Impact of SIM Binding on Social Media, December 12

In December, India’s Department of Telecommunications (DoT) issued a directive requiring messaging platforms such as WhatsApp and Telegram to enforce continuous SIM-device binding, making the physical presence of a SIM card mandatory for the continued use of messaging services on apps like WhatsApp, Telegram, Signal, Arattai, Snapchat, ShareChat, Jio Chat, and Josh. The directive was specifically sent to these companies.

The directive significantly alters how messaging platforms function today. It disrupts multi-device usage, cloud-based automation workflows, remote work, and cross-border account usage, features that underpin how individuals, creators, and businesses rely on messaging platforms. While the move is intended to curb cyber fraud linked to smuggled SIM cards, it does not address India’s dominant fraud vectors, including phishing, caller ID spoofing, OTP theft, and SIM swaps. Instead, it introduces friction for legitimate users, breaks persistent login sessions essential for business messaging and CRM systems, and complicates usage for travellers, NRIs, and users dependent on desktop or web-based apps.

To examine the policy rationale, technical feasibility, and operational impact of this directive, MediaNama organised a discussion on December 12. The discussion explored whether mandatory SIM binding is technically feasible, its proportionality as a fraud-prevention measure, and the broader regulatory implications for digital platforms.

The video for the event is available below:

We saw participation from organisations like:

Bharti Airtel, X (formerly Twitter), Broadband India Forum, Com First, Xiaomi, Cyber Cafe Association of India (CCAOI), Deloitte, Dvara, Info Edge, Bitscore, HasGeek, CUTS, Asia Society, Deep Strat, India Future Foundation, SFLC, Esya Centre, Inshorts, Bureau, ISOC, Sinch, and others.

Key topics discussed included:

• What the DoT means by “SIM binding,” and why the term is technically misleading in the context of modern smartphone operating systems.
• Alternative approaches, including risk-based detection and carrier-led APIs (such as GSMA’s CAMARA API protocol), instead of blanket and continuous SIM-binding enforcement.
• The distinction between SIM binding, device binding, and risk-based authentication, and why most Indian apps, including banking and UPI apps, do not actually use SIM binding mechanism.
• Why continuous SIM presence checks are not feasible on iOS or modern Android due to OS-level privacy and security restrictions implemented by smartphone manufacturers.
• The heavy reliance on SMS-based verification as a workaround, and why this approach is archaic, costly, and vulnerable to interception and spoofing.
• Who bears the cost of repeated OTPs and SMS traffic, and how continuous SIM checks would make messaging platforms financially and operationally unviable.
• Why SIM binding does not meaningfully address India’s dominant fraud vectors, including phishing, spoofed calls, mule accounts, SIM swaps, and international virtual numbers.
• How fraudsters can still bypass SIM binding using international numbers, even if Indian SIMs are closely regulated but with weaker KYC mechanisms.
• Disruption to legitimate use cases such as multi-device access, desktop and web-based application usage, tablets without SIMs, remote work, and automated business messaging through APIs, which are cloud-based and generally do not operate using SIMs.
• The privacy and surveillance risks created by continuous SIM monitoring, including expanded metadata collection.
• Whether the directive signals a broader shift toward the Department of Telecommunications regulating internet services simply because mobile numbers act as identifiers of users.
• The lack of public consultation and the cumulative effect of telecom-led regulation on the wider internet ecosystem.

Next, we will publish stories from this discussion on our website in the coming days, so stay tuned. You can sign up for our free daily newsletter to stay updated with our latest stories.

Advertisements

This discussion was organised with support from Meta and Snap. Our community partner for this event is the Internet Freedom Foundation (IFF), Software Freedom Law Centre (SFLC.in) and the Centre for Internet and Society.

If you’d like to sponsor future discussions at MediaNama, do reach out to us here.