DoT Amends Telecom Cyber Security Rules To Boost Identifier Security & Prevent Identity Fraud

New Delhi, Nov 27 (KNN) The Department of Telecommunications (DoT) has introduced amendments to the Telecommunication Cyber Security (TCS) Rules, 2024, through a notification issued on 22 October 2025.

The updated provisions address emerging vulnerabilities linked to the widespread use of telecom identifiers across sectors, including banking, e-commerce and public digital services.

The changes aim to reinforce India’s cyber resilience, enhance telecom identifier security and support safer digital transactions.

A key feature of the amendments is the introduction of a Mobile Number Validation (MNV) platform.

This system enables service providers to verify, in a decentralised and privacy-compliant manner, whether a mobile number used to access a service genuinely belongs to the individual whose credentials are on record.

The measure seeks to reduce rising instances of identity fraud and mule accounts arising from unverified linkages between mobile numbers and digital services.

The updated rules also mandate “Resale Device Scrubbing” to address risks in the rapidly expanding second-hand device market.

Entities dealing in refurbished or pre-owned devices must now verify each device’s International Mobile Equipment Identity (IMEI) number against a centralised database of blacklisted identifiers before resale.

This requirement is intended to protect consumers from unknowingly purchasing stolen or cloned devices and assist law enforcement in tracking illicit equipment.

Recognising that telecom identifiers are now widely used for authentication beyond the telecom sector, the amendment introduces obligations for Telecom Identifier User Entities (TIUEs).

These entities must share relevant identifier-related information with the government in specified, regulated scenarios to improve traceability and coordination in responding to telecom-linked cyber fraud, while adhering to data protection norms.

The DoT clarified that the TCS Amendment Rules, 2025, remain valid and enforceable. The rules were first notified in the Gazette of India vide notification G.S.R. 771(E) on 22 October 2025.

An inadvertent re-publication under G.S.R. 796(E) on 29 October 2025 has since been rescinded through G.S.R. 863(E) dated 25 November 2025, with no impact on the validity of the original amendment.

Collectively, the revised rules aim to safeguard India’s digital ecosystem, strengthen device traceability and establish a more secure, future-ready telecom cyber security framework that balances innovation, privacy and national security.

(KNN Bureau)