/vnd/media/agency_attachments/bGjnvN2ncYDdhj74yP9p.png)
/vnd/media/media_files/C12AWfSGFFLymFwH0mwu.jpg)
Telecommunication devices are a critical component of India’s digital economy. To strengthen the security of telecom networks and curb the spread of counterfeit devices, the Government of India has imposed strict requirements on the registration and protection of International Mobile Equipment Identity (IMEI) numbers. These measures are set out under the Telecommunications Act, 2023 and the Telecom Cyber Security Rules, 2024. The Department of Telecommunications (DoT) has urged all manufacturers, brand owners, importers and sellers to ensure full compliance with the legal framework.
Under the Telecommunications Act, 2023, severe penalties apply for tampering with telecommunication identifiers, including IMEI numbers. The Act prohibits the alteration of such identifiers and makes it an offence to knowingly possess any radio equipment, such as a mobile handset, modem, module or SIM box, that uses unauthorised or tampered identifiers. Violations can result in imprisonment of up to three years, fines of up to Rs 50 lakh, or both, with these offences classified as cognisable and non-bailable. Individuals or entities that assist or promote such activities face the same penalties.
Regulatory requirements
The Telecom Cyber Security Rules, 2024 require manufacturers to register the IMEI of every device produced in India, including handsets, modules, modems and SIM boxes, before the device is sold, tested, used for research and development or deployed for any other purpose. Importers are similarly obliged to register IMEI numbers before bringing such equipment into the country. All registrations must be completed via the Device Setu, Indian Counterfeited Device Restriction (ICDR) portal.
The government maintains a national database of tampered and blacklisted IMEIs, and organisations involved in the trade of used devices must verify IMEI numbers against this database before finalising transactions, subject to verification fees. Any device that carries an IMEI, including smartphones, cellular-enabled wearables, mobile hotspots, tablets, USB modems, modules, dongles, laptops and assembled devices such as SIM boxes, must be registered through the same portal.
Additional measures introduced under the Telecom Cyber Security Amendment Rules, 2025 allow the Central Government to direct manufacturers not to assign IMEI numbers already active on Indian telecom networks to newly produced or imported devices. The rules also prohibit intentionally removing or altering a device’s identification number, or using or possessing hardware or software designed for such tampering.
Devices capable of using programmable IMEIs are treated as tampered equipment under the law, and their manufacture, sale, procurement or use can lead to legal consequences. The Central Government may also instruct telecom operators to block any devices with tampered IMEIs from accessing networks or services.
The DoT stresses that these regulatory requirements are vital for strengthening telecom cyber security, preventing counterfeiting, supporting law enforcement, and ensuring proper tax compliance. Adhering to the rules protects India’s telecom infrastructure and reduces the risks posed by tampered or counterfeit devices, while non-compliance may attract significant legal penalties.
All registrations must be carried out on the Device Setu – ICDR portal, which supports company registration, brand registration linked to GSMA Type Allocation Codes, device model registration, IMEI number submission and certificate generation for customs clearance.