""Accounts on instant messaging and calling apps continue to work even after the associated SIM is removed, deactivated, or moved abroad, enabling anonymous scams, remote 'digital arrest' frauds and government‑impersonation calls using Indian numbers," the DoT said in a statement issued Monday. "Long‑lived web/desktop sessions let fraudsters control victims' accounts from distant locations without needing the original device or SIM, which complicates tracing and takedown. A session can currently be authenticated once on a device in India and then continue to operate from abroad, letting criminals run scams using Indian numbers without any fresh verification.""
"India's Department of Telecommunications (DoT) has issued directions to app-based communication service providers to ensure that the platforms cannot be used without an active SIM card linked to the user's mobile number. To that end, messaging apps like WhatsApp, Telegram, Snapchat, Arattai, Sharechat, Josh, JioChat, and Signal that use an Indian mobile number for uniquely identifying their users, in other words, a telecommunication identifier user entity (TIUE), to comply with the directive within 90 days."
India's Department of Telecommunications has directed app-based communication providers to require an active SIM card linked to each user's mobile number for account use. The directive targets messaging platforms that use Indian numbers as telecommunication identifier user entities (TIUE) and gives listed apps 90 days to comply. The measure mandates continuous linkage of the app to the device's SIM and periodic web/desktop session logouts every six hours with QR-based re-linking. The change aims to close a security gap exploited for anonymous scams, remote "digital arrest" frauds, government-impersonation calls, and cross-border fraud enabled by long-lived sessions.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]