India orders phone makers to preload devices with state-owned cyber safety app

India’s telecoms ministry has privately asked smartphone makers to preload all new devices with a state-owned cybersecurity app that cannot be deleted, a government order showed, a move likely to antagonise Apple and privacy advocates.In tackling a recent surge of cybercrime and hacking, India is joining authorities worldwide, most recently in Russia, to frame rules blocking the use of stolen phones for fraud or promoting state-backed government service apps.Apple, which has previously locked horns with the telecoms regulator over development of a government anti-spam mobile app, is among the companies, such as Samsung, Vivo, Oppo and Xiaomi bound by the new order.The 28 November order gives major smartphone companies 90 days to ensure that the government’s Sanchar Saathi app is pre-installed on new mobile phones, with a provision that users cannot disable it.For devices already in the supply chain, manufacturers should push the app to phones via software updates, the ministry said in its order, which was not made public and was sent privately to select companies.A lawyer specialising in technology matters said India’s move was cause for concern, however.“The government effectively removes user consent as a meaningful choice,” said Mishi Choudhary, who works on internet advocacy issues.Privacy advocates criticised a similar requirement by Russia in August for a state-backed messenger app called Max to be pre-installed on phones.One of the world’s largest telephone markets, India has more than 1.2 billion subscribers, and government figures show the app, launched in January, has helped recover more than 700,000 lost phones, including 50,000 in October alone.The government said the app was essential to combat “serious endangerment” of telecom cybersecurity from duplicate or spoofed IMEI numbers, which enable scams and network misuse.Apple’s iOS powered an estimated 4.5% of 735m smartphones in India by mid-2025, with the rest using Android, according to Counterpoint Research.While Apple pre-installs its own proprietary apps on phones, its internal policies prohibit installation of any government or third-party app before sale of a smartphone, a source with direct knowledge of the matter said.“Apple has historically refused such requests from governments,” said Tarun Pathak, a research director at Counterpoint.skip past newsletter promotionafter newsletter promotion“It’s likely to seek a middle ground: instead of a mandatory pre-install, they might negotiate and ask for an option to nudge users towards installing the app.“Apple, Google, Samsung and Xiaomi did not respond to requests for comment. India’s telecoms ministry also did not respond.A 14- to 17-digit number unique to each handset, the IMEI, or International Mobile Equipment Identity, is most commonly used to cut off network access for phones reported to have been stolen.The Sanchar Saathi app is mainly designed to help users block and track lost or stolen smartphones across all telecom networks, using a central registry. It also lets them identify, and disconnect, fraudulent mobile connections.With more than 5m downloads since its launch, the app has helped block more than 3.7m stolen or lost mobile phones, while more than 30m fraudulent connections have also been terminated.The government says the software helps prevent cyberthreats and assists tracking and blocking of lost or stolen phones, helping police to trace devices, while keeping counterfeits out of the black market.Quick GuideContact us about this storyShowThe best public interest journalism relies on first-hand accounts from people in the know.If you have something to share on this subject, you can contact us confidentially using the following methods.Secure Messaging in the Guardian appThe Guardian app has a tool to send tips about stories. Messages are end to end encrypted and concealed within the routine activity that every Guardian mobile app performs. This prevents an observer from knowing that you are communicating with us at all, let alone what is being said.If you don't already have the Guardian app, download it (iOS/Android) and go to the menu. Select ‘Secure Messaging’. SecureDrop, instant messengers, email, telephone and postIf you can safely use the Tor network without being observed or monitored, you can send messages and documents to the Guardian via our SecureDrop platform.Finally, our guide at theguardian.com/tips lists several ways to contact us securely, and discusses the pros and cons of each. Illustration: Guardian Design / Rich Cousins