Govt gives smartphone makers 90 days to preload govt cyber security app

The Centre has reportedly asked phone makers to preload its Sanchar Saathi cyber safety app on all new devices within 90 days, and ensure users cannot delete it, as part of steps to curb phone fraud

Don't want to miss the best from Business Standard?

The Ministry of Communications has reportedly directed smartphone makers to pre-install a government-owned cyber security app on all new devices, and ensure users cannot delete it. The move, detailed in an order reviewed by Reuters, is expected to raise concerns for Apple and privacy advocates.

 

India, one of the world’s biggest phone markets with more than 1.2 billion subscribers, launched the Sanchar Saathi app in January. Government data shows the platform has helped recover over 700,000 lost phones, including 50,000 in October alone.

 

Major phone makers, including Apple, Samsung, Vivo, Oppo and Xiaomi, must comply with the new order.

 

90-day deadline for pre-installation

 

According to the report, the November 28 directive gives smartphone companies 90 days to ensure Sanchar Saathi is preloaded on all new phones, with no option for users to disable it. For devices already in the supply chain, manufacturers have been told to push the app through software updates. 

 

The order, sent privately to select companies, has not been made public.

 

The government says the step is crucial to counter “serious endangerment” to telecom cyber security caused by duplicate or spoofed IMEI numbers, which are often used for scams and illegal network use.   

 

Apple’s policy conflict

 

Apple, which previously resisted the regulator’s anti-spam app, now faces another challenge under this mandate.

 

Reuters quoted a source familiar with Apple’s policies saying the company pre-installs only its proprietary apps and “its internal policies prohibit installation of any government or third-party app before sale of a smartphone". 

 

Apple controls about 4.5 per cent of India’s 735 million smartphones, while almost all others run on Android, according to Counterpoint Research.

 

How the app works

 

Each handset carries a unique 14- to 17-digit IMEI number. It allows authorities to disable network access for stolen devices. Sanchar Saathi enables users to verify IMEI numbers, report suspicious calls, and block lost or stolen phones through a central portal.

 

The app has crossed 5 million downloads, helping block more than 3.7 million stolen or lost phones and terminate over 30 million fake connections.

 

DoT orders SIM-device binding for OTT apps

 

The Department of Telecommunications (DoT) has instructed over-the-top (OTT) communication apps to ensure their platforms remain continuously linked to the SIM card used during account creation. The order was sent on November 28 to apps including WhatsApp, Telegram, Signal, Arattai, Snapchat, ShareChat, JioChat and Josh.

 

The DoT’s AI and digital intelligence unit said this mandatory SIM-device binding is meant to prevent misuse of telecom identifiers, devices or networks and to strengthen cyber security.

 

Under the rule, a communication app cannot operate on a device if the SIM card used for registration is not present in that device.

 

Periodic logout for apps on multiple devices

 

For platforms that allow multi-device use, the DoT has ordered that companion devices must be logged out at least every six hours. Users can re-login using a QR code.

 

All telecom identifier user entities (TIUEs) --any company using phone numbers or SIMs to verify users -- must follow these directions and submit compliance reports within 120 days.