KartavyaDesk
news

SIM Binding

Kartavya Desk Staff

Source: TOI

Context: The Union Government has directed messaging apps like WhatsApp, Telegram, Signal and others to mandatorily link their services to the SIM card used during registration.

About SIM Binding:

What is SIM Binding?

• SIM binding is a security mechanism that permanently links a user’s messaging or authentication service to the physical SIM card used during registration. The app stops working if the original SIM is not present in the device, acting as a hardware token for identity verification.

Ministry:

• Department of Telecommunications (DoT)

• Under the Telecommunication Cybersecurity Amendment Rules, 2025.

• Introduced the concept of Telecommunication Identifier User Entity (TIUE) to regulate digital communications more securely.

New Government Order Mandates:

• Messaging apps must ensure their services remain continuously linked to the SIM used during sign-up.

• App must block access if the registered SIM is not physically present in the device.

• Web versions (like WhatsApp Web) must auto-logout every six hours.

• Platforms have 90 days to comply.

SIM Binding Works:

• SIM binding is a security process that links a user’s digital identity to the unique identifiers stored inside a physical SIM card. Every SIM contains hardware-level data such as:

• IMSI (International Mobile Subscriber Identity) ICCID (Integrated Circuit Card Identifier) Ki (authentication key stored in SIM hardware)

• IMSI (International Mobile Subscriber Identity)

• ICCID (Integrated Circuit Card Identifier)

• Ki (authentication key stored in SIM hardware)

• When an app implements SIM binding, it continuously checks these SIM identifiers inside the device.

• If the app does not detect the same IMSI/ICCID/Ki that were present during registration, it concludes the identity mismatch and automatically blocks access.

Need for SIM Binding Rules:

• Several fraudsters use messaging apps without the original SIM, especially from outside India.

• Prevents impersonation, spoofing, OTP bypass attacks and cross-border cyber fraud.

• Ensures device–SIM–account linkage, making account misuse harder.

• Enhances national cyber security by reducing anonymity on messaging platforms.

AI-assisted content, editorially reviewed by Kartavya Desk Staff.

About Kartavya Desk Staff

Articles in our archive published before our editorial team was expanded. Legacy content is periodically reviewed and updated by our current editors.

All News