Telcos for SIM binding with OTT apps at all times to curb frauds

New Delhi: Top Indian telecom operators have suggested mandating the binding of over-the-top (OTT) communication applications with the verified mobile SIMs at all times to prevent cyber fraud and strengthen national security.

The Cellular Operators Association of India (COAI), in a statement on Wednesday, said this approach would ensure consumer trust, accountability, traceability and alignment with existing regulatory frameworks.

The association represents incumbent telcos Reliance Jio, Bharti Airtel and Vodafone Idea (Vi).


At present, the binding happens only once for verification of the user's mobile number while registering or signing up for application-based communication services. However, the application can continue to work independently on the device even if the SIM card is removed, replaced, or deactivated, which presents a potential security threat.

"If the original SIM card is removed from the device and the device with the OTT communication app is used for a criminal activity from any geographic location, since no SIM is present during the crime, there is no verifiable link-such as call records, location data or carrier logs-to prove which device was used or where the activity occurred," said SP Kochhar, director-general, COAI.

He added that this impedes the prevention of spam and cyber frauds, and could pose a major threat to national security.

"We suggest that such OTT communication apps implement persistent SIM-binding that remains active beyond initial installation," Kochhar said, noting that this would ensure that the communication service cannot operate without the authenticated SIM physically inserted in the device, maintaining critical traceability between the user, the number and the device.

Telcos said persistent SIM binding with OTT communication apps would also help establish a regulatory level playing field by ensuring that laws and compliance frameworks governing user identification, geographic accountability and lawful interception protocols apply equally to app-based communication services and telecom service providers. Previously, the COAI urged the government to bring communication apps under a regulatory regime, citing that telcos already have a regulatory mandate to ensure a transparent and safe communications ecosystem.

The association underscored that telcos are proactively implementing caller name presentation (CNAP) and have deployed artificial intelligence (AI) and machine learning (ML)-led solutions to prevent suspected spam via voice and SMS.

Furthermore, it said that telcos, as per the Telecom Commercial Communication Customer Preference Regulation (TCCCPR), 2018, are conducting checks on principal entity (PE) and telemarketer (TM) binding, A2P SMS header and content registration, and keyword-based content screening of messages transmitted, as well as enforcing distributed ledger technology (DLT)-based suffix rules for transparency.

"However, fraudsters are increasingly adapting by shifting to OTT messaging platforms that are installed/used independent of SIM verification and are immune to telecom-level controls," said Kochhar.