The Government has introduced the Telecom Cyber Security Amendment Rules 2025 to strengthen the protection of telecom identifiers and digital services. A new kind of entity, called a Telecommunication Identifier User Entity (TIUE), is now formally brought under supervision. TIUEs include any organisation that uses mobile numbers or other telecom identifiers to identify customers, deliver services, or perform verification.
A central Mobile Number Validation (MNV) platform will be set up so that TIUEs, government agencies, or licence-holders can verify whether a telecom identifier submitted by a user matches the database of a licensed telecom operator. The MNV platform will collect requests, route them to licence-holders or authorised entities, and share responses. A small fee will apply per validation request.
The rules also introduce enhanced controls on device identifiers: manufacturers and importers must not assign IMEI numbers already in use, a national database will list tampered or restricted IMEIs, and used device sellers must check this list before resale.
The Government gains stronger supervisory powers: it can demand data from licence-holders and TIUEs on identifiers, suspend or permanently block identifiers without prior notice if the public interest demands it, and direct affected entities accordingly.
This regulatory update aims to ensure that telecom identifiers are not misused for fraud, impersonation, or unauthorised access. The new rules apply to telecom operators, digital platforms, and service providers that use mobile numbers for onboarding. Implementation will require integration with the MNV platform, data-handling safeguards, and compliance systems. The amendment reflects a shift toward trusted digital identity and stronger cybersecurity in India's telecom ecosystem.