Explainer: What Is The New SIM Binding Rule And How Does It Affect Users?
SIM binding is a system that allows a messaging app to function only when the SIM card used for registration is active and present in the user’s device.
The Department of Telecommunications has introduced a new rule to curb the surge in cyber fraud across India, requiring popular messaging apps, such as WhatsApp, Telegram, Snapchat, Signal, ShareChat, Josh, JioChat and others to implement mandatory SIM binding within the next 90 days.
Companion features, including WhatsApp Web, will also see changes. Web sessions will now log out automatically every six hours. According to an NDTV report, the government believes ‘SIM binding’ is necessary to address security loopholes exploited by cybercriminals.
What Is SIM Binding?
SIM binding requires a messaging app to function only when the phone contains the original SIM card used during sign-up. If the original SIM is removed, replaced or inactive, the app will just not work. The rule also mandates automatic logout of web-based sessions every six hours, after which users must re-link their devices through a QR code.
Why Is The Government Enforcing SIM Binding?
The government says an active SIM requirement is essential to fix a key vulnerability that fraudsters exploit to carry out large-scale, often cross-border, digital scams. With cyber-fraud losses crossing Rs 22,800 crore in 2024, authorities believe SIM verification and periodic logout will ensure every account and web session is tied to a live, KYC-verified SIM.
This measure, officials say, will restore traceability in cases involving phishing, investment scams, digital arrest frauds and loan app rackets. The Centre has clarified that users on roaming will not be affected, as long as the SIM remains in the device.
What Does The DoT’s Directive Require Apps To Do?
The Nov. 28 directive mandates that the messaging apps should comply with the new norms within 90 days, and services will only be available when an active SIM is present in the device. All platforms offering app-based communication in India must submit compliance reports within 120 days.
The DoT has warned that non-compliance could attract action under the Telecommunications Act, 2023, the Telecom Cyber Security Rules and other applicable laws. Currently, most messaging apps verify the SIM only during installation and continue to operate even if the SIM is later removed or deactivated, a practice the new rule aims to eliminate.
What Are Industry Bodies Saying?
Mobile operators represented by the Cellular Operators Association of India have welcomed the move, saying it strengthens national security and protects citizens. The industry body, whose members include Reliance Jio, Bharti Airtel and Vodafone Idea, says that continuous SIM linkage ensures accountability for all activity conducted through a communication app.
According to COAI, the new rules will close long-persistent gaps that have enabled anonymity and misuse, adding that it is committed to supporting smooth implementation.
What Concerns Has BIF Raised?
The Broadband India Forum, which represents technology companies such as Meta and Google, has expressed concerns over the directive. It says the rules raise questions around jurisdiction, consumer impact and risk, and place obligations that stretch beyond the Telecom Act and the purpose of the Telecom Cyber Security Rules.
The BIF has asked the government to pause implementation timelines and initiate stakeholder consultations on the SIM-binding requirement.
