The proposed rules introduce a new category termed “Telecommunication Identifier User Entity” (TIUE), encompassing all organisations that use mobile numbers to identify or authenticate customers
India’s Department of Telecommunications (DoT) has proposed a new set of cyber security rules aimed at curbing fraudulent activities conducted using mobile phone numbers. The draft rules, published on 24 June, propose the creation of a Mobile Number Verification (MNV) platform to enable secure validation of phone numbers by licensed telecom operators and authorised entities. The move is part of a broader push to tighten digital safety protocols as mobile numbers become increasingly central to financial transactions and digital identification processes.
The proposed rules introduce a new category termed “Telecommunication Identifier User Entity” (TIUE), encompassing all organisations that use mobile numbers to identify or authenticate customers — such as banks facilitating UPI transactions. Under the new mechanism, these entities would be able to verify whether a mobile number exists in the database of a licensed telecom provider or an authorised third party. This system is intended to help detect and prevent the use of unauthorised or spoofed numbers in fraudulent schemes.
A pricing model has also been outlined in the draft. Government-authorised entities will be charged ₹1.50 per request for mobile number status validation, while all other organisations will be charged ₹3 per request. The differential pricing reflects an effort to prioritise state-authorised services while still offering private entities access to the security infrastructure. The DoT has opened the proposal for public consultation, inviting comments from stakeholders within 30 days of the draft’s release.
The proposed rules would also enhance the powers of law enforcement and government-authorised agencies to access transaction histories involving mobile numbers, extending these provisions to cover non-telecom entities. According to officials familiar with the matter, at least one major bank has already begun piloting the new MNV mechanism. In the pilot, mobile numbers identified in fraudulent activity are flagged and subsequently deactivated for a 90-day period. Following the suspension, the number’s history is automatically purged to ensure that future users of recycled numbers are not penalised.
The draft regulation underscores the government’s growing concern over the misuse of mobile numbers in digital fraud and its intent to build a more secure digital ecosystem. If implemented, the rules could significantly reshape how institutions verify user identities and monitor suspicious behaviour in India’s rapidly expanding digital economy.
