Mandatory Cybersecurity App Installation on New Smartphones in India

India’s telecom ministry has issued a directive requiring major smartphone manufacturers to preload the Sanchar Saathi cybersecurity app on all new devices, according to a confidential order dated November 28. This significant policy introduces one of the world’s most extensive digital compliance measures in the second-largest smartphone market, igniting discussions among privacy advocates and tech companies globally.

The order, acquired by Reuters, mandates that manufacturers such as Apple, Samsung, Vivo, Oppo, and Xiaomi ensure that every new device sold in India will have the app pre-installed with no option for users to remove or disable it. Companies have been given a 90-day deadline to comply.

App Must Also Reach Devices in Distribution

Additionally, phones that have already been produced or are moving through supply chains will be updated with the app software. The directive was shared privately with a select group of manufacturers, rather than being made publicly known.

Officials have described the measure as crucial for addressing the growing threats to telecom security, particularly concerning fraudulent or duplicated IMEI numbers — the unique 14- to 17-digit identifiers used for tracking and blocking stolen devices.

App’s Function in Combating Theft and Fraud

Launched earlier this year, Sanchar Saathi has become an integral part of the government’s anti-fraud strategy. Current statistics reveal:

• 700,000+ lost phones have been recovered to date

• 50,000 recoveries took place in October alone

• 3.7 million stolen or lost devices have been blocked

• 30 million fraudulent mobile connections terminated

• 5 million+ downloads recorded since launch

The app allows users to verify IMEI numbers, report stolen phones, block devices from network access, and identify suspicious calls, enhancing tracking capabilities for law enforcement and reducing counterfeit phone circulation.

Apple Faces Policy Dilemma

This new regulation may complicate matters for Apple, which has a longstanding policy against pre-installing any non-Apple or government application on their devices before sale — a policy that has already created friction in India during prior regulatory initiatives, including those for an anti-spam app.

Analysts predict that Apple might seek alternatives, potentially guiding users to install the app manually rather than being preloaded on devices. Since Apple represents about 4.5% of the 735 million smartphones in India, its response will be closely monitored across the industry.

Companies Await Guidance Amid Government Silence

None of the primary smartphone manufacturers, including Apple, Google, Samsung, or Xiaomi, have publicly responded to the order up to this point. Furthermore, the telecom ministry has not issued an official statement.

As the compliance deadline approaches, smartphone makers are reassessing the impacts on their software systems, user experience, and global policies. This directive signifies a pivotal change in India’s approach to embedding cybersecurity measures directly within consumer electronics.