-sim-linked-messaging-apps-to-fight-rising-fraud.html

  • https://thehackernews.com/2025/12/india-orders-messaging-apps-to-work.html

  • https://malware.news/t/india-orders-messaging-apps-to-work-only-with-active-sim-cards-to-prevent-fraud-and-misuse/102214

Recent Posts

See All
Defeating AI with AI

Key Findings Generative AI and agentic AI are increasingly used by threat actors to conduct faster and more targeted attacks. One capability that AI improves for threat actors is the ability to profil

 
 
 

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page