New Delhi, March 1: The Union Government of India has implemented a strict “SIM-binding” mandate for instant messaging applications, including WhatsApp, Telegram, and Signal, effective March 1, 2026. Under the new framework, these platforms must ensure that the registered mobile number’s SIM card remains physically active and present within the same device at all times for the service to function.
Previously, users only required a one-time password (OTP) to register an account, allowing the application to continue operating even if the SIM card was removed or placed in a different handset. This practice is no longer permitted under the revised security protocols.
If a user removes the SIM card or if the mobile number becomes deactivated, messaging services will be temporarily disabled automatically. The platforms will now perform continuous verification to confirm that the identity being used is authentic and tied to a local, active SIM on the hardware.
Government officials stated that the measures are designed to enhance digital security and verify user identities more effectively. A representative from the Ministry of Information Technology declared that the move addresses several security loopholes. “The presence of the physical SIM within the device serves as a continuous layer of authentication,” the official asserted.
Changes also extend to desktop and web-based interfaces. Users of WhatsApp Web will no longer remain logged in indefinitely. The new guidelines require an automatic logout every six hours, necessitating a fresh login via QR code scanning to maintain the session.
