Why Your WhatsApp Might Soon Ask for an Active SIM and Frequent Logins

If you are one of the millions of Indians who rely on WhatsApp, Telegram, or Signal for daily communication, the way you use these apps is about to change significantly. In a bid to crack down on rising cyber fraud and the misuse of messaging platforms, the Department of Telecommunications (DoT) has introduced strict new guidelines that prioritize security over convenience.

The most substantial change under the "Telecommunication Cybersecurity Amendment Rules, 2025" is the requirement for a "continuous link" between the messaging app and an active SIM card. Until now, it was common practice to register an account with a phone number and then continue using the app over Wi-Fi, even if the SIM card was removed or the service plan expired. That loophole is effectively being closed.

Under the new directive, messaging platforms—now classified as "Telecommunication Identifier User Entities"—must constantly verify that the SIM card associated with the account is physically present and active in the device. If you remove the SIM or if it becomes inactive, the app will simply stop working. The government’s rationale is straightforward: fraudsters have frequently used apps without an underlying active SIM to mask their location or identity, often operating from outside the country to target Indian users. By binding the app to the SIM, authorities hope to ensure that every active account is traceable to a valid mobile connection.

The changes don't stop at your mobile phone. If you frequently use WhatsApp Web or Telegram on your laptop for work, you will likely face more friction. The new rules mandate that web versions of these apps must automatically log users out at least once every six hours. This means you will need to reach for your phone and re-authenticate your session—usually by scanning a QR code—multiple times throughout a workday. This measure is intended to secure browser-based sessions that are often left unattended on shared or office computers, reducing the risk of unauthorized access.

The clock is already ticking for these platforms to adapt. The government has given service providers a 90-day window from the date of the order to overhaul their systems and comply with these mandatory verification processes. Failure to do so could attract penalties under the Telecommunications Act, 2023.

While the intent is to curb the rampant financial scams and phishing attacks plaguing the country, the move has sparked a debate about user convenience and technical feasibility. Critics and cybersecurity experts have pointed out that while "SIM binding" adds a layer of traceability, it may not deter sophisticated criminals who can procure new SIMs using fake identities. Furthermore, this shift poses a headache for users with Wi-Fi-only tablets or secondary devices that lack SIM slots, as their ability to use these standard communication tools remains uncertain.

For the average user, the takeaway is clear: the era of "set it and forget it" for messaging apps is ending. In the coming months, staying connected will mean keeping your SIM active and your phone within arm's reach of your laptop.