India Mandates Undeletable Cybersecurity App on All New Smartphones, Sparking Privacy Concerns

The Indian government has issued a directive mandating that all new smartphones sold in the country must come with its state-owned "Sanchar Saathi" cybersecurity app pre-installed and undeletable, according to a Reuters report on December 1, 2025. This move, announced on November 28, aims to bolster the nation's fight against online fraud and cybercrime within its vast telecom market.

Smartphone manufacturers, including major players like Apple, Samsung, Vivo, Oppo, and Xiaomi, have been given 90 days to comply with this new regulation, as reported by the National Herald on December 1, 2025. For devices already in the supply chain, companies are expected to push the app via software updates.

The Sanchar Saathi app is designed to help users report suspected fraud, block stolen handsets, and verify mobile connections, according to the Department of Telecommunications (DoT) as cited by Mint on December 1, 2025. The government claims the app has already been instrumental in recovering over 700,000 lost phones since its launch in January.

However, the directive has ignited significant concerns among privacy advocates and tech giants, including Apple, regarding user consent and data privacy. Mishi Choudhary, a lawyer specializing in technology matters, told Reuters that the government's action effectively removes user consent as a meaningful choice.

Critics question the secrecy surrounding the directive, which was privately circulated to select companies rather than being made public, as noted by the National Herald on December 1, 2025. The mandatory, undeletable nature of the app has fueled fears of expanded state surveillance without public consultation.

India's telecom ministry asserts that the app is crucial for combating "serious endangerment" to telecom cybersecurity from duplicate or spoofed IMEI numbers, which are often exploited in scams and network misuse, Reuters reported on December 1, 2025. The country has a significant challenge with cyber fraud, with citizens losing substantial amounts to scams.

This development places India among a growing number of nations, such as Russia, that are mandating the pre-installation of state-backed software on mobile devices, according to Al Jazeera on December 1, 2025. Russia implemented a similar requirement in August for a state-backed messenger app called Max.

• Background and Purpose of Sanchar Saathi: The Sanchar Saathi portal and app were initially launched by the Department of Telecommunications (DoT) in May 2023 and January 2025, respectively, as a citizen-centric initiative. Its primary goal is to empower mobile subscribers and enhance security by allowing users to report fraud, block lost/stolen devices, check mobile connections registered in their name, and verify handset genuineness, as detailed by the Sanchar Saathi website and Telegraph India on December 2, 2025.
• Escalating Cybercrime in India: The mandate comes amidst a significant surge in cyber fraud cases in India. Official data cited by Mint on March 11, 2025, indicated that high-value cyber fraud cases quadrupled in fiscal year 2024, resulting in losses of approximately $20 million. The Economic Times reported on May 26, 2024, that Indians lost over ₹1,750 crore (approximately $210 million) to cybercriminals in the first four months of 2024 alone, with 85% being financial online frauds.
• Technical Aspects and Enforcement: The directive, issued on November 28, 2025, requires manufacturers to ensure the Sanchar Saathi app is "readily visible and accessible" and that its functionalities are "not disabled or restricted," according to a report by Privacy Alert on December 2, 2025. The order, which was not made public, gives a 90-day compliance window, with penalties for non-compliance under the Telecommunications Act, 2023, and the Telecom Cyber Security Rules, 2024, as reported by Privacy Alarm on December 1, 2025.
• Concerns from Tech Giants and Privacy Advocates: Tech companies, particularly Apple, are expected to resist the mandate due to their policies against pre-installing third-party or government applications, as noted by Reuters on December 1, 2025. Privacy advocates, including Mishi Choudhary, express alarm that the undeletable nature of the app bypasses user consent and could pave the way for increased state surveillance, a concern echoed by iDrop News on December 1, 2025.
• Global Precedents and Implications: India's move mirrors similar actions taken by other governments, such as Russia, which mandated the pre-installation of its state-backed messenger app, Max, in August, according to The Tech Buzz on December 1, 2025. This trend highlights a global shift where governments are asserting greater control over digital infrastructure under the guise of cybersecurity, raising questions about user autonomy and data control worldwide, as discussed by AInvest on December 1, 2025.
• Impact on the Indian Smartphone Market: India is one of the world's largest mobile markets, with over 1.2 billion subscribers, making compliance crucial for manufacturers, as highlighted by Mint on December 1, 2025. While Android manufacturers might adapt more easily due to their customization flexibility, Apple faces a significant strategic dilemma, potentially risking fines or market access restrictions if it resists, according to ainvest on December 1, 2025.
• Features of the Sanchar Saathi App: Beyond tracking lost phones, the Sanchar Saathi app integrates several key safety features. These include "Chakshu," a tool for reporting suspected fraudulent communications via calls, SMS, or WhatsApp; "Lost/Stolen Mobile Blocking" which uses the Central Equipment Identity Register (CEIR); and "Connection Management" to identify unauthorized SIM cards. These features are intended to combat various forms of telecom fraud, as detailed by Privacy Alert on December 2, 2025.