DoT clarifies TCS Amendment Rules 2025 remain in force; new provisions strengthen cyber resilience and telecom-identifier security
The DoT said the TCS Amendment Rules, 2025 are designed to be interoperable, future-ready and aligned with national security requirements, while ensuring that innovation and user privacy continue to be preserved.
New Delhi, November 27: The Department of Telecommunications has reaffirmed that the Telecommunication Cyber Security (TCS) Amendment Rules, 2025—originally notified on October 22 under G.S.R. 771(E)—remain valid and fully enforceable. The clarification follows an inadvertent re-publication of the same rules on October 29, which has now been formally rescinded through a notification dated November 25.
The amended rules mark a major step forward in strengthening India’s telecom cyber security framework amid the rapid integration of telecom identifiers such as mobile numbers and IMEIs into banking, e-commerce, governance and other digital services. DoT said the updated provisions close critical regulatory gaps and reinforce secure, transparent and responsible telecom operations.
A central pillar of the amendments is the Mobile Number Validation (MNV) platform, designed to curb identity fraud, mule accounts and misuse of unverified mobile numbers across digital transactions. The system allows service providers to verify—through a decentralised, privacy-compliant mechanism—whether a mobile number used for a service genuinely belongs to the individual on record.
To address vulnerabilities in India’s rapidly expanding second-hand device market, the rules introduce mandatory Resale Device Scrubbing. Entities dealing in refurbished or resold phones must now check every device’s IMEI against a central blacklist before resale, helping protect consumers and strengthening efforts to trace stolen, cloned or blacklisted equipment.
Recognising that telecom identifiers are now used across multiple sectors, the amendments formally define Telecom Identifier User Entities (TIUEs) and outline their obligations. TIUEs will be required to share specific telecom-identifier data with the government in regulated circumstances to support lawful investigations, improve traceability and counter telecom-linked cyber fraud—while ensuring compliance with data protection norms.
Together, the Mobile Number Validation system, Resale Device Scrubbing, and TIUE obligations form a strengthened cyber resilience architecture aimed at reducing telecom-enabled fraud, enhancing device traceability and safeguarding India’s digital ecosystem.
The DoT said the TCS Amendment Rules, 2025 are designed to be interoperable, future-ready and aligned with national security requirements, while ensuring that innovation and user privacy continue to be preserved.
By reaffirming the continued enforceability of the amended rules, the government has sought to remove any ambiguity and ensure uninterrupted implementation across all stakeholders.
