COAI pushes for SIM-binding in OTT communication services

The Cellular Operators Association of India (COAI) has suggested that all Over-The-Top (OTT) communication apps be required to keep a constant link with verified mobile SIM cards in response to the growing threat of digital scams and challenges to national sovereignty. The goal of this act is to strengthen national security infrastructure and combat cyber fraud.

According to COAI, implementing continuous SIM-binding would significantly enhance consumer trust, accountability, and traceability, while also aligning OTT platforms with the regulatory frameworks already governing telecom service providers.

Telecom sector’s proactive measures

COAI beieves that India’s mobile operators are proactively implementing CNAP (Caller name presentation) and have implemented suspected spam protection measures on voice and SMS, TCCCPR related checks such as Principal entity (PE) -Telemarketer (TM) binding, A2P SMS header and content registration and keyword-based content screening of messages transmitted as well as enforcing DLT-based suffix rules for transparency. 

Despite these efforts, fraudsters have increasingly turned to OTT messaging platforms that function independently of telecom infrastructure. These platforms often operate without any real-time SIM verification, making them immune to telecom-level monitoring and control.

Security risks of current OTT practices 

Presently, the binding process between a subscriber's app-based communication services and their mobile SIM card occurs only once during the initial installation and verification phase, after which the application continues to function independently on the device even if the SIM card is later removed, replaced or deactivated.

Lt Gen Dr S P Kochhar Director General, COAI explains, 'For e.g., if the original SIM card is removed from the device and the device with the OTT Communication App is used for a criminal activity from any geographic location, since no SIM is present during the crime, there is no verifiable link, such as call records, location data or carrier logs, to prove which device was used or where the activity occurred. This proves to be a major impediment towards preventing the issues of spam and cyber frauds and could pose a major threat to national security as well.'

Call for persistent SIM-binding 

COAI, therefore, suggested that such OTT Communication Apps implement persistent SIM-binding that remains active beyond initial installation. This would ensure that the communication service cannot operate without the authenticated SIM physically inserted in the device, maintaining critical traceability between the user, the number and the device.

COAI futher added that this will not only help reduce the occurrence of spam and fraud communications significantly over these applications, but also help mitigate financial frauds by acting as a deterrent against misuse of app-based communication platforms, thus bringing relief to both the telecom service providers and the OTT communication platforms.

According to Lt Gen Dr S P Kochhar, 'It will also help establish a regulatory level playing field by ensuring that laws and compliance frameworks governing user identification, geographic accountability and lawful interception protocols apply equally to app-based communication services and telecom service providers.”