Government Gives WhatsApp, Telegram 90 Days to Enforce SIM Binding
The Department of Telecommunications (DoT) has issued a 90-day ultimatum to major messaging apps, including WhatsApp, Telegram, Signal, and Snapchat. They must implement “SIM binding,” a rule that will block app access if the original registered SIM card is removed from the device. The mandate, effective from February 2026, also forces web versions to log users out every six hours for fresh QR code authentication.
Key Takeaways
- New Rule: Messaging apps must stop working if the registered SIM card is removed.
- Deadline: Platforms have 90 days to comply; rules take effect in February 2026.
- Web Impact: WhatsApp Web and similar services will log users out every 6 hours.
- Goal: Government aims to curb cyber fraud by closing a loophole exploited by scammers.
- Pushback: Industry bodies call the rules “problematic” and an “overreach.”
What is SIM Binding and How Will It Work?
SIM binding requires apps to continuously check that the registered SIM card is active and physically present in the device. Currently, apps verify a user’s mobile number only once during setup. After that, the app functions independently, even if the SIM is swapped out or deactivated.
Under the new Telecommunication Cybersecurity Amendment Rules 2025, messaging platforms are now classified as Telecommunication Identifier User Entities (TIUEs). This significantly expands the DoT’s regulatory power beyond telecom operators to any service using mobile numbers for identification.
The Cellular Operators Association of India (COAI) supports the move, stating the current one-time verification system is prone to misuse.
Potential Disruption for Legitimate Users
While targeting fraud, the rule may cause major inconvenience for regular users:
- Travelers: People abroad using local SIMs may lose access to their Indian messaging accounts.
- Multi-Device Users: Those using apps on tablets or multiple devices could face constant disruptions.
- Professional Workflows: The 6-hour web logout mandate may hamper productivity for those relying on WhatsApp Web on office computers.
Implementing this change will be a massive technical challenge, especially for WhatsApp, which has over 500 million users in India.
Industry Pushback and Feasibility Concerns
Industry sources have labeled the directive “problematic,” citing a lack of prior consultation or feasibility study. Critics doubt its effectiveness, as many fraudsters already use SIMs obtained with fake or stolen IDs.
The Internet and Mobile Association of India (IAMAI), which represents Meta and other tech firms, has called the amended rules a “clear overreach” with wide implications for fintech, e-commerce, and social media sectors.
Messaging platforms must comply by early 2026 or face potential regulatory action from the Indian government.
