India's Department of Telecommunications (DoT) is implementing new rules for messaging apps that require users to have an active SIM card linked to their mobile number. This directive targets major platforms like WhatsApp, Telegram, and Signal, mandating compliance within 90 days. The goal is to address growing concerns about cyber fraud, phishing, and scams that exploit the ability to use these apps without a verified SIM. The recent amendment to the Telecommunications (Telecom Cyber Security) Rules, 2024, aims to close security gaps that criminals have been using to conduct cross-border fraud. Under the new rules, messaging services must ensure continuous linkage to the SIM card in the device, making it impossible to use the app without that active SIM. Additionally, users will be logged out of web sessions every six hours, requiring them to re-link their account via a QR code. This measure is designed to reduce account takeover risks and complicate the efforts of fraudsters who might control victim accounts remotely. The DoT highlighted that many scams occur because accounts remain active even after the associated SIM is removed or deactivated, allowing for anonymous fraud. The rules also tie each messaging account to a Know Your Customer (KYC) verified SIM, enabling authorities to trace numbers involved in scams. This approach mirrors existing regulations for banking apps that use India's Unified Payments Interface (UPI). The DoT recently announced plans to set up a Mobile Number Validation (MNV) platform to further combat identity fraud linked to unverified mobile numbers, enhancing trust in digital transactions. Service providers will be able to validate whether a mobile number truly belongs to the individual whose credentials are on record, thereby helping to tackle the surge in mule accounts.