Department of Telecommunications (DoT) has amended the Telecommunication Cyber Security (TCS) Rules, 2024 on 22.10.2025 addressing critical vulnerabilities that have emerged with the rapid integration of telecom identifiers into digital services across sectors such as banking, e-commerce, and governance. The amendment reinforces India’s commitment to secure, transparent, and responsible telecom operations.
The updated Rules aim to bridge existing regulatory gaps and strengthen cyber resilience through collaborative mechanisms with entities using telecom identifiers. They introduce key new frameworks addressing longstanding issues:
Mobile Number Validation (MNV) platform: To curb the surge in mule accounts and identity frauds arising from unverified linkages of mobile numbers with financial and digital services, the Rules institutionalize MNV platform. This mechanism enables service providers to validate, through a decentralized and privacy-compliant platform, whether a mobile number used for a service genuinely belongs to the person whose credentials are on record — thereby enhancing trust in digital transactions.
Resale Device Scrubbing: India’s growing second-hand device market has become a hotspot for circulation of blacklisted, stolen, or cloned phones, leaving genuine purchasers vulnerable to legal complications. The amended Rules now require entities dealing in resale or refurbished devices to scrub every device’s IMEI number through a centralized database of blacklisted IMEIs before resale, protecting consumers and assisting law enforcement in tracking stolen equipment.
Telecom Identifier User Entity (TIUE) Obligations: Recognizing that multiple sectors now leverage telecom identifiers (such as mobile numbers, IMEIs, and IPs) for authentication and service delivery, the Rules define “TIUEs” and mandate them to share relevant telecom-identifier data with the government in specific, regulated circumstances. This ensures greater traceability, accountability, and coordination in tackling telecom-linked cyber frauds while maintaining compliance with data protection norms.
Collectively, these amendments aim to safeguard India’s digital ecosystem against telecom-enabled frauds, strengthen device traceability, and ensure responsible use of telecom identifiers. The TCS Amendment Rules, 2025 mark a decisive step toward a resilient, interoperable, and future-ready telecom cyber security framework that balances innovation, privacy, and national security.
The Telecommunication Cyber Security (TCS) Amendment Rules, 2025 were notified in the Gazette of India vide notification G.S.R. 771(E) dated 22.10.2025. Subsequently, due to an inadvertent error, while it was intended to publish another rule for consultation, the Telecommunication Cyber Security (TCS) Amendment Rules, 2025 were republished instead in the Gazette of India vide notification G.S.R. 796(E) dated 29.10.2025. This error now stands rectified by the Department of Telecommunications through notification G.S.R. 863(E) dated 25.11.2025, which rescinds the unintended re-publication of TCS amendment Rules and this rescindment in no way invalidates the original amendment to TCS Rule that brought it in to effect in the first place.
The Government hereby clarifies and reiterates that the Telecommunication Cyber Security (TCS) Amendment Rules, 2025 initially notified under G.S.R. 771(E) dated 22.10.2025, continues to be in force and enforceable.
