DoT Mandates SIM Binding as WhatsApp and Telegram Face Stricter Oversight

In Focus

• Department of Telecommunications (DoT) mandates SIM binding, requiring users to keep the registration SIM in device for apps like WhatsApp, Telegram, Signal and others
• Web or desktop sessions on these apps will auto-logout every six hours, requiring reauthentication
• The 90-day implementation window forces app providers to update authentication protocols by early 2026
• The regulation aims to enhance traceability, combat cyber fraud and align OTT messaging services with telecom-style compliance

The Indian Department of Telecommunications (DoT) has issued a sweeping directive requiring SIM card binding for major messaging platforms. According to The Economic Times, messaging services such as WhatsApp, Telegram, Signal, Snapchat, Arattai and others must ensure that user accounts remain tied to the original SIM card used during registration.

Under the new rule, these “over-the-top” (OTT) apps will no longer function if the original SIM is removed or replaced. Furthermore, web or desktop sessions must automatically log out every six hours, prompting users to reauthenticate. The DoT has allotted a 90-day window for compliance.

What the Rule Entails for Messaging Platforms

The directive mandates persistent SIM binding for OTT applications. Post-implementation, a platform must verify that the device’s SIM matches the one used during registration before granting access. This requirement effectively bars usage on “SIM-less” devices and restricts account portability across devices or numbers.

Web and companion app logins will also require frequent reauthentication, making prolonged desktop sessions more cumbersome. In other news, WhatsApp launched a redesigned short text update capability, introducing a WhatsApp Instagram Notes-like feature that changes how brief, status-style messages appear on the platform.

Messaging platforms have a 90-day deadline to incorporate these changes. After this period, failure to comply could render services inaccessible under the new compliance framework. The rapid timeline underlines the government’s urgency to fortify digital communications against misuse.

The requirement responds to growing concern over cyber fraud and misuse of anonymity via SIM-independent messaging apps. According to the leading telecom industry body Cellular Operators Association of India (COAI), persistent SIM binding is critical to maintaining traceability among user identity, mobile number, and physical device, a link often broken when SIM cards are changed or removed after installation. Earlier this year, Meta’s chatbot rules sparks concerns over AI safety for children.

The move aims to bring OTT messaging services closer to traditional telecom-style compliance, enabling law enforcement agencies to trace misuse or criminal activity effectively.

From Resistance to Regulation

Historically, the DoT had exempted OTT communication apps from telecom-style regulation. Under the Telecommunications Act, 2023, DoT officials argued that OTT platforms did not fit the classic definition of “telecommunication,” which refers to message transmission via wire, radio, or other electromagnetic systems rather than Internet data packets.

Thus, until recently, there was no plan to subject apps such as WhatsApp or Telegram to telecom-style regulation. However, mounting pressure from telecom operators who highlighted security and lawful interception concerns led to growing calls for regulatory parity.

The new SIM-binding mandate effectively marks a pivot: the DoT is now treating at least number-based OTT messaging apps more like traditional telecom services in terms of authentication and traceability.

Developing Compliance and Operational Preparedness

In the months ahead, technology leaders, platform operators, and enterprise users will need to closely observe how the enforcement of DoT mandates on SIM binding shapes operational and regulatory expectations across India’s digital communication ecosystem. These challenges are particularly evident for businesses that rely on multi-device communication, frequent number changes, or long-running desktop sessions for customer service and internal coordination.

Messaging platforms will need to redesign authentication workflows, incorporate device-SIM matching protocols, and enforce periodic session termination, which may affect the reliability and convenience of widely used communication channels.