The way Indians use WhatsApp and other messaging apps is set for a major shift after the Department of Telecommunications (DoT) issued a new directive requiring SIM binding for all platforms that rely on mobile-number registration. Apps such as WhatsApp, Signal, Telegram, Arattai, ShareChat, Snapchat and others now have 90 days to implement continuous SIM verification and enforce strict reauthentication measures, including mandatory six-hour logouts on web sessions. The order fundamentally alters the flexibility that Indian users have enjoyed for years, raising concerns about convenience even as the government cites stronger digital safety as its primary goal.
What the new SIM-binding rule means
For more than a decade, WhatsApp and similar apps have allowed users the convenience of registering once and then using the service freely on the same device—even if the original SIM card is removed. WhatsApp Web, too, has functioned smoothly with persistent logins, often remaining active throughout the workday.
The new DoT order changes this foundational behaviour. Apps will now need to ensure that the SIM used for registration remains physically active and present in the device. If the SIM is removed, replaced or becomes inactive, the app must immediately stop functioning.
This requirement goes deeper than one-time OTP verification. Apps will be compelled to continuously check the International Mobile Subscriber Identity (IMSI), the globally unique number stored on every SIM card. By forcing apps to match the IMSI with the registered number, the government believes it can curb cyber fraud, impersonation attempts and misuse of messaging services.
The new model mirrors the current approach of several banking apps in India, which require a precomposed SMS for verification and bind the app tightly to a specific SIM card. Messaging platforms will now have to adopt similar verification mechanisms.
WhatsApp Web to auto-logout every six hours
Perhaps the most disruptive change concerns WhatsApp Web. Under the new rules, the desktop and browser-based versions of messaging apps must automatically log users out every six hours. After the session expires, users will need to scan a new QR code from their primary phone to resume access.
The notification from DoT reads: “From 90 days of issue of these instructions, ensure that the web service instance of the Mobile App, if provided, shall be logged out periodically (not later than 6 hours) and allow the facility to the user to re-link the device using QR code.”
For millions who rely on WhatsApp Web during office hours—whether for communication, workflow coordination or customer support—this periodic logout will introduce considerable interruptions. Continuous, all-day WhatsApp Web sessions will no longer be possible.
Which apps are affected
The rules apply to all messaging apps that use mobile numbers for registration or identity verification. These include:
- Signal
- Telegram
- Arattai
- ShareChat
- Snapchat
- JioChat
- Josh
Any platform that uses phone numbers as a primary identifier must comply.
Why the government introduced the rule
The government argues that cyber fraud has grown significantly in recent years, with criminals exploiting loopholes in registration and multi-device access. By enforcing strict SIM binding, officials believe they can curb misuse, reduce the spread of illegal activities and help users safeguard themselves against impersonation or phishing attempts.
However, critics point out that these measures come at the cost of user convenience and may disrupt legitimate workflows. The Ministry maintains that the trade-off is necessary for enhanced digital hygiene and public safety.
What users stand to lose
The new mandate will have the greatest impact on:
- Users who frequently switch smartphones
- Those who use WhatsApp on secondary or Wi-Fi-only devices
- Professionals who work extensively on WhatsApp Web
- Households using one number across multiple devices
- Individuals using tablets without SIM support
Since WhatsApp will no longer function without the SIM physically present, users with Wi-Fi tablets or spare phones will need alternative login methods. Unless the apps introduce new QR-based primary logins or device linking options, multi-device flexibility may diminish drastically.
Moreover, users accustomed to keeping WhatsApp Web open for hours will now face repeated sessions ending mid-task, creating friction particularly for office and customer-support environments.When the changes take effect
Messaging apps have been given 90 days to implement the SIM-binding systems and four months to report compliance to the DoT. If there are no modifications or extensions from the government, the new rules will become mandatory across India soon after this period.
Conclusion
The upcoming SIM-binding requirement marks one of the biggest changes in India’s digital communication framework. While the government emphasises cybersecurity and user protection, the new rules undoubtedly alter long-established usage patterns on WhatsApp, Signal and other popular apps. As platforms prepare to comply, users will need to adjust to stricter device restrictions, periodic web logouts and reduced multi-device flexibility—ushering in a new era of more regulated digital messaging in India.