With the calendar turning to March, major messaging platforms, including WhatsApp, Telegram, Signal, Snapchat, ShareChat, JioChat, Arattai, and Josh, are now mandated to keep user accounts continuously linked to the active Subscriber Identity Module (SIM) card used during registration. The Department of Telecommunications (DoT) directive, issued under the Telecom Cyber Security (TCS) Rules, 2024 (as amended), takes full effect on March 1 after a 90-day compliance window granted on November 28, 2025.
The government has ruled out any extension, citing national security and the urgent need to combat rising online fraud, digital arrest scams, SIM-swap fraud, and misuse of anonymous or unverified accounts.
What is SIM Binding and how does it work?
SIM binding requires messaging apps to verify that the original KYC-verified SIM card (with its IMSI identifier) remains physically present and active in the user’s primary smartphone. If the SIM is removed, swapped, deactivated, ported to another device, or becomes inactive, the app will log out the user, terminate sessions, and prevent access until the correct SIM is re-inserted and verified (often via OTP or other authentication). This effectively ends the ability to use these apps solely over Wi-Fi on devices without the registered SIM.
Web and desktop versions (e.g., WhatsApp Web, Telegram Web) face additional restrictions: sessions will automatically log out every six hours, requiring fresh QR code scanning from the phone with the active SIM. Multi-device usage may become more limited, as linked devices will depend on the primary phone’s SIM presence for ongoing authentication.
Note that the rule applies only to India-registered accounts, with the aim of enhancing traceability. Communications Minister Jyotiraditya Scindia has defended the measure, stating it addresses scenarios where fraudsters operate on platforms without traceable SIMs, posing risks to national security.
How it affects everyday users
Existing Accounts — Most users with a standard physical SIM in their phone will notice minimal disruption for core mobile app usage. However, removing the SIM (e.g., for travel, dual-SIM swaps, or using eSIM-only setups) could cause immediate logouts.
WhatsApp Web/Desktop — Expect frequent re-authentication every six hours, which may inconvenience heavy web users.
Multi-device and Companion modes — Access on secondary devices (tablets, PCs, linked phones) will rely on the primary device’s active SIM, potentially disrupting seamless multi-device experiences.
Virtual numbers, eSIMs, International roaming — Accounts using virtual numbers, foreign SIMs, or eSIMs without physical presence may face issues if the SIM isn’t detectable as “active” in the device.
Travellers and Dual-SIM users — Frequent SIM changes or international travel could trigger repeated verifications or temporary lockouts.
The government highlights that the rule targets fraud prevention without broadly impacting legitimate users who maintain their registered SIM. Non-compliance by platforms could invite penalties under telecom and cybersecurity laws.
This marks one of the world’s first mandatory SIM-binding regimes for OTT messaging apps, setting a precedent for tighter integration between telecom networks and internet services in India.