Source The Indian Express
New Delhi — In a major regulatory move, the Department of Telecommunications (DoT) has directed that all major online messaging platforms in India must link user access to the physical SIM card used during registration — a process known as SIM binding.
Under the new guidelines, communicated to services such as WhatsApp, Telegram, Signal, Snapchat, ShareChat, JioChat, Arattai, and Josh, user accounts must remain continuously tied to the same SIM card. If the SIM is removed, deactivated or replaced, access to the platform must be blocked.
Additionally, for web-based or multi-device versions (for example, “WhatsApp Web” or desktop clients), the platforms must force an automatic logout at least every six hours, requiring users to re-authenticate via QR code.
Why this step?
DoT says the measure aims to strengthen cybersecurity and curb misuse — especially instances where messaging apps are used from abroad, or without the registered SIM, to carry out fraudulent activities. The government believes enforcing a constant SIM-device binding will make it easier to trace misuse and hold wrongdoers accountable.
The new rules stem from the recently notified Telecommunication Cybersecurity Amendment Rules, 2025, which places several over-the-top (OTT) communication apps under a regulatory framework similar to telecom operators by defining them as Telecommunication Identifier User Entitys (TIUEs).
Compliance timeline
Messaging platforms have been given a window of 90 days to implement continuous SIM-to-device binding. They are also required to submit a compliance report to DoT within the next four months.
What it means for users
For everyday users, especially frequent travelers or those using multiple devices, this could introduce new friction. Experts say someone traveling abroad with a foreign SIM — or those who often use messaging apps on desktop without their phone — may find it difficult to continue using these services.
Critics also point out that many scammers exploit SIM cards registered using fake or mule identities, which SIM binding alone may not prevent.
