Sanchar Saathi App: A Cyber Shield or Privacy Risk?

By : Benny Morgan Benny Morgan Reviewed By: Karla Spencer Karla Spencer
Hours Updated

Key Takeaway: India mandates pre-installation of Sanchar Saathi cybersecurity app on smartphones, sparking controversy over privacy concerns despite official clarification of voluntary use.

Sanchar Saathi App

The Indian government has issued a landmark directive requiring all smartphone manufacturers and importers to pre-install the Sanchar Saathi mobile application on devices sold across the country, triggering a nationwide debate over digital security and privacy rights. The Department of Telecommunications (DoT) issued the order on November 28, 2025, giving companies 90 days to comply and 120 days to submit implementation reports.​

What is Sanchar Saathi?

Sanchar Saathi is a citizen-centric digital safety initiative developed by the Department of Telecommunications to combat cyber fraud and strengthen telecom security across India. Available both as a mobile application and web portal at www.sancharsaathi.gov.in, the platform empowers mobile subscribers to protect themselves against various cyber threats and telecom-related crimes.​

The application was initially launched as a web portal in May 2023, followed by the mobile app version in January 2025 for both Android and iOS devices. Since its launch, the app has been downloaded over 14 million times, with more than 200 million people using the portal collectively.​

Sanchar Saathi App Key Features

Sanchar Saathi offers multiple security features designed to protect users from cyber fraud and device theft:

  • Chakshu – Fraud Communication Reporting: The app enables citizens to report suspected fraudulent communications, including scam calls, phishing SMS messages, and WhatsApp scams. Users can report communications related to fake KYC updates, impersonation as government officials, investment fraud, and other cybercrime attempts. According to the Sanchar Saathi website, this proactive reporting helps the Department of Telecommunications prevent misuse of telecom resources for financial frauds and cybercrimes.​
  • Block Lost or Stolen Devices: One of the most powerful features allows users to block lost or stolen mobile phones across all telecom networks in India. The system uses the International Mobile Equipment Identity (IMEI) number to block devices, preventing them from being used anywhere in the country. Once someone attempts to use a blocked phone, the system generates traceability data that helps law enforcement agencies track and recover the device.​
  • Know Mobile Connections in Your Name: This feature helps subscribers check how many mobile connections are registered under their name. Users can identify unauthorized connections and report numbers they did not authorize or no longer need.​
  • Verify Mobile Handset Genuineness: Users can check the authenticity of mobile handsets using the IMEI number through the Central Equipment Identity Register (CEIR) database. This is particularly useful when purchasing second-hand or refurbished phones to ensure they are not stolen, blacklisted, or cloned devices.​
  • Report International Calls with Indian Numbers: The app allows citizens to report international calls received with local Indian numbers. These calls often come from illegal telecom setups that receive international calls over the internet in foreign countries and transmit them to India as domestic calls, posing threats to national security and causing revenue losses.​
  • Know Your Wireline Internet Service Provider: Users can verify information about wireline Internet Service Providers in their locality to access legitimate internet services.​
  • Trusted Contact Details: The platform provides verified contact details for banks and financial institutions, helping users distinguish genuine customer service numbers from fraudulent ones.​

Sanchar Saathi Impressive Recovery and Impact Statistics

Sanchar Saathi has demonstrated remarkable success in recovering lost and stolen mobile devices across India. In October 2025 alone, the system recovered over 50,000 lost and stolen mobile handsets for the first time in a single month, marking a significant milestone in the initiative’s effectiveness.​

Overall, the platform has facilitated the recovery of more than 700,000 mobile devices nationwide, with Karnataka and Telangana emerging as top-performing states, each crossing 100,000 recoveries. Maharashtra follows with over 80,000 recovered devices.​

Monthly recoveries have surged by 47 percent between June and October 2025, demonstrating the system’s growing efficiency and reach. The Department of Telecommunications reports that more than one handset is now being recovered every minute across the country through the Sanchar Saathi system.​

The app has also helped disconnect over 40 million fraudulent mobile connections reported by citizens and blocked more than 600,000 fraud-linked IMEI numbers.​

The Controversial Mandate

The Department of Telecommunications issued directions dated November 28, 2025, mandating manufacturers and importers of mobile handsets intended for use in India to pre-install the Sanchar Saathi app under provisions of the Telecom Cyber Security (TCS) Rules. The directive requires that the app be readily visible and accessible to users during first use or device setup, and that its functionalities are not disabled or restricted.​

For devices already manufactured and currently in sales channels, the order directs companies to push the application through software updates.​

According to the government, this mandate aims to safeguard citizens from purchasing non-genuine handsets, enable easy reporting of suspected misuse of telecom resources, and increase the effectiveness of the Sanchar Saathi initiative. The DoT emphasized that mobile handsets bearing duplicate or spoofed IMEI numbers pose serious endangerment to telecom cyber security.​

India has a large second-hand mobile device market where cases have been observed of stolen or blacklisted devices being resold, making purchasers unwitting abettors in crime and causing financial losses.​

Opposition Outcry and Privacy Concerns

The government’s directive sparked fierce criticism from opposition parties and privacy advocates who raised concerns about surveillance, data collection, and constitutional rights.

Congress MP Priyanka Gandhi Vadra called Sanchar Saathi a “snooping app” and criticized it as “ridiculous,” stating that “citizens have the right to privacy. Everyone must have the right to privacy to send messages to family and friends without the government looking at everything”.​

Senior Congress leader KC Venugopal described the move as “beyond unconstitutional,” stating that “Big Brother cannot watch us.” He called a pre-loaded government app that cannot be uninstalled “a dystopian tool to monitor every Indian. It is a means to watch over every movement, interaction and decision of each citizen”.​

Congress MP Karti Chidambaram labeled the directive “Orwellian,” while Congress MP Renuka Chowdhury filed an adjournment motion notice in the Rajya Sabha seeking suspension of business to discuss the matter.​

Digital rights activist Nikhil Pahwa strongly criticized the mandate, calling it an “unprecedented invasion of privacy that turns a lost-phone tracker into a potential government surveillance tool.” He stated, “This is a first. India has never before required an unremovable state app on every device. Russia does btw, with its MAX Messenger (started September 2025)”.​

Pahwa warned that once the state gains irreversible access to the operating system layer, it opens the door to further forced apps without public consultation or accountability.​

The Internet Freedom Foundation noted that the directive “converts every smartphone sold in India into a vessel for state mandated software that the user cannot meaningfully refuse, control, or remove.” The organization pointed out that the app will almost certainly need system-level or root-level access, which “erodes the protections that normally prevent one app from peering into the data of others”.​

Government Clarification on Sanchar Saathi App

Following the intense backlash, Union Communications Minister Jyotiraditya Scindia issued a clarification on December 2, 2025, stating that the Sanchar Saathi app is “completely optional” and “not mandatory” for users.​

“If you want to delete it, you can. If you don’t wish to register, you shouldn’t register and can remove it anytime,” Scindia told reporters outside Parliament. He added that the app does not enable snooping or call monitoring.​

The minister emphasized that “every citizen in the country does not know that this app exists to protect them from digital frauds and theft, and it is our responsibility to make the app available to everyone”.​

In a social media post, Scindia clarified that the digital security of every citizen is the government’s topmost priority, and that Sanchar Saathi enables citizens to secure themselves through transparent, easy-to-use tools. He noted that users can activate the app at their convenience and may deactivate or delete it from their devices at any time.​

Apple’s Resistance

Tech giant Apple has reportedly decided not to comply with the Indian government’s directive and will formally convey its concerns to New Delhi, according to sources familiar with the matter.​​

Apple does not plan to follow the mandate and will tell the government it does not follow such mandates anywhere in the world as they raise privacy and security issues for the company’s iOS ecosystem, said two industry sources who declined to be named publicly.​

“Its not only like taking a sledgehammer, this is like a double-barrel gun,” said one source. Another added that Apple “can’t do this. Period”.​

The sources indicated that Apple does not plan to go to court or take a public stand but will communicate to the government that it cannot follow the order because of security vulnerabilities.​

While Apple tightly controls its App Store and proprietary iOS software, Google’s Android is open-sourced, allowing manufacturers like Samsung and Xiaomi greater flexibility to modify their software. Other brands including Samsung are reviewing the order, according to industry sources.​

Data Collection and Privacy Policy

Concerns have been raised about the permissions and data collection practices of the Sanchar Saathi app. According to information provided on the Google Play Store, the app requests permissions to use the phone camera, read call logs, send and read text messages including MMS, and access shared storage.​

In its developers’ declaration section on Apple’s and Google’s app stores, the DoT has declared that the application does not collect any user data. However, experts point out that this is not accurate, as the app does collect different types of personal data, including users’ phone numbers upon registration, photos, and call and SMS logs.​

The app’s privacy policy specifies that iPhone users will be prompted to grant permission for access to cameras, photos, and files for specific purposes. For Android users, the app requests access to call logs, the ability to send messages for registration, and the capability to make and manage phone calls “to identify mobile numbers in your device,” as well as access to cameras and photos.​

Technical Framework: CEIR and TCS Rules

The Sanchar Saathi initiative is backed by the Central Equipment Identity Register (CEIR), a multi-stakeholder system developed to facilitate blocking and tracing of lost and stolen mobile phones. The CEIR maintains a centralized database of IMEI numbers of mobile phones operating in India.​

The system was initially launched in Delhi, Mumbai, and Maharashtra in a phased manner and has since expanded nationwide. CEIR is a multi-stakeholder system where the Department of Telecommunications, Telecom Service Providers, Police, mobile phone manufacturers, and mobile phone subscribers have limited access according to their defined roles and responsibilities.​

The mandate is issued under the Telecom Cyber Security (TCS) Rules, which were recently amended in October 2025 as the TCS Amendment Rules, 2025. These rules empower the central government to issue directions to manufacturers of telecommunication equipment bearing IMEI numbers to provide assistance in relation to tampered telecommunication equipment or IMEI numbers.​

The TCS Amendment Rules, 2025, introduce several key frameworks to strengthen India’s cyber resilience:

Mobile Number Validation (MNV) Platform: A system to curb mule accounts and identity fraud by allowing service providers to verify whether mobile numbers genuinely belong to individuals using particular services.​

Resale Device Scrubbing: Mandates that entities dealing in second-hand or refurbished phones must check every device’s IMEI number against a centralized blacklist before resale, protecting consumers from unknowingly purchasing stolen or cloned devices.​

Telecom Identifier User Entities (TIUE) Obligations: Defines obligations for banks, fintechs, e-commerce firms, and digital platforms that use telecom identifiers to share relevant data with the government in regulated circumstances, ensuring greater traceability in fraud investigations.​

Latest Developments

As of December 2025, the controversy continues to unfold with several key developments:

The government has maintained that while manufacturers must pre-install the app, users have complete freedom to delete or not activate it.​

Apple’s position of non-compliance has raised questions about how the government will enforce the directive against companies that refuse to comply, particularly given that over 95% of smartphones in India operate on Google’s Android, with the remainder using Apple’s iOS.​

Opposition parties have indicated they will raise the issue in Parliament, with calls for debate on the constitutional and privacy implications of the mandate.​

Privacy experts and cyber law specialists continue to evaluate the implications. Cyber law expert Khushbu Jain acknowledged that “individual choice” is reduced when the app comes pre-installed but noted that “the goal here is collective security and fraud prevention, and it will only work if almost everyone is covered.” She pointed out that the Digital Personal Data Protection Act allows the state to process data without consent for defined public interest purposes, provided it follows principles like necessity, proportionality, purpose limitation, security, and accountability.​

Union Minister of Parliamentary Affairs Kiren Rijiju responded to opposition criticism, urging parties not to create disruptions in Parliament and assuring that the government is open to debate on all issues.​

Global Context

Digital rights advocates have compared India’s mandate to similar measures in authoritarian regimes. Russia began requiring its own state app, MAX Messenger, on devices starting September 2025. Critics worry that India’s move sets a precedent that could lead to additional mandatory government applications without public consultation.​

The controversy highlights the ongoing tension between national security interests, cybersecurity needs, and individual privacy rights in the digital age—a balance that democracies worldwide continue to negotiate.

Conclusion

The Sanchar Saathi app represents India’s ambitious effort to combat telecom fraud and protect citizens in an increasingly digital world. With impressive statistics showing over 700,000 recovered phones and millions of fraudulent connections terminated, the platform has demonstrated tangible benefits for public safety and digital security.​

However, the government’s directive to mandate pre-installation has sparked legitimate concerns about privacy, surveillance, and the appropriate boundaries of state power in a democratic society. The clarification that the app remains optional for users has provided some relief, but questions remain about implementation, data protection, and the precedent being set for future government applications.

As India navigates this complex intersection of security and liberty, the Sanchar Saathi controversy underscores the critical importance of transparency, public consultation, and robust data protection frameworks in an age where smartphones have become extensions of our personal and professional lives.

Related Posts 👇

Sources: Press Information Bureau, Government of India; Department of Telecommunications; Reuters; NDTV; India Today; The Print; BBC News; Hindustan Times; Economic Times; Times of India.

Benny Morgan
Benny Morgan

I’m Benny Morgan, a digital security expert with a degree in Computer Science from the University of Texas. My background spans cybersecurity consulting, malware research, and risk analysis. I specialize in translating complex online threats into actionable strategies, ensuring individuals and families stay safe in today’s fast-shifting digital environment.

At SecureDetectives, I leverage firsthand testing and evaluation of privacy tools, VPNs, parental control software, and anti-tracking solutions. My expertise lies in identifying weaknesses in consumer products and recommending solutions backed by evidence, not marketing claims. I aim to provide readers with clarity and confidence in their digital safety choices.

With years of hands-on experience addressing phishing schemes, data breaches, and identity theft, I write to empower readers to take proactive control of their privacy. My goal is simple: equip people with practical, proven tools and knowledge to navigate the digital world securely and responsibly.

Similar Posts