The Department of Telecommunications (DoT) has unveiled Draft Telecommunications (Telecom Cyber Security) Amendment Rules, aimed at combating cyber threats and fraud, and they carry major implications for anyone manufacturing, selling, or operating services on telecom devices in the country.
The New Sheriff in Town: Mobile Number Validation
In a direct effort to curb digital fraud, the government is introducing a centralized Mobile Number Validation (MNV) Platform. This will allow businesses and government agencies to verify if a phone number provided by a customer actually corresponds to the user in the telecom operator’s database.
The rules also introduce a new classification: the “Telecommunication Identifier User Entity” (TIUE). If your business uses mobile numbers for customer identification, verification, or service delivery—think OTPs, two-factor authentication, or app logins—you are now considered a TIUE.
Key takeaways for TIUEs:
- Mandatory Verification: You may be directed by the government to use the MNV platform to validate your user base.
- A Fee-Based System: While government use is free, private entities will be charged a fee for each verification request.
This platform is a tool against identity fraud and SIM-swap scams, but it also means businesses will need to integrate a new compliance and verification step into their customer onboarding and management processes.
IMEI Verification Now Mandatory
The amendments also bring a focus to device identity, specifically the International Mobile Equipment Identity (IMEI) number. The government is creating a national database of tampered or restricted IMEIs to track and block fraudulent devices.
While manufacturers are now explicitly forbidden from assigning duplicate or already-in-use IMEIs to new equipment, the most significant change is for the secondary market. The new rules state that any person or business involved in the sale or purchase of used telecommunication equipment in India must:
- Access the Government Database: Before any transaction, they must check the device’s IMEI against the central database.
- Pay a Verification Fee: A fee of ten rupees per IMEI will be charged for this database access.
- Ensure Compliance: They must ensure they do not “directly or indirectly, undertake sale or purchase” of any device with an IMEI number listed in the database.
This introduces a formal, mandatory compliance checkpoint for the entire device refurbishment and resale industry, from large-scale operations to small retail shops.
What This Means for Your Market Access
- For Device Manufacturers: IMEI integrity is now paramount. Your manufacturing and supply chain processes must have zero tolerance for duplication.
- For App Developers and Service Providers (TIUEs): Prepare for the technical and financial implications of integrating with the new MNV platform.
- For the Refurbished/Used Device Market: This is a fundamental operational change. A robust IMEI verification process will be essential to conduct business legally.
