73
SIM binding in India: What it means for WhatsApp, Telegram users and why the government wants it (www.moneycontrol.com)
submitted 2 months ago by sonofearth@lemmy.world to c/technology@lemmy.world
10 comments fedilink hide all child comments

The Department of Telecommunications has told these apps that within the next 90 days, they must make sure their services work only when the correct SIM card is in the phone. If you remove that SIM, the app should stop working. This is known as SIM binding.

  • Continuous SIM presence: Apps must check regularly whether the original SIM card is still inserted in your phone. If not, the app must automatically stop working until you insert the correct SIM again.
  • Web access restrictions: If you use WhatsApp Web or similar web versions, the government wants you to get logged out automatically every six hours. To log in again, you will have to scan a QR code with the app. This is to ensure the device and user are genuine.

People who use these apps on secondary devices without a SIM, or those who keep their SIM in one phone but use the app on another, may face interruptions

I don't even see the point of this:

  • Surveillance?
  • Some Incoming telecom plan change which will require you to have a special plan for using Messengers because no one uses SMS and don't bother to have an SMS plan? so telecom networks can make some more money?
you are viewing a single comment's thread
view the rest of the comments
[-] sonofearth@lemmy.world 5 points 2 months ago* (last edited 2 months ago)

If a phone gets stolen, you can easily file a complaint, get that sim deactivated and a replacement within an hour. Put it in another phone and logout of any accounts from the stolen phone. If the stolen phone has a lock, then it is pretty difficult for a random thief to extract the data from the phone.

Source: My phone was stolen in 2014 and had my brother’s phone number in it who was in another country. My parents lodged a complaint the next day, deactivated the sim and got a replacement in 3 hours. My phone didn’t have a lock but thankfully I did not have any sensitive data on it and I reset my google account password ASAP after I lost it and logged out of all devices. I still use all the important accounts that were on that phone till this date.

So I doubt the new measures will be any useful given that you already need to verify your govt id and biometrics to get a phono number in the first place.

[-] CameronDev@programming.dev 1 points 2 months ago

I'm more thinking along the lines of getting a cheap sim, signing up for signal and them letting the plan lapse and the number is released for use again. And then someone buys a new plan, but gets the recycled number. Not sure how realistic that is as a risk vector though.

[-] sonofearth@lemmy.world 2 points 2 months ago

But I don't think it would make any difference. What would actually secure the account is the internal account password which both Signal and Whatsapp already have.

[-] CameronDev@programming.dev 1 points 2 months ago

If you hold the number it can't get recycled into distribution. Signal does fall back to MFA codes over SMS from memory (I've recovered the signal account for my grandma, as I own the number), so anyone who controls the number controls the account.

this post was submitted on 30 Nov 2025
73 points (98.7% liked)

Technology

81026 readers
4652 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws