Central Idea

Recent reforms in the Indian telecom sector target cybercrime and financial fraud prevention.
The reforms focus on revising bulk SIM card procurement norms and registering final points of sale (PoS).
The objective is to bolster the effectiveness of the citizen-centric portal Sanchar Saathi, initiated earlier for the same purpose.

Sanchar Saathi: Empowering Citizens

Sanchar Saathi empowers citizens to manage mobile connections and prevent misuse.
Users can verify their registered connections, block stolen or lost phones, report suspicious connections, and verify device authenticity using IMEI.
The system employs Central Equipment Identity Register (CEIR) and Telecom Analytics for Fraud Management and Consumer Protection (TAFCOP) modules.
Sanchar Saathi has already analyzed 114 crore active mobile connections, identified 66 lakh suspicious connections, and disconnected 52 lakh connections.
Additional achievements include blocking 66,000 WhatsApp accounts and freezing 8 lakh bank/wallet accounts linked to fraud.
Over 300 FIRs have been filed against more than 1,700 dealers under the initiative.

Reforms mandate registration of SIM card franchisees, agents, and distributors (PoS) with telecom operators.
Operators are accountable for robust PoS verification, including mandatory police verification.
Written agreements between PoS and licensees for SIM card sales are now obligatory.
Existing SIM card providers are given a year to comply with the new registration process.
Non-compliance results in termination, a 3-year blacklist, and a Rs 10 lakh penalty.

The new approach replaces ‘bulk procurement’ with ‘business’ connections.
Businesses can procure numerous connections, but each end-user must undergo KYC.
KYC involves end-user verification, activating the SIM card only after successful KYC and address verification.
To prevent misuse of printed Aadhaar, demographic details must be captured by scanning the QR code.
Subscribers require full KYC for SIM replacement; outgoing and incoming SMS services are suspended for 24 hours during this process.
Biometric authentication options, including thumb impression, iris, and facial recognition, are introduced.
Disconnected mobile numbers cannot be assigned to other customers for 90 days.

Effective enforcement at the local level for smaller stores needs examination.
Concerns arise regarding infrastructure and safeguards for handling sensitive data.
Clarity on agent requirements for data acquisition, processing, and retention is necessary.
Despite Aadhaar-based KYC, persisting issues in fraud prevention need attention.
Data acquisition should strictly align with its intended purpose.

The telecom reforms aim to strengthen cybersecurity and financial safety.
Balancing effective data collection and privacy is essential.
Continuous vigilance and adaptation are vital to a robust cybersecurity framework.