India Orders Mobile Producers to Pre-install Devices with National Cyber Safety App

In a major decision, India's telecommunications authority has confidentially asked mobile phone manufacturers to preload all new phones with a government-backed cybersecurity app that is non-removable. This order, which has come to light, is set to concern major technology companies like Apple and raise questions among digital rights groups.

An International Shift in Cybersecurity Regulation

To combat a growing wave of online fraud and device misuse, India is following authorities across the globe. This move echoes similar regulations introduced in countries like Russia, which aim to block the use of lost phones for fraud and encourage government-developed applications.

What Companies Are Bound by the Order?

The recent mandate affects major mobile phone makers active in the domestic market. This encompasses Apple, which has previously locked horns with regulators over comparable apps, as well as leaders like Samsung, Vivo, Oppo, and Xiaomi.

Details of the Official Mandate

An directive dated 28 November allots smartphone companies a 90-day window to ensure that the official "Messenger Friend" application is included on all new mobile phones. A key provision is that users are prevented from deleting the software.

For phones currently in the distribution network, makers are required to deliver the app via software updates. It is notable that this directive was privately circulated and was dispatched privately to chosen companies.

User Consent Concerns Expressed

However, legal specialists have flagged serious worries regarding this decision. A legal expert focusing in tech issues said that India's directive is a cause for concern.

“The government in essence erodes user consent as a real choice,” said Mishi Choudhary, an expert working on digital rights matters.

Digital rights groups had previously criticised a similar mandate by Russia in August for a state-backed communication called Max to be included on phones.

The Scope of the Domestic Smartphone Landscape

India, one of the world's largest telephone markets, boasts over 1.2 billion connections. Official data show that the cybersecurity app, introduced in January, has reportedly assisted in locating more than 700,000 lost phones, with an estimated 50,000 found in October by itself.

The authorities states that the tool is crucial to tackle the “grave endangerment” of telecom cybersecurity from cloned or spoofed IMEI numbers, which facilitate scams and system abuse.

Apple's Position

Apple's iOS powers an estimated 4.5% of the 735 million smartphones in India, with the rest using Android, as per market research. While Apple includes its own first-party applications on its devices, its company guidelines are said to prohibit the installation of any government app before the sale of a device.

“Apple has traditionally resisted such requests from authorities,” noted Tarun Pathak, a research director at Counterpoint.

“It’s likely to aim for a compromise: rather than a mandatory pre-install, they might discuss and ask for an alternative to prompt users towards installing the app.”

Requests for response from Apple, Google, Samsung, and Xiaomi went unresponded. India’s telecoms department also did not respond.

The Role of the IMEI and the App's Purpose

The IMEI, or International Mobile Equipment Identity, is a 14- to 17-digit number assigned to each handset. It is most commonly used by networks to cut off network access for phones reported as lost.

The government app is primarily created to enable users block and locate missing phones across all telecom networks, using a national database. It also enables them to detect, and disconnect, fraudulent mobile connections.

Notable Adoption and Outcomes

With more than 5 million installs since its launch, the software has reportedly been used to disable over 3.7 million missing mobile phones. Moreover, over 30 million illegal connections have also been terminated through its use.

The authorities asserts that the software helps preventing digital threats and assists in the locating and blocking of missing phones, thereby aiding police in recovering devices and keeping counterfeits out of the black market.