The Indian government has brought strict cybersecurity rules for all messaging apps like WhatsApp, Telegram, Signal. Now to run these apps, it will be necessary to have an active SIM of the same number in the phone with which the account has been registered. The app will close immediately as soon as the SIM is removed from the phone and the web versions will logout automatically every six hours. DoT claims that this step is necessary to stop cyber fraud, spam and fraud networks originating from foreign countries. These rules will be applicable across the country from February 2026.
WhatsApp will stop as soon as you remove the SIM
Under DoT’s Telecommunication Cybersecurity Amendment Rules 2025, WhatsApp, Telegram, Signal and all chat apps will now have to be continuously linked to the SIM. If a user removes the SIM from the phone that created his messaging account, the app will stop running immediately. This change has been made because till now the apps verify the number only once with OTP and continue to run for a long time even after removing the SIM. The government believes that this relaxation benefits cyber criminals who hide their identity by changing SIMs.
Auto logout will happen on web server every 6 hours
The new order also completely changes the rules for web-based login. Now the web version of WhatsApp Web, Telegram Web or any chat service will automatically log out every six hours and the user will have to login again with the QR code. Currently, WhatsApp Web logs out only when the primary phone has not been used for 14 days. The government says that untraceable login activity from the web gives cyber criminals an opportunity to commit fraud from outside India, which this new rule will try to stop.
Why did the government bring a new rule?
DoT and COAI said that the one-time verification model of messaging apps was creating a huge security gap. Criminals commit fraud by taking the number registered in India out of the country or through internet calling, and remain connected to the app even when the SIM is inactive. It becomes almost impossible to trace because call records, location and network data are not linked to the SIM. Continuous SIM-binding will help the government establish the connection between the user, number and device, thereby reducing both fraud and spam.
How effective will SIM binding be?
Cyber security experts believe that this step can increase traceability to some extent, but it will also have limitations in preventing fraud on a large scale. Fraudsters easily get new SIMs with fake documents, so it will not be very difficult for them to bypass SIM-binding. On the other hand, the telecom industry says that mobile numbers are the most trusted digital identity in India and it is necessary to strengthen cyber security on the basis of this identity. There is a debate going on between both the sides whether this step will increase security or will only increase the problems of the users.
impact on users
After the implementation of the new rules, users will be able to use their messaging apps only when an active SIM is installed in the phone. This means that WhatsApp or Telegram cannot be used continuously in multi-device mode without a SIM. As soon as the SIM of the number with which the account is created is removed from the phone, the app will stop and the user will have to login again. Also, web version users will have to repeat authentication every six hours. These changes will have the greatest impact for those who use WhatsApp on a tablet or secondary device without a SIM.
Leave a Reply