The Department of Telecommunications (DoT) has issued a notification of the Telecom Cyber Security Amendment Rules 2025. The Amendment Rules 2025 amend the Telecom Cyber Security Rules 2024, focusing on vulnerability of rapid integration of phone number as telecommunications identifiers into digital services from mobile banking to e-governance. Recognizing the emerging threat of cybercrime, the Indian Government has notified the Telecom Cyber Security Amendment Rules 2025 as a legal act for protecting telecommunications users in India from cybercrime. The Amendment Rules 2025 came into effect on 22 October 2025. So, in this article we will discuss all important notes from the Telecom Cyber Security Amendment Rules 2025.
Key definitions to understand
In the Telecom Security Amendment Rules 2025, there are several terms need to be understood, as follows:
- Licensee: a person holding a license to provide telecommunications services under the Indian Telegraph Act 1885.
- Telecommunication Identifier User Entity (TIUE): a person, other than a licensee or authorized entity, that uses a telecommunications identifier in the form of a phone number to identify a subscriber (user) or to provide services.
- Mobile Number Validation (MNV) Platform: a phone number validation platform that enables the validation process by a licensee or authorized entity, whether or not a phone number as telecommunications identifier specified by the TIUE subscriber (user) matches the user profile as contained in the licensee or authorized entity databases.
Key notes of the Amendment Rules 2025
The Telecom Cyber Security Amendment Rules 2025 are the Indian Government’s response to a sharp increase in cyber-based financial fraud and identity theft from stolen telecommunications devices. The number of cybercrime cases in India was significant increase in 2024, with the majority of cases are from online financial fraud.
Cybercrime perpetrators use fake phone numbers or compromise legitimate users’ phone numbers through One-Time Password (OTP) authentication processes. The cybercrime perpetrator then create fake accounts on various digital platforms and impersonate as legitimate users.
Furthermore, the black market for smartphones and IMEI cloning activities have exacerbated cybercrime cases in India. Therefore, the aim of the Telecom Cyber Security Amendment Rules 2025 is to prevent the misuse of telecommunications identifiers that tie services to phone numbers and telecommunication devices with unique IMEI.
Validation of telecommunication identifiers
In order to create good telecommunications cybersecurity and also prevent cybersecurity incidents, the Indian Government established the MNV platform and issued directions to the licensees and authorized entities to participate in the platform. The TIUE and Indian Government can submit requests to the MNV platform to validate whether or not the telecommunications identifier (phone number) specified by the user matches the one available in licensee and authorized entity databases.
The costs of using the MNV platform will be shared by the Indian Government or its agency that established and manages the MNV platform. The MNV platform is required to forward every validation request to the licensees and authorized entities for validation purposes, and the licensees and authorized entities are also required to conduct such validation and provide a response to the MNV platform.
The Indian Government may issue a directive to manufacturers of telecommunications devices that holding an International Mobile Equipment Identity (IMEI) number to not assign IMEIs already in use to new telecommunications devices since a date specified by the Indian Government on the portal.
Every manufacturer or importer of telecommunications equipment holding an International Mobile Equipment Identity (IMEI) number must ensure compliance with the directive issued by the Indian Government for the purpose of enforcing this regulation.
Conclusion
The implementation of the Telecom Security Amendment Rules 2025 demonstrates the Indian Goverment’s effort to enforce a secure telecom cyber ecosystem in India. The Amendment Rules 2025 also form the legal act from the Indian Government to address the numerous cybersecurity incidents that have occurred in India in recent years.
It is important for manufacturers and importers to understand the Telecom Security Amendment Rules 2025 or other update on India type approval so that they can adapt their certification strategies early. For companies who want to stay informed about any regulatory changes in India, feel free to drop an email to info@narmadi.com for further assistance especially if you have any questions about this Amendment Rules 2025.
