India Mandates Preinstallation of Non-Removable Cybersecurity App on All New Phones

The Indian Department of Telecommunications has ordered major phone manufacturers to preinstall the government's Sanchar Saathi cybersecurity application on all new devices sold in India within 90 days. This app, designed to combat telecom fraud such as SIM swap scams and spam calls, cannot be uninstalled or disabled by users. Sanchar Saathi is currently available on web platforms and as a mobile app for Android and iOS devices. The mandate aims to enhance cybersecurity for citizens by providing a tool for reporting fraudulent activities. However, the non-removable nature of the app raises concerns about user autonomy and potential privacy issues. From a technical standpoint, preinstalling an app that cannot be removed may introduce new attack vectors if the app has vulnerabilities. This move could set a precedent for other countries to implement similar measures, potentially leading to debates about surveillance and user privacy. Cybersecurity professionals should monitor government-mandated software for potential vulnerabilities and advocate for transparent communication about data collection and usage practices to maintain user trust.