Latest news with #DoT
Hindustan Times
13 hours ago
- Business
- Hindustan Times
Govt plans mobile number verification for apps, banks
NEW DELHI The move comes as India battles a surge in digital fraud (AFP) The telecommunications department has proposed sweeping new cybersecurity rules that would require digital platforms to verify customer mobile numbers through a government-run system, as the country grapples with rising online fraud. The Department of Telecommunications (DoT) unveiled draft amendments dated Tuesday that would establish a Mobile Number Validation (MNV) platform to check whether phone numbers provided by users actually belong to them - a move that could affect millions of Indians using everything from food delivery apps to digital payment services. India has over 1.16 billion mobile connections and is the world's largest market for digital payments, making it a major target for mobile-based fraud schemes. The proposed rules target what the government calls Telecommunication Identifier User Entities (TIUEs) - essentially any business that uses mobile numbers to identify customers or deliver services, beyond licensed telecom operators. 'A person, other than a licensee or authorised entity, which uses telecommunication identifiers for the identification of its customers or users, or for provisioning and delivery of services,' the notification states. While the notification does not specify examples of TIUEs, a DoT official explained to HT that TIUE covers OTT platforms, banks, among other digital services. 'If the services are using mobile numbers or any other telecom identifier, then they will be covered under TIUE. In other words, this broad definition could include ride-hailing apps like Ola and Uber, food delivery platforms like Zomato and Swiggy, fintech companies, e-commerce sites, and banking apps. While companies can voluntarily request mobile number verification, the rules make it mandatory 'upon a direction from central or state government or an agency authorised by the central or state government.' The move comes as India battles a surge in digital fraud, often through stolen or lost SIM cards that are used to make calls or send messages in phishing and more recently 'digital arrests' rackets. The use of mule SIMs are designed to work around strict KYC norms that was initially thought to be effective against crimes. The draft notification briefly specifies two grounds for the move: 'ensuring telecom cyber security and prevent security incidents'. According to government data, digital frauds have surged in recent years. In March, the government in a submission to Rajya Sabha stated the number of digital arrest scams and related cybercrimes in the country almost tripled between 2022 and 2024, with defrauded amounts skyrocketing by 21 times during the period. Cybersecurity experts are divided on the implications. Sandeep K Shukla, a professor at IIT Kanpur, said the anti-fraud benefits could justify privacy concerns. 'This might hamper privacy to some extent, but if you are claiming a number to be associated with a business, it better be associated with the claimed business,' Shukla told HT. However, Vikram Jeet Singh, a partner at BTG Advaya specialising in internet regulation, raised data protection concerns. 'There are obvious data privacy concerns, and it is not clear what data can be accessed through such a platform. Will it be a simple 'Yes/No' response on validation of a phone number, or can it be used to obtain more personal details of phone users?' Singh questioned. The draft rules propose a tiered pricing system: government entities get free access, while government-directed validation costs ₹ 1.50 per request. Private companies making voluntary requests pay ₹ 3 per validation. Singh warned this could create new costs for consumers. 'On a more mundane (but important) level, this may mean that banks and other service providers start charging their customers for 'MNV validation' costs.' The logistical challenge is immense. 'The MNV database will likely be maintained by creating a record of all active phone numbers in India. Given India has more than 1.5 billion phone numbers, this will not be an easy task in itself,' Singh added. Kazim Rizvi, founding director of The Dialogue, a tech policy think tank, said the proposed amendments could lead to an excessive centralisation of user data, raising concerns about proportionality under the Puttaswamy judgment and 'potentially clashing with the privacy safeguards outlined in the Digital Personal Data Protection (DPDP) Act'. The amendments also target mobile device fraud through stricter IMEI (International Mobile Equipment Identity) controls. Manufacturers must ensure new devices don't reuse IMEI numbers already in use in India's networks. The government will maintain a central database of tampered or blacklisted IMEIs, with second-hand phone sellers required to check this database before any sale - at a cost of 10 rupees per IMEI check. The rules also grant authorities sweeping powers to 'temporarily suspend use of the relevant telecommunication identifier' for both telecom operators and TIUEs if security concerns arise. The proposed rules are open for public consultation for 30 days before implementation. The DoT was not immediately available for comment.
Time of India
16 hours ago
- Business
- Time of India
Starlink nears India launch: Elon Musk's satcom giant gets final regulatory go-ahead, prepares for compliance trials
Representative image Elon Musk-owned Starlink is poised to receive its final regulatory approval to launch satellite communication services in India, with space regulator IN-SPACe issuing a draft authorisation document for the company to sign. Once completed, the Indian National Space Promotion and Authorisation Centre will countersign the document, effectively clearing the way for Starlink to begin operations. The development will place Starlink on par with existing satcom players Eutelsat OneWeb and Jio Satellite, both of whom have already secured similar approvals. Starlink received its Global Mobile Personal Communication by Satellite (GMPCS) licence last month, becoming the third company in India permitted to offer satellite-based communication services, reported ET. Starlink India: What's next? Despite receiving the GMPCS licence and being close to final authorisation, Starlink must still fulfil critical operational and security requirements before launching commercial services in India. The company is now required to set up ground infrastructure, including satellite earth stations, communication gateways, and a control and monitoring centre within Indian territory. Following the installation of these systems, Starlink will have to demonstrate service functionality for security clearance, a mandatory step for all satcom operators. Without this security nod, companies are not permitted to commercially roll out services, even if they hold all necessary licences. Rivals OneWeb and Jio Satellite, which received their GMPCS permits in 2021 and 2022 respectively, are still awaiting security approval. Both companies were allocated trial spectrum by the department of telecommunications (DoT) last year to test their systems and demonstrate compliance. This trial allocation has now been extended by six months. Security watch, spectrum talks shape Starlink's rollout Starlink's progress will be closely watched by Indian security agencies, especially in light of earlier concerns. Authorities previously raised alarms over the unauthorised use of Starlink terminals in sensitive regions like the Northeast. The ministry of home affairs flagged the issue to the DoT in March this year, leading to increased scrutiny of the company's operations and data-sharing practices. Under India's satcom regulations, all traffic must be monitored within the country, pass through Indian gateways, and comply with local control protocols. Companies are also required to create buffer zones along international borders as part of the operational mandate. The DoT is expected to soon allocate a trial spectrum to Starlink to allow for demonstrations of its services and security compliance. India is simultaneously working on streamlining its satellite spectrum allocation policy. The telecom regulatory authority of India (TRAI) has recommended that satcom spectrum be assigned administratively for five years. The proposed fee is set at 4% of a provider's adjusted gross revenue (AGR). For urban users, an additional charge of Rs 500 per subscriber annually is expected, while no such cost will be levied for rural users. Notably, there will be no upfront fee or allocation cost for satellite spectrum under these recommendations. In a sign of the government's growing interest in satellite connectivity, communications minister Jyotiraditya Scindia recently met top SpaceX officials to discuss opportunities to use satellite technologies for expanding India's digital infrastructure Stay informed with the latest business news, updates on bank holidays and public holidays . AI Masterclass for Students. Upskill Young Ones Today!– Join Now
Time of India
a day ago
- Business
- Time of India
Starlink to soon get regulator's final approval for India entry
US satcom major Starlink is set to clear the final regulatory requirement for offering services in India with space regulator IN-SPACe issuing a draft document for signing to the Elon Musk-owned company, people aware of the details told ET. Once Starlink signs the document-which is akin to a letter of intent and appears to be a formality-the Indian National Space Promotion and Authorisation Centre (IN-SPACe) will also sign and issue the authorisation. "The authorisation to Starlink will be issued soon," said a person privy to the details. After this, Starlink will be on a par with rivals Eutelsat OneWeb and Jio Satellite in terms of regulatory approvals. The company was granted a Global Mobile Personal Communication by Satellite (GMPCS) permit last month, becoming the third satcom player in the country that can offer commercial satcom services. However, despite securing the regulatory approvals, it will take more time for the company to start offering commercial services. The company now needs to set up earth stations or gateways and control centre in India, which is a prerequisite for players to offer satcom services. After setting up the ground infrastructure, the company has to demonstrate the services for security compliance and once the nod is given by security agencies that the company can launch commercial services. Getting a security go-ahead is crucial for satcom players, failing which the firms won't be allowed to offer commercial services, despite them holding the requisite permits. OneWeb got the satcom permit in 2021 while Jio satellite did in 2022 but both the companies are yet to secure the security compliance nod. These companies were given trial spectrum last year by the department of telecommunications (DoT) to test their services and also demonstrate to security agencies. The trial spectrum has now been extended for another six months by the DoT. The situation can be critical for Starlink as security agencies had earlier raised concerns over misuse of Starlink terminals in India, particularly in the border areas of Northeast region. ET had earlier reported about Starlink not cooperating in sharing details with the security agencies. This had forced the ministry of home affairs (MHA) to write to the DoT in March to investigate the matter. As per rules, satcom licence holders have to monitor all traffic, establish satellite earth station gateways, set up a control and monitoring centre in India, and all the traffic originating or terminating in India shall pass through Indian gateways. The companies are also required to create buffer zones along the international order. The DoT is soon expected to give trial spectrum soon to Starlink to demonstrate the security compliances. A few days back, communications minister Jyotiraditya Scindia had met top officials of SpaceX, which is the holding company of Starlink, to discuss collaborative opportunities for powering the country's digital ambitions through transformative satellite technologies. The DoT is soon expected to finalise the pricing and rules for allocating satellite spectrum administratively after receiving recommendations from the Telecom Regulatory Authority of India. The regulator had recommended administrative allocation of satcom spectrum for five years for a fee pegged at 4% of the licence holder's adjusted gross revenue. Satcom companies offering services in urban areas would have to shell out an additional ₹500 per subscriber annually, but nothing for rural users. There won't be any upfront charge or allocation price for satellite spectrum, as per its suggestions.
The Print
2 days ago
- Business
- The Print
DoT proposes changes in cyber security rules to curb frauds by misusing phone numbers
The new mechanism will involve a 'MNV platform' that will enable validation by authorised entities and licensees to check whether a mobile number used by an enterprise or users are present in the database of an authorised entity or licensee. The draft cyber security rules published on June 24 proposed to create a new platform for phone number validation and also includes those entities that use phone numbers to identify customers like banks using phone numbers for UPI transactions. New Delhi, Jun 26 (PTI) The Department of Telecom has proposed changes in cyber security rules to curb fraudulent activities that are carried out using mobile phone numbers. The new cyber security rules have terms for entities that use phone numbers to identify customers or their transactions as 'telecommunication identifier user entity' (TIUE). The new rule recommends a price of Rs 1.5 per request for status validation of a mobile number in the database of telecom operated by an entity authorised by centre or state governments. Any other entity will need to pay Rs 3 per request for mobile number validation after the new amendments are in place. DoT has sought comments from interested parties on the draft within 30 days of its publication. The new rules give more power to government authorised agencies or law enforcement agencies to collect details of transactions carried out by a person from non-telecom entities as well. According to sources, a bank has already started a pilot project to test the new mechanism, where it can flag a number that has been involved in fraudulent transactions. The flagged number will be deactivated for a period of 90 days. The history of the number will automatically get deleted after 90 days so that an individual who procures the same number after 90 days is not impacted. PTI PRS DRR This report is auto-generated from PTI news service. ThePrint holds no responsibility for its content.
Time of India
2 days ago
- Business
- Time of India
Digital safety: DoT proposes stricter cybersecurity rules; central Mobile Number Validation Platform to combat fraud
The department of telecommunications (DoT) has proposed sweeping changes to India's telecom cybersecurity framework, allowing it to mandate mobile number or identity verification through a centralised government-run platform, as part of efforts to crack down on online fraud and spoofing. Tired of too many ads? go ad free now According to a draft notification of the amended Telecommunications (Telecom Cyber Security) Rules, 2024, the DoT has suggested creating a 'Mobile Number Validation' (MNV) platform that will be accessible to telecom operators and entities such as banks, financial institutions, and e-commerce companies. As per ET, these authorised stakeholders will be allowed to verify users' mobile numbers by paying a prescribed fee. 'With a view to ensuring telecom cyber security and prevent security incidents, the Central Government shall by itself, or through an agency authorised by the Central Government, establish an MNV platform,' the DoT stated in the notification. The government can also direct device manufacturers to assist in identifying tampered phones using duplicate IMEI numbers, and maintain a database of such compromised devices. The platform will offer tiered pricing for verification requests that government-authorised entities can access it at Rs 1.5 per request, while all others will be charged Rs 3 per validation. Notably, under the draft rules, the government can immediately suspend a mobile number without notice if it believes the action is necessary in the public interest. The changes also give law enforcement agencies and authorised government bodies the ability to collect transaction histories involving mobile numbers from non-telecom entities. Tired of too many ads? go ad free now The draft introduces a new category called 'Telecommunication Identifier User Entities' (TIUEs), which includes all businesses and platforms that use mobile numbers to authenticate customers, such as banks verifying UPI-linked numbers. As per news agency PTI, at least one major bank has already begun piloting the MNV system, flagging numbers involved in fraudulent transactions for 90-day deactivation. Once the period ends, the number's history is deleted to prevent issues for future users. The new cybersecurity rules have triggered debate over their broader implications. While experts recognise the importance of enhanced protection, they also point to potential challenges. 'The proposed Telecom Cybersecurity Amendment Rules 2025 represent a strong policy move toward securing India's digital infrastructure,' said Tarun Wig, co-founder and CEO at Innefu Labs, as quoted by ET. However, he warned of 'potential friction around data privacy, integration complexity, and the cost of compliance, especially for smaller digital platforms and startups.' Wig added, 'Operationalising such a system at scale while ensuring minimal disruption and maximum data protection will be a key challenge.' The DoT has invited public comments on the draft rules within 30 days of publication.
