The Telecommunication (Telecom Cyber security) amendment act Rule 2025
About
The Telecommunications (Telecom Cyber Security) Amendment Rules, 2025, notified by India's Department of Telecommunications (DoT), amend the 2024 TCS Rules to enhance cyber resilience amid rising telecom-linked frauds in banking, e-commerce, and governance sectors.
Key Definitions
- TIUE (Telecommunication Identifier User Entity): Any non-licensee or non-authorized entity using telecom identifiers (e.g., MSISDN, IMEI) for customer identification or service delivery, including banks, fintechs, e-commerce, and OTT platforms.β
- MNV Platform: A government-established Mobile Number Validation platform for verifying if specified telecom identifiers match databases of authorized entities or licensees.β
Major Provisions
- Introduces Rule 7A for MNV platform setup, enabling TIUEs (on government approval or direction) and agencies to validate identifiers via a fee-based portal, ensuring data protection compliance.β
- Enhances Rule 5 for immediate government actions without notice: temporary suspension of identifiers by telecom entities and TIUEs, with potential permanent disconnection or reuse enablement.β
- Mandates IMEI controls under Rule 8: bans reusing in-network IMEIs on new devices; requires a database of tampered/restricted IMEIs; pre-sale checks for used devices; compliance by manufacturers/importers.β
Implications
- These amendments promote traceability and fraud prevention but raise concerns over broad TIUE scope, overlapping data laws, and lack of consumer notice for suspensions.
- DoT confirmed enforceability for licensees, with voluntary TIUE opt-in suggested amid clarifications.
- They align with the Telecommunications Act, 2023, for resilient digital infrastructure.β
Download Pdf
