top of page

DoT Introduces Mandatory SIM Binding for OTT Apps

  • Abhishek Bisht
  • 2 days ago
  • 3 min read
DoT Introduces Mandatory SIM Binding for OTT Apps

Today, messaging and calling applications have become the most common mode of communication for individuals, businesses, and organisations. Many users now rely more on internet-based communication platforms such as WhatsApp and Telegram than on traditional telecom services like SMS or voice calls.


However, this fast digital adoption has also brought serious challenges, including cybersecurity risks, fraud, impersonation, and misuse of mobile numbers—especially in situations where accounts remain active even after the SIM card linked to them is removed or deactivated.


To address these growing concerns, the Department of Telecommunications (DoT) has introduced new security measures for OTT communication platforms operating in India.


Understanding OTT Apps: It’s More Than Just Streaming

For many users, OTT platforms usually mean entertainment services like movies or web series on streaming apps. But OTT platforms cover a much broader category.


OTT (Over-the-Top) platforms deliver communication, audio, video, or media services directly through the internet, without relying on traditional cable, broadcast, or telecom infrastructure.


Users can access these services through smartphones, tablets, laptops, smart TVs, or web browsers. 

Popular OTT platforms include:


  • Messaging & communication apps such as WhatsApp, Telegram, Signal, Facebook Messenger and iMessage


  • Streaming platforms like Netflix, Disney+ Hotstar, Amazon Prime Video, and YouTube


In simple terms, any service that works over the internet instead of traditional telecom delivery falls under the OTT ecosystem.


Why Did DoT Issue New Directions for OTT Apps?

OTT communication platforms using Indian mobile numbers to align with stronger security practices similar to those followed in banking and digital payment systems.

Over the past year, multiple government agencies identified a major security gap. Certain OTT communication applications continue to allow users to access accounts even after the registered SIM card is removed from the device. 


This creates risks such as:


  • Unauthorised account usage

  • SIM recycling fraud

  • Identity impersonation

  • Difficulty in tracking cybercrime operations, especially when controlled from outside India.


To close this gap, DoT has introduced a framework aimed at strengthening accountability and improving digital communication security.


Key Directions Issued by DoT

The new framework requires OTT communication platforms using Indian mobile numbers to align with stronger security practices similar to those followed in banking and digital payment systems.


1. SIM–Device Binding

OTT communication apps must ensure:


  • The registered mobile number remains linked to an active SIM.

  • The SIM card must be physically present on the user’s device.

  • Account access should depend on SIM verification.


This measure ensures that accounts cannot continue operating once the SIM is removed or misused.


2. Periodic Logout for Web Access

To reduce risks from unattended or remote sessions:


  • Web-based access to OTT platforms must automatically log out every 6 hours.

  • Long-running browser sessions will no longer remain permanently active.


This helps prevent unauthorised access through shared computers or compromised devices.


3. Implementation Timeline

The new requirements will become effective from March 1, 2026.

From this date, OTT communication apps using Indian mobile numbers will be expected to operate only when the linked SIM remains active and present on the user’s device.


Industry Concerns

Industry bodies such as the Internet and Mobile Association of India (IAMAI) and the Broadband India Forum (BIF), representing companies including Meta, Google, and Telegram, have raised certain practical concerns:


  • Many devices, like tablets and laptops, do not support SIM cards.

  • Continuous SIM verification may impact user experience.

  • Implementation at a global scale may be technically challenging.


Despite these concerns, the government has confirmed that there will be no extension to the compliance deadline, emphasising the need to strengthen user protection and digital trust.


What This Means for Users and the Industry

From March 2026 onward:


  • Messaging accounts linked to Indian numbers will require an active SIM.

  • Unauthorised or abandoned accounts may automatically lose access.

  • Cyber fraud traceability is expected to improve.

  • Digital communication platforms will become more accountable.


Users may experience more frequent authentication checks or automatic session logouts as platforms comply with the new rules.


Building a Safer Digital Ecosystem

This initiative reflects the government’s broader push to strengthen telecom cybersecurity and enhance accountability across digital communication platforms.


As digital risks continue to evolve, measures such as SIM–device binding and controlled web access are expected to play a crucial role in improving traceability, reducing misuse, and reinforcing trust in India’s rapidly expanding digital landscape.

Comments

Subscribe to our Monthly Newsletter

Thanks for subscribing.

and never miss an update!

osp@whitewater.co.in

+91 78388 04269

301, Versova Earth,

CV Raman Nagar, Bengaluru - 560093

© All Rights Reserved @Whitewater 2025

Privacy Policy

  • LinkedIn
bottom of page