In efforts to increase cybersecurity for its citizens, India’s telecom authorities have put forward a plan to make SIM binding mandatory: the policy where online communication services are bound to an active SIM card of a user. In simple words, WhatsApp, Telegram, and others will need to ensure that their apps will only function in cases when the original SIM for registration is present in the device. No more using your chat app over Wi-Fi with the SIM removed or swapped; the app would continuously verify that the registered SIM is inserted and active. The Department of Telecommunications (DoT) issued directions on November 28, 2025, giving messaging apps 90 days to implement this continuous SIM-linking and to enforce automatic logouts of web sessions every six hours. The measure, known as SIM binding, is touted as a first-of-its-kind globally, aimed at plugging security gaps in India’s digital communications.
Gaurav Bhagat, Founder, Gaurav Bhagat Academy
Background: Why the Push for SIM Binding Now?
The SIM binding proposal comes against a backdrop of rising SIM-related fraud and a policy drive for verified digital infrastructure. India has witnessed a sharp increase in cybercrimes leveraging mobile connections, from SIM swap scams to messaging-based phishing and impersonation schemes. In 2024 alone, cyber-fraud losses in India exceeded ₹22,800 crore, with many scams exploiting loopholes in how apps use phone numbers. Fraudsters often obtain SIMs through forged or stolen IDs and use them in schemes that evade detection. In fact, a nationwide crackdown in 2023–2025 found widespread misuse of identity documents to obtain multiple SIM cards that were then used for SIM swaps, OTP theft, and other scams. As a result, authorities blacklisted nearly 4 million SIM cards by mid-2025 and flagged millions more for re-verification under an initiative called Sanchar Saathi. This initiative, launched in 2023, uses AI-based tools (like the ASTR platform) to detect fake or redundant mobile connections and clean up the subscriber database.
Potential Benefits of SIM Binding
Proponents of mandatory SIM binding tout several benefits for India’s digital ecosystem. The most immediate benefit cited is a reduction in fraud and scams. For instance, a common WhatsApp scam involves criminals using the app on Wi-Fi with a deactivated SIM or using someone else’s WhatsApp via multi-device login; under SIM binding, these tricks would fail as the app would periodically check for the SIM’s presence and go offline if it’s missing. Another benefit is enhanced account security for users. Continuous SIM binding would automatically cut off services once a SIM is deactivated or removed, thus preventing scenarios where messages or one-time passwords inadvertently go to the wrong hands. Moreover, the policy could lead to a cleaner, more verified user base on communication apps. With SIM binding, every active account in India would be linked to a valid, KYC-compliant mobile number.
Technical Challenges in Implementation
One major hurdle is the device-SIM verification mechanism. Modern smartphone operating systems, such as Android and iOS, do not readily expose SIM identifiers like IMSI or the presence of a specific SIM to third-party apps for privacy reasons. Compatibility and edge cases pose another challenge. India’s mobile ecosystem is large and diverse: dual-SIM phones are common, eSIMs are coming into play, and users change their SIMs frequently either for better network coverage or better plans. The rule does not offer a comprehensive explanation on how these scenarios are handled. For example, if a user upgrades their SIM card, for example, exchanging a 4G SIM with a 5G one while retaining the same number, will the app consider it a “new SIM” and log out the user? How about when mobile number porting is utilized, where the SIM hardware changes to another carrier’s card? Such routine changes could inadvertently lock users out of their apps until they verify again, introducing friction. Under SIM binding, companion devices would be forced to log out every 6 hours unless re-verified via QR code, a clear inconvenience.
On the telecom side, backend readiness is a concern. Telecom companies support the idea, but they must likely provide APIs or verification channels to the OTT apps. Coordinating real-time verification for hundreds of millions of app logins or sessions is nontrivial. Telecom networks would see a surge in verification traffic, whether via SMS pings or API calls. While the operators have invested in modern AI-based KYC systems (as seen with Sanchar Saathi and ASTR), those were geared toward weeding out fake SIMs, not servicing continuous queries from external apps. If not architected properly, this could strain network resources or introduce new points of failure.
Implications for Users: Convenience vs. Security
For the everyday user, mandatory SIM binding will bring a mix of pros and cons and quite possibly some confusion during the transition. On the upside, if the policy works as expected, users may see a safer digital ecosystem with fewer scams. Knowing that every account is essentially linked to a verified number could also prevent harassment and abuse from random throwaway accounts on WhatsApp, theoretically making online interactions more accountable. But the drawback for convenience is significant. The most immediate effect will fall upon those who travel or use multiple SIMs. Today, you could travel abroad and continue using WhatsApp with your Indian number over Wi-Fi or a local SIM. Post-SIM binding, the very moment your Indian SIM is out of the phone, WhatsApp will cease to work. Unless you physically carry your original SIM and keep it active, incurring roaming costs or requiring a dual-SIM handset, you are at risk of losing access to your primary communication tool while overseas. This may well come as a shock to many diaspora or frequent travelers.
Critical Questions: Readiness and Preparedness
India is not ready for binding SIMs mandatorily by early 2026, with many big questions cropping up on infrastructure, industry preparedness, and public awareness. One is not sure if the full construction of the DoT’s Mobile Number Validation platform is complete or if it is capable of operating at a national scale, given the country’s history with large-tech rollouts. It is not clear what the integration pathways are for continuous SIM verification for OTT apps and telecom networks, while telcos face an operational burden and customer complaints once implementation starts. The OTT providers, like WhatsApp and Signal, have to meet the compliance requirement in a very narrow window of just about 90 days. This requires costly technical customization only for India, and that too makes timely implementation difficult to achieve.
Even if the systems are in place, their overall efficacy is still questionable. Public awareness remains low, and that means most of the users may be unprepared when the apps log out or any complication arises during travel. While SIM binding aims to reduce fraud, it does not effectively address the problem of identity misuse, since scammers usually rely on SIMs obtained through fake KYC, problems that binding alone cannot fix. The government has shown a willingness to change course, as witnessed by the rollback of mandatory Sanchar Saathi preinstallation, indicating that rollouts in phases or via exceptions could be possible if implementation proves disruptive.
Conclusion: Promise vs. Preparedness
Mandatory SIM binding in India is a bold and arguably overzealous attempt to secure the digital communications landscape by leveraging an already-verified mobile identity system. In theory, it promises a world where every WhatsApp or Telegram account is as traceable as a phone call, a boon for security agencies and a potential relief for victims of fraud. It aligns well with the government’s vision of a “single source of truth” for identity (the mobile number) across services, and it may well set a precedent on the global stage for tough measures against cybercrime. However, the realistic assessment is that India has an uphill task to make this policy work. Technical constraints, user behavior, and adaptive cybercrime present challenges that are not yet fully resolved. The mandatory binding of SIMs is no small change; it touches on how hundreds of millions communicate every day. The intent is laudable: safer digital transactions, fewer frauds, and accountability. But the execution will determine the outcome.
-author is Gaurav Bhagat, Founder, Gaurav Bhagat Academy
About The Author
