New Delhi: The Department of Telecommunications (DoT) has notified the amended cybersecurity rules, despite apprehensions of the tech industry, as it feels the rules are needed to check the surge in cyber frauds including phishing.
The tech industry and experts have said the revised rules are too overarching, potentially bringing non-telecom firms under the ambit of the DoT while also compromising the privacy of consumers.
Officials, however, told ET that the rules will be mandatory only for the telecom operators which are licensees of the DoT and that other entities such as banks, financial institutions and insurance firms can come on board voluntarily.
"The fears are unfounded and their own creative thought process. The DoT doesn't intend to regulate anyone apart from the telecom firms, which are licensees," an official said.
As part of the new rules, the DoT plans to set up a mobile number validation (MNV) platform, through which it can be checked whether the mobile number belongs to the right person by checking the know your customer (KYC) details. The telcos who have the data will do the verification. The platform, which will be launched in the coming months, can be used by banks, financial institutions and insurance firms to verify details of customers while opening new accounts, which will solve to a large extent the problem of cyber frauds, said officials.
Currently, there is no legal mechanism to ensure that mobile numbers linked to bank accounts truly belong to account holders. To plug this gap, the DoT has amended the telecom cybersecurity rules and put in an enabling mechanism to set up an MNV platform, allowing banks and fintech firms to verify ownership of telephone numbers directly with telecom providers.
"Telcos have to mandatorily onboard the platform while others can do it voluntarily, if they feel it benefits them," said an official.
Businesses such as ecommerce firms and food delivery platforms are not regulated under the amended rules but if these entities too want to verify mobile numbers, they too can get it done on the MNV platform by paying a fee.
A section of stakeholders, particularly privacy activists and tech players, have expressed concerns over the amended rules. They argue that the new rules are too overarching and compromise the privacy of consumers as the government can force any entity or person using a mobile number to share details as the rules will apply to all 'telecommunication identifier user entities', or entities that use phone numbers to identify customers or their transactions.
The setting up of the MNV platform has also got the backing from the parliamentary standing committee on home affairs, which wants it to be implemented nationwide in collaboration with banks, non-banking financial companies and fintech platforms to limit the use of mobile numbers in fraudulent or mule accounts.
"The MNV platform will primarily benefit regulated entities like banks, financial institutions, etc., who need to verify the KYC details. Firms like ecommerce and food delivery platforms don't need to verify KYC details, so it might not be needed by them," said another official.
As part of the rules, the government is empowered to issue directions to phone makers to assist, when required, in dealing with tampered devices bearing international mobile equipment identity (IMEI) numbers.
The manufacturers can also be asked not to assign IMEIs already in use in telecom networks in the country to new telecom equipment being manufactured locally or imported.
The tech industry and experts have said the revised rules are too overarching, potentially bringing non-telecom firms under the ambit of the DoT while also compromising the privacy of consumers.
Officials, however, told ET that the rules will be mandatory only for the telecom operators which are licensees of the DoT and that other entities such as banks, financial institutions and insurance firms can come on board voluntarily.
"The fears are unfounded and their own creative thought process. The DoT doesn't intend to regulate anyone apart from the telecom firms, which are licensees," an official said.
As part of the new rules, the DoT plans to set up a mobile number validation (MNV) platform, through which it can be checked whether the mobile number belongs to the right person by checking the know your customer (KYC) details. The telcos who have the data will do the verification. The platform, which will be launched in the coming months, can be used by banks, financial institutions and insurance firms to verify details of customers while opening new accounts, which will solve to a large extent the problem of cyber frauds, said officials.
Currently, there is no legal mechanism to ensure that mobile numbers linked to bank accounts truly belong to account holders. To plug this gap, the DoT has amended the telecom cybersecurity rules and put in an enabling mechanism to set up an MNV platform, allowing banks and fintech firms to verify ownership of telephone numbers directly with telecom providers.
"Telcos have to mandatorily onboard the platform while others can do it voluntarily, if they feel it benefits them," said an official.
Businesses such as ecommerce firms and food delivery platforms are not regulated under the amended rules but if these entities too want to verify mobile numbers, they too can get it done on the MNV platform by paying a fee.
A section of stakeholders, particularly privacy activists and tech players, have expressed concerns over the amended rules. They argue that the new rules are too overarching and compromise the privacy of consumers as the government can force any entity or person using a mobile number to share details as the rules will apply to all 'telecommunication identifier user entities', or entities that use phone numbers to identify customers or their transactions.
The setting up of the MNV platform has also got the backing from the parliamentary standing committee on home affairs, which wants it to be implemented nationwide in collaboration with banks, non-banking financial companies and fintech platforms to limit the use of mobile numbers in fraudulent or mule accounts.
"The MNV platform will primarily benefit regulated entities like banks, financial institutions, etc., who need to verify the KYC details. Firms like ecommerce and food delivery platforms don't need to verify KYC details, so it might not be needed by them," said another official.
As part of the rules, the government is empowered to issue directions to phone makers to assist, when required, in dealing with tampered devices bearing international mobile equipment identity (IMEI) numbers.
The manufacturers can also be asked not to assign IMEIs already in use in telecom networks in the country to new telecom equipment being manufactured locally or imported.
You may also like
UK PM Keir Starmer pledges £10m to protect Muslims from hate crimes, faces backlash; 'what about churches?'
Tarun Kumar Pithode takes charge as Member Secretary of CAQM
FIA probes 'potential' F1 cost cap breaches as paddock rumours swirl at Mexico GP
Mizoram CM Lalduhoma announces Rs 100 Crore YMA Centre to strengthen community initiatives
PM Modi to attend Malaysia's ASEAN Summit virtually
