As digital services continue to expand across finance, commerce, governance, and everyday communication, the security of telecom identifiers—mobile numbers, IMEIs, SIM credentials, and device identities—has become central to India’s cyber resilience. Recognizing the evolving threat landscape, the Department of Telecommunications (DoT) has introduced pivotal amendments to the Telecommunication Cyber Security (TCS) Rules, 2024, notified on 22 October 2025. These amendments, collectively known as the TCS Amendment Rules, 2025, strengthen the country’s cyber defence posture and reinforce India’s commitment to secure, transparent, and responsible telecom operations.
Why the Amendment Matters
Telecom identifiers are now the backbone of authentication across sectors such as banking, e-commerce, fintech, and welfare services. However, their widespread use has also made them a target for cybercriminals who exploit unverified linkages, fraudulent devices, and weak traceability. The amended Rules address these long-standing vulnerabilities through three major interventions designed to protect consumers and uphold national security.
1. Mobile Number Validation (MNV) Platform: Fighting Identity and Payment Fraud
A significant highlight of the amendment is the institutionalization of the Mobile Number Validation (MNV) platform. With the rise of digital payments and online services, cybercriminals increasingly misuse mobile numbers to open mule accounts, commit financial fraud, or impersonate unsuspecting citizens.
The MNV platform enables service providers to verify, in a privacy-preserving and decentralized manner, whether a mobile number genuinely belongs to the individual whose credentials are being used. This strengthens trust in digital transactions and curbs one of the fastest-growing vectors of cybercrime.
2. Resale Device Scrubbing: Protecting Consumers in the Second-Hand Device Market
India’s booming refurbished and second-hand smartphone market has inadvertently enabled circulation of blacklisted, cloned, or stolen devices, often leaving legitimate buyers entangled in legal complexities.
To address this, the revised Rules mandate that all entities dealing in resale or refurbished devices must scrub every device’s IMEI against a centralized list of blacklisted identifiers prior to resale. This measure ensures device legitimacy, contributes to theft reduction, and bolsters law enforcement efforts in tracking illegal or cloned phones.
3. Telecom Identifier User Entity (TIUE) Obligations: Enhancing Accountability
Recognizing that telecom identifiers are now widely used beyond telecom operators—by banks, digital platforms, e-commerce companies, and government agencies—the amendment introduces the concept of Telecom Identifier User Entities (TIUEs).
TIUEs are now required to share relevant telecom identifier–related information with the government under regulated circumstances, enabling better coordination in combating telecom-enabled cyber frauds. These obligations strike a balance between traceability, consumer protection, and data protection norms, ensuring responsible handling of telecom-linked data.
Clarifying the Rule’s Enforcement Status
An inadvertent administrative error led to the TCS Amendment Rules being republished in the Gazette on 29 October 2025, even though they had already been formally notified on 22 October 2025. DoT has now corrected this through notification G.S.R. 863(E) dated 25 November 2025.
The government has clearly reaffirmed that the amendments notified under G.S.R. 771(E) remain in full force and enforceable.
A Strong Step Toward a Secure Digital India
Through these amendments, DoT has taken a decisive step toward building a resilient, interoperable, and future-ready cyber security framework that safeguards India’s rapidly expanding digital ecosystems. By fortifying telecom identifier security, enabling device traceability, and enhancing sector-wide accountability, the TCS Amendment Rules, 2025 reinforce India’s pursuit of a secure and trusted digital future.