The Indian government has issued a directive requiring all smartphone manufacturers to pre-install the state-owned Sanchar Saathi cybersecurity application on new devices sold in the country. The order was announced on November 28 and gives companies a 90-day window to comply, ensuring the app is pre-loaded with no option for users to remove it.
Major smartphone makers including Apple, Samsung, Vivo, Oppo, and Xiaomi—which dominate India's market of over 1.2 billion subscribers—are expected to adhere to the mandate. For devices already in the supply chain, manufacturers must push the app via over-the-air software updates.
The Sanchar Saathi app, launched in January 2025, focuses on telecom cybersecurity by allowing users to track and block lost or stolen phones across networks, verify International Mobile Equipment Identity (IMEI) numbers, and report suspicious calls. Government data shows it has been downloaded more than 5 million times, helped recover over 700,000 lost phones, and blocked more than 3.7 million stolen devices while terminating over 30 million fraudulent connections.
The directive aims to combat threats like duplicated IMEI numbers used in scams. However, it has faced criticism from privacy advocates and tech firms. Technology lawyer Mishi Choudhary stated that the move "effectively removes user consent as a meaningful choice," drawing parallels to Russia's mandate for the Max messenger app in August.
Apple, which accounts for about 4.5% of India's 735 million smartphones, has internal policies against pre-installing government apps and previously clashed with regulators in 2017 over an anti-spam app. The 90-day deadline poses logistical challenges, with unclear enforcement and liability rules.
In a related move, the Department of Telecommunications also ordered messaging apps such as WhatsApp, Telegram, Signal, Snapchat, ShareChat, and JioChat to maintain continuous binding to active SIM cards. This requires re-authentication every six hours for web versions, classified under new regulations with a 90-day compliance period to curb cyber fraud.
SAUCE
HBAR
THETA
TFUEL
BTC
GEE
AAVE