India Mandates Cyber Safety App on All New Smartphones

Fri Dec 05 2025 10:08:36 GMT+0200 (Eastern European Standard Time)

India has issued a directive requiring all new smartphones to come pre-installed with a state-run cybersecurity app, raising privacy concerns among experts.

In a significant move aimed at enhancing telecom cybersecurity, the Indian government has mandated that all new smartphones come pre-loaded with the Sanchar Saathi app, a non-removable application designed to help verify device authenticity and report misuse. The directive, which allows just 90 days for compliance and has stirred privacy concerns amidst a backdrop of 1.2 billion mobile users, has drawn criticism for potential surveillance and data privacy issues.

India has ordered all new smartphones to come pre-loaded with a non-removable, state-run cybersecurity app, sparking privacy concerns.

Under the order - passed last week but made public on Monday - smartphone makers have 90 days to ensure all new devices come with the government's Sanchar Saathi app.

This app aims to help citizens verify the authenticity of a handset and report suspected misuse of telecom resources.

The move - taking place in one of the world’s largest phone markets with over 1.2 billion mobile users - has been criticized by cyber experts for breaching citizens' privacy rights.

Launched in January, the Sanchar Saathi app allows users to check a device’s IMEI, report lost or stolen phones, and flag fraudulent communications. The IMEI is a unique code identifying a mobile device on cellular networks.

India’s Department of Telecommunications stated that handsets with duplicate or spoofed IMEI numbers pose a serious danger to telecom cybersecurity.

Under the new rules, the installed app must be readily visible and accessible when the device is set up, and its functionalities cannot be disabled. Manufacturers are also required to provide the app via software updates for unsold devices.

The government anticipates that this will bolster telecom cybersecurity, with a report estimating the app helped recover over 700,000 lost phones to date, including 50,000 last month.

However, the broad permissions required by the app raise alarms over data collection, leading some advocacy groups to voice concerns that it transforms every smartphone into a vessel for state-mandated software that users cannot control.

Compliance challenges are expected as the order contradicts policies of most manufacturers, including Apple, which has historically resisted such requests from governments.

India's directive follows similar governance trends globally with other nations like Russia implementing strict rules for device verification. As the digital landscape evolves, the tensions between state requirements and personal privacy will undoubtedly continue to surface.