Key Takeaways
- DoT withdraws republished cybersecurity rules published by mistake
- Original TCS Amendment Rules 2025 from October 22 remain in force
- New rules target telecom fraud, device security, and digital trust
The Department of Telecommunications has withdrawn a republished version of telecom cybersecurity rules that was mistakenly published in the official Gazette. The department clarified that the error involved publishing the wrong document for consultation purposes.
The original Telecommunication Cyber Security (TCS) Amendment Rules, 2025, notified on October 22, continue to remain in effect. “This error now stands rectified by the Department of Telecommunications through notification GSR 863 (E) dated 25.11.2025, which rescinds the unintended re-publication of TCS amendment Rules and this rescindment in no way invalidates the original amendment to TCS Rule that brought it into effect in the first place,” a DoT statement said.
Enhanced Cybersecurity Framework
The TCS rules address critical vulnerabilities emerging from telecom identifiers used across banking, e-commerce, and e-governance services. They aim to identify mobile numbers, devices, and telecom resources involved in fraudulent activities.
The amendment reinforces India’s commitment to secure, transparent telecom operations while bridging regulatory gaps and strengthening cyber resilience through collaborative mechanisms.
Mobile Number Validation Platform
The rules establish a Mobile Number Validation (MNV) platform to combat mule accounts and identity fraud from unverified mobile number linkages with financial services.
The MNV mechanism enables service providers to validate through a decentralized, privacy-compliant platform whether a mobile number genuinely belongs to the person whose credentials are on record, enhancing digital transaction trust.
Second-Hand Device Security
The rules address concerns about the growing second-hand device market, which has become a hotspot for blacklisted, stolen, or cloned phones. Genuine purchasers often face legal complications from such devices.
The amended rule requires resale and refurbished device entities to verify every device’s IMEI number through a centralized blacklisted IMEI database before resale, protecting consumers and assisting law enforcement.
Data Sharing Provisions
The rules mandate Telecom Identifier User Entities (TIUEs) like banks and e-commerce firms to share relevant telecom-identifier data with the government in specific regulated circumstances.
This move ensures greater traceability, accountability, and coordination in tackling telecom-linked cyber frauds while maintaining data protection compliance.
“Collectively, these amendments aim to safeguard India’s digital ecosystem against telecom-enabled frauds, strengthen device traceability, and ensure responsible use of telecom identifiers,” the statement said.
“The TCS Amendment Rules, 2025 mark a decisive step toward a resilient, interoperable, and future-ready telecom cyber security framework that balances innovation, privacy, and national security,” the statement added.
