Indian Government Requires Phone Manufacturers To Install Cyber Security Applications In 90 Days

Illustration of the Indian government's cybersecurity application, Sanchar Saathi (photo: x @CryptooIndia)

JAKARTA - The Indian government requires all smartphone manufacturers to load the government-owned cybersecurity application, Sanchar Saathi, into each new device within 90 days. This policy, as reported by Reuters, also regulates that the application cannot be removed by users in India.

The move immediately caused the spotlight, especially from Apple and digital privacy activist groups, because it was considered to have increased government control over consumer devices.

India, which has more than 1.2 billion mobile subscribers, launched Sanchar Saathi in January 2025. Based on government data, the app has helped track more than 700.000 mobile phones missing, including 50,000 findings in just the past month.

Through this application, users can check the authenticity of the IMEI number, report suspicious calls, and block lost or stolen cellphones through a centralized portal.

The government stated that this mandatory implementation policy is needed to overcome the rise of fraud and network abuse, especially the practice of counterfeiting IMEI which is considered a serious threat to telecommunication cybersecurity.

In a circular sent behind closed doors to a number of mobile phone manufacturers on November 28, the government gave 90 days to ensure the Saatihi Sanchar was installed on all new devices without the removal option.

For devices already in the distribution chain, the company is required to send the app via software updates. This policy applies to all major brands, including Apple, Samsung, Vivo, Oppo, and Xiaomi.

Compliance with this rule is expected to be an issue for Apple. Apple has an internal policy that prohibits the installation of third-party applications or government applications before cell phones are sold.

Apple, which controls about 4.5 percent of India's 735 million active smartphones, has previously clashed with regulators regarding anti-spam applications.

Unlike Apple, most other manufacturers use Android, an operating system that is more open to pre-installation applications.

In addition to the obligation to install Sanchar Saathi, the Ministry of Telecommunications (DoT) has also issued new rules for communication applications such as WhatsApp, Telegram, Signal, Snapchat, to local applications such as ShareChat and JioChat.

The over-the-top (OTT) application is required to implement the 'SIM-device binding' system, namely ensuring that the account in the application can only be used on devices containing the SIM card used during registration. If the SIM card is not on the device, the application may not operate.

For platforms that support the use of multiple devices, the government requires that the companion device (companion devices) automatically log out (logout) at least every six hours. Users can re-enter via scanning the QR code.

All companies using mobile numbers or SIMs as verification systems are required to submit compliance reports within 120 days.

This series of policies is considered by the government as part of efforts to improve national digital security amid increasing telecommunication fraud and number hijacking. However, this move has the potential to spark debate over user privacy and autonomy, especially regarding applications that cannot be removed.

Global technology companies are expected to seek a middle ground between compliance with Indian regulations and their respective internal policies, as India continues to strengthen its position as the world's second largest smartphone market.