Explainer: The Sanchar Saathi specifics

THE Centre’s Sanchar Saathi app, developed by the Department of Telecommunications (DoT) as a one-stop toolkit for mobile safety and anti-fraud measures, became a national talking point after the government’s now-withdrawn order to smartphone makers to pre-install it on every device sold or imported into India.

The idea behind the app is simple — help users verify handset authenticity, block lost or stolen phones and flag suspicious calls or messages. But the initial mandate evoked sharp criticism, raising concerns about privacy, surveillance and how much space the state should occupy inside citizens’ personal devices.

How exactly does it function

Sanchar Saathi is a mobile app and web portal (operational since 2023) developed by the DoT to help users secure their phones, SIM identities and communications from fraud and misuse. It connects several government backend systems, including the Central Equipment Identity Register (CEIR) and Telecom Analytics for Fraud Management and Consumer Protection (TAFCOP), into a single interface for ordinary users.

While CEIR records legitimate IMEI numbers of all mobile devices, TAFCOP is essentially a registry of all SIM card connections and their registered users. At its core, Sanchar Saathi bundles features that shield users from several telecom harms. The app and portal let users:

1. Block lost or stolen handsets across all operators using IMEI-based trace-and-block facilities.

2. Verify handset IMEI/genuineness before purchase.

3. See how many mobile connections exist in their name and flag unknown numbers.

4. Report suspected fraud communications (calls, SMS, WhatsApp) via a “Chakshu” facility.

5. Access trusted contact details of banks/financial institutions and information on wireline ISPs.

These functions are described on the official Sanchar Saathi site as consumer-protection measures meant to curb IMEI tampering, second-hand phone fraud and telecom-related scams.

Uproar over privacy & power

Opposition leaders, civil liberty activists and several tech experts saw mandatory pre-installation, especially when paired with directives that devices must not hide or restrict features, as a potential avenue for mass surveillance or at least an unnecessary state presence in a private device. Tech companies and security experts also raised practical concerns. Apple was reportedly resistant to being forced to preload the app, citing user privacy and platform security policies.

Other manufacturers worried about firmware and update complexities and being held liable if pre-installed apps conflicted with platform rules or third-party privacy commitments.

Were the concerns genuine?

Yes, some were. Sanchar Saathi’s declared feature set remains firmly defensive: IMEI checks, SIM audits and fraud reporting. Nothing in the visible design suggests that it silently records calls or messages. Yet the backlash was not just about code, it was about power. For a brief window, the government sought to ensure that every new smartphone carried a state app by default, potentially with system-level privileges, and that possibility alarmed both digital rights groups and constitutional lawyers.

Cybersecurity experts point out that intent matters as much as capability. Lovjot Singh Chhabra, director, Cyber Defence Intelligence, notes that while the government’s rationale remains unclear, the state already has mechanisms to access deeply personal information when legally required. “Since most social media platforms are owned by foreign entities, rising geopolitical tensions could have triggered the move,” he adds.

Another cybersecurity expert, Shubham Singh, says that even if no misuse was planned, the mandate effectively created a permanent doorway into every phone and asked citizens to trust that it would never be used. The controversy, he stresses, is not merely technical. It is about control, transparency and trust.

Privacy concerns centred on a few key issues:

Permissions and data flows: Pre-installed apps often seek broad permissions, and without transparent, independently audited data-flow disclosures, users worry about what metadata is collected, how long it is stored and who can access it.

Mandatory vs optional: The DoT first required pre-installation, then clarified that users could uninstall it, and eventually withdrew the order, a confusing sequence that deepened mistrust.

Why these concerns still matter

The episode raises deeper questions about how governments balance cybersecurity and fraud prevention with fundamental rights to privacy and user autonomy.

“Sanchar Saathi itself wasn’t the villain of this story. The problem was the idea that the state could quietly standardise itself into the operating system,” says Sunil Kumar, software engineer, Konceive Development Centre.

This sentiment echoes digital rights organisations’ warnings of “non-consensual points of access” before the rollback. Addressing these concerns will now require the government to craft cybersecurity solutions that empower users without compromising their freedom.