New Delhi, Nov 29 : The Government of India has introduced a new cybersecurity regulation requiring messaging apps such as WhatsApp, Telegram, Signal, Snapchat, ShareChat, JioChat, and Josh to function only when linked to an active SIM card inserted in the device. The directive was issued by the Department of Telecommunications (DoT) on November 28 as part of efforts to curb rising cyber fraud and ensure secure digital communication.
According to the order, service providers offering app-based communication platforms in India must submit compliance reports within 120 days. Failure to follow the guidelines may result in legal action under the Telecommunications Act, 2023, the Telecom Cyber Security Rules, and other applicable laws.
The regulation addresses concerns that certain messaging applications allow users to continue accessing services even when the SIM used during registration is inactive or removed. Authorities noted that this loophole is being exploited from outside India to commit online fraud and other cybercrimes.
As per the new rule, apps must remain linked to the SIM card associated with the registered mobile number. If the SIM becomes inactive, removed, or used in another device, the user should no longer be able to access the messaging service. Additionally, any web-based version of such apps must automatically log out users at least once every six hours, requiring reauthentication through a QR code.
The DoT stated that the move is necessary to protect the integrity of India’s telecom network and strengthen cybersecurity safeguards. The directive takes effect immediately and will remain valid until amended or withdrawn.
