Telcos warn on OTP disruptions as Trai's new traceability rules begin Nov 1

Trai's new mandate, set to take effect on November 1, would require traceability of messages sent by principal entities, including banks, e-commerce platforms, and financial institutions

Don't want to miss the best from Business Standard?

Telecom operators have raised concerns over disruptions in delivering essential transactional and service messages following a new directive from the Telecom Regulatory Authority of India (Trai), according to a report by The Economic Times. 

 

The mandate, set to take effect on November 1, would require traceability of messages sent by principal entities (PEs), including banks, e-commerce platforms, and financial institutions.

 

In August, Trai instructed telecom operators to ensure that messages sent by PEs are traceable. If the entire chain of telemarketers involved in the message transmission is not defined or does not match the expected sequence, such messages should be rejected. This new regulation implies that messages with undefined chains will be blocked and not delivered to customers.

 

Telcos warn of risk of non-delivery of OTPs

 

Telecom companies are warning that essential messages, such as one-time passwords (OTPs) and other critical communications, may not reach customers. This is because many telemarketers and PEs have not yet implemented the necessary technical solutions to comply with the new mandate.

 

Telecom companies warn that essential messages, like one-time passwords (OTPs), may not reach customers due to non-compliance with the new mandate by telemarketers and PEs.

 

According to industry data, around 1.5-1.7 billion commercial messages are sent daily in India. The failure to deliver these messages could cause widespread disruption if the new rules lead to blocking or delays.

 

Request for deadline extension

 

Telcos have informed the regulator that, while their systems are ready to comply with the new regulations by November 1, many telemarketers and PEs need additional time to complete the necessary technical updates. As a result, PEs are seeking a two-month extension to finalise their preparations.

 

Telecom companies are pushing for a phased implementation, proposing that the new rules be enforced in ‘logger mode’ from November 1. This would mean that traffic would not be blocked even in cases of hash mismatches or unregistered chains, allowing for minimal disruption while corrective measures are taken. Telcos have committed to transitioning to full ‘blocking mode’ by December 1.

 

Telcos pledge swift compliance

 

To reduce potential disruptions, telcos have promised to send daily reports to telemarketers and PEs, detailing any issues so that corrective actions can be implemented promptly. This approach aims to ensure minimal impact on messaging traffic during the transition.

 

This is the second time the telecom sector has sought an extension for meeting Trai’s requirements regarding commercial messages. Earlier, Trai extended the deadline for whitelisting messages containing URLs, OTT links, and similar content from September to October 1, following requests from telcos for more time to upgrade their systems. Since the extension, most PEs and telemarketers have complied, and the system is functioning smoothly.

 

How does whitelisting work?

 

Under the whitelisting system, entities sending commercial messages must submit all relevant information, such as URLs and callback numbers, to telecom operators. This data is then fed into the operators’ blockchain-based distributed ledger technology (DLT) platforms. Messages are only delivered if the information matches; otherwise, they are blocked.

 

Trai has introduced several initiatives to prevent the misuse of message headers and content templates, aiming to create a more secure and efficient telecom environment. The regulator began urging telcos to implement the whitelisting mechanism in May 2023.

 

Starting October 1, Trai required telcos to ensure that only whitelisted URLs, APKs, OTT links, and callback numbers were included in message templates, with compliance reports to be submitted within 45 days.