India's telecommunications ministry has ordered major mobile device manufacturers to preload a government-backed cybersecurity app named Sanchar Saathi on all new phones within 90 days.
According to a report from Reuters, the app cannot be deleted or disabled from users' devices.
Sanchar Saathi, available on the web and via mobile apps for Android and iOS, allows users to report suspected fraud, spam, and malicious web links through call, SMS, or WhatsApp; block stolen handsets; and allow a mobile subscriber to check the number of mobile connections taken in their name.
One of its important features is the ability to report incoming international calls that start with the country code for India (i.e., +91) to facilitate fraud.
"Such international calls are received by illegal telecom setups over the internet from foreign countries and sent to Indian citizens disguised as domestic calls," the government notes on the website. "Reporting about such calls helps the Government to act against illegal telecom exchanges which are causing financial loss to the Government's exchequer and posing a threat to national security."
The Android and iOS apps have been collectively installed over 11.4 million times, with a majority of the installations from the Indian states of Andhra Pradesh and Maharashtra. Since its launch in May 2023, the service has blocked more than 4.2 million lost devices, traced 2.6 million of them, and successfully recovered about 723,638 devices.
The Google Play Store listing for Sanchar Saathi's Android app says it can view network connections, run at startup, control vibration, and request access to the following services -
- SMS (Read/send SMS messages)
- Phone (Read call log and phone status and identity)
- Photos/Media/Files (Read contents of USB storage and modify or delete them)
- Storage (Read contents of USB storage)
- Camera (Take pictures and videos)
- Device ID & call information (Read phone status and identity)
The November 28, 2025, directive, per Reuters, requires manufacturers to push the app to phones that are already in the supply chain via a software update. The government has framed the app as necessary to tackle threats facing telecom cybersecurity, including spoofed IMEI numbers that can be used to facilitate scams and network misuse.
In a press statement, the Ministry of Communications said the pre-installation is required to safeguard citizens from buying non-genuine handsets and enable easy reporting of suspected misuse of telecom resources. Manufacturers are also required to ensure that the application is readily visible and accessible to end users at the time of first use or device setup and that its functionalities are not disabled or restricted.
"Mobile handsets bearing duplicate or spoofed IMEI pose serious endangerment to telecom cybersecurity," the Ministry added. "Spoofed/Tampered IMEIs in telecom networks lead to situations where the same IMEI is working in different devices at different places simultaneously and pose challenges in action against such IMEIs."
"India has a big second-hand mobile device market. Cases have also been observed where stolen or blacklisted devices are being re-sold. It makes the purchaser abettor in crime and causes financial loss to them. The blocked/blacklisted IMEIs can be checked using the Sanchar Saathi App."
Will it Go the Way of Russia's MAX?
With the latest move, India has joined the likes of Russia, which mandated the pre-installation of a homegrown messenger app called MAX on all smartphones, tablets, computers, and smart TVs sold in the country starting September 1, 2025. Critics have claimed the app can be used to track users, although state media have dismissed those accusations as false.
Russian authorities have since announced partial restrictions on voice and video calls in messaging apps Telegram and WhatsApp to counter criminal activity, with state communications watchdog Roskomnadzor threatening to block WhatsApp completely if the messaging platform fails to comply with Russian law.
According to the agency, WhatsApp was being used to organize and carry out terrorist activities, to recruit perpetrators, as well as for fraud and other crimes against Russian citizens.
As of late October 2025, data from the independent monitoring project Na Svyazi shows that access to Telegram and WhatsApp has been restricted in about 40% of Russia's regions. Roskomnadzor said the restrictions were due to criminal activity, such as fraud and extortion, and involving Russian citizens in sabotage and terrorist activities.
App Can Be Deleted If Not Needed: Telecom Minister
In a statement shared on X on December 2, 2025, India's telecom minister Jyotiraditya M. Scindia said "this is a completely voluntary and democratic system" and that "users may choose to activate the app and avail its benefits, or if they do not wish to, they can easily delete it from their phone at any time."
However, this contradicts the government-issued confidential order that requires smartphone makers to preload it and ensure it's not disabled or restricted. Reuters has since reported that Apple does not plan to comply with the directive, citing industry sources.
The iPhone maker is expected to tell the government it does not follow such mandates anywhere in the world as they raise privacy and security issues for the company's iOS ecosystem.
The Internet Freedom Foundation, an Indian digital rights advocacy group, said the government directive turns every smartphone sold in India into a "vessel" for state-mandated software that the user cannot meaningfully refuse, control, or remove.
"For this to work in practice, the app will almost certainly need system level or root level access, similar to carrier or OEM system apps, so that it cannot be disabled," it added. "That design choice erodes the protections that normally prevent one app from peering into the data of others, and turns Sanchar Saathi into a permanent, non-consensual point of access sitting inside the operating system of every Indian smartphone user."
Indian Government Reverses Course
Following backlash and concerns that the security app would broadenthe government's access to users' devices and erode privacy, the Indian government has backed away from its plans to force smartphone makers to preload the Sanchar Saathi app on all devices sold in the country.
"Given Sanchar Saathi's increasing acceptance, the government has decided not to make the pre-installation mandatory for mobile manufacturers," it said in a statement released December 3, 2025. "The app is secure and purely meant to help citizens from bad actors in the cyber world."
The new directive effectively reverses an order that was confidentially issued to manufacturers last week. The Internet Freedom Foundation called the about-turn a "welcome development," but urged the need for caution, noting that "cautious optimism, not closure" was needed until revised directions under the Cyber Security Rules, 2024, are published and independently verified.
(The story was updated after publication to reflect the latest developments.)
