COAI backs SIM-binding as key security safeguard

The Cellular Operators Association of India (COAI) has welcomed the Government of India’s recent order mandating SIM-binding for app-based communication services, describing it as an essential step for strengthening national security and user protection. Lt Gen Dr SP Kochhar, Director General of COAI, addressed what he described as “misconceptions” circulating about the measure and clarified its implications for users and service providers.

According to Lt Gen Dr Kochhar, concerns that SIM-binding will inconvenience users, particularly overseas travellers, are not supported by evidence. He noted that SIM-binding already underpins widely used systems such as UPI and digital payment apps, where the SIM only needs to be present and active in the device, without requiring mobile data. This model, he said, can be applied “seamlessly” to communication apps, allowing users abroad to continue using services via Wi-Fi or a foreign SIM while keeping their Indian SIM in a secondary slot.

He acknowledged worries about single-SIM devices but stressed that SIM-binding is “a deliberate and essential security safeguard” intended to prevent misuse from outside and within India. Lt Gen Dr Kochhar argued that the measure helps curb untraceable fraud, scams and attempts by foreign actors to exploit communication platforms, thereby protecting both national security and citizen safety.

Addressing the impact on international use, he clarified that subscribers abroad will still be able to use communication apps under local rules, while Indian recipients will have their apps bound to their Indian SIM, thereby enhancing security for both individuals and the country.

Lt Gen Dr Kochhar also defended the requirement for time-bound reauthentication, such as a six-hour logout cycle, noting that it aligns with norms for other identity-sensitive digital systems used in finance and governance.

Smartphones benefit from secure cryptographic login, while laptops and tablets, being more vulnerable, require periodic authentication. He said that users typically have their phones with them, making reauthentication straightforward compared with the significant security gains.

On the broader security value of SIM-binding, he described it as a “layered defence” that closes important vulnerabilities in digital communication systems. Critics, he said, have overstated concerns by overlooking how SIM-binding complements existing safeguards.

Privacy concerns, according to Lt Gen Dr Kochhar, are “misplaced”. SIM-binding does not require additional data collection nor does it generate new categories of metadata. Instead, it simply verifies the presence of the SIM linked to the user during authentication, similar to long-established UPI practices, thereby enhancing security without intruding on user privacy.

He also clarified that SIM-binding does not interfere with enterprise messaging, CRM systems, APIs or other business processes. It operates only at the user-account level, ensuring that accounts, whether used by customers or automated systems, are tied to valid and verified SIMs.

Lt Gen Dr Kochhar concluded that there has been “a crying need” to ensure that app-based communication services remain identifiable without violating privacy rules or diminishing service quality. The government’s order, he said, strikes the right balance by offering traceability and linking communication apps to telecom SIMs to protect users from fraud and the nation from malicious actors.

COAI’s view, as he summarised, is that SIM-binding is “a balanced, privacy-respecting security measure” that bolsters digital trust and safeguards users without compromising convenience or business continuity, and that such a solution is “long overdue.”