In 2024, cyber-based financial fraud and identity theft from stolen telecommunications devices increased dramatically in India. The cases varied widely, ranging from messaging apps and financial platforms to e-commerce transactions. However, most cases originated from online financial fraud.
This prompted the Indian government, through the Department of Telecommunications (DoT), to release the Telecom Cyber Security Amendment Rules 2025. Since this regulation came into effect on October 22, 2025, the 2024 Telecom Cyber Security Regulations are no longer valid.
The Telecom Cyber Security Amendment Rules 2025 are a legal measure taken by the government to protect telecommunications users in India from cybercrime. This article will inform you of the important changes in these regulations.
Also Read
Table of Contents
Key Points of the Telecom Cyber Security Amendment Rules 2025
The Indian government has taken important steps to improve cyber security. One of these steps is the publication of the Telecom Cyber Security Amendment Rules 2025. There are several changes from the 2024 amendment rules. There are six most relevant updates in the amendment. Here are the key points:
Addition of definitions
The Telecom Cyber Security Amendment Rules 2025 add several definitions that did not previously exist. The clarity of the definitions of these entities aims to ensure stricter security. With clear definitions, the regulations provide more precise boundaries of responsibility.
Here are some of the new definitions:
- License Holder: An entity that holds a license to provide telecommunications services under the Indian Telegraph Act of 1885.
- TIUE (Telecommunication Identifier User Entity): An entity that uses a telecommunications number as a customer identifier. TIUE covers many types of digital services, including payment applications, messaging platforms, online stores, and transportation services.
- Authorized Entity: An entity authorized by the Indian government to perform verification.
Launch of the MNV Platform
The Mobile Number Validation (MNV) Platform is the most significant part of these new regulations. This platform is a centralized system introduced by the Indian government to check the validity of telecommunication numbers against registered user identities.
The verification process begins with the TIUE or the government sending a validation request to MNV. The platform then forwards the validation to the operator or official entity
to verify whether the data provided by the customer is correct. The validation results will appear on the Platform once the verification is complete.
This process tightens identity verification before services are provided. This way, customers can feel more secure when using digital services.
Problematic IMEI Data Collection
In addition to providing a verification platform, the Indian government will also collect data on problematic International Mobile Equipment Identity (IMEI) numbers. There will be a database for IMEI numbers that have been falsified, modified, and blocked.
This database can be checked by those buying and selling secondhand devices. This will make the secondhand device market safer.
Prohibition on the use of active IMEI numbers
Device security is also a focus of the Telecom Cyber Security Amendment Rules 2025. Telecommunications device manufacturers are prohibited from using IMEIs that are already active on the Indian network for new devices, whether locally manufactured or imported.
This measure is intended to reduce security risks arising from modified devices. In addition, it is hoped that the ban on the use of active IMEIs will help curb the circulation of illegal devices.
Cost sharing for validation
The use of the MNV Platform is not free of charge. However, the regulation stipulates that the costs will be shared between the government or managing agency and the official entity providing the verification service. This scheme is intended to ensure that no single party is burdened with the cost of running the system stably.
Special government powers in processing cyber data
The Indian government has special powers related to improving cyber security. These powers are as follows:
- The use of telecommunication identifiers will be temporarily suspended
- The use of certain identifiers will be permanently terminated
- The use of identifiers by TIUE will be restricted if deemed risky
This gives the Indian government flexibility to ensure digital security stability, especially in urgent situations.
These are the points of the Telecom Cyber Security Amendment Rules 2025 that need to be understood. The existence of this regulation will certainly have an impact on several parties. The impact is that users will receive better protection, technology companies will be required to adjust their systems, and the market for used devices will become more transparent.
In this case, the government is paying serious attention to identity verification, device security, and data transparency. That way, users can feel comfortable when conducting activities in the digital world. It is important for manufacturers and importers to understand the regulations and other updates on India type approval so that they can adapt their certification strategies early.
