Skip to main content

Sanchar Saathi app Hero or spy? The line between safety and surveillance just got blurry.

The Indian telecom department describes Sanchar Saathi as a citizen-centric tool that "brings robust security features and fraud-reporting capabilities directly to users' smartphones. The app complements the existing Sanchar Saathi portal by providing convenient, on-the-go protection against identity theft, forged KYC, device theft, banking fraud, and other cyber risks.’’

Last week, the Department of Telecommunications ordered mobile manufacturers and importers to facilitate the availability and accessibility of the Sanchar Saathi app on devices for users in India.

According to my research, the Indian government had asked companies such as Apple, Samsung and Xiaomi to pre-install the app within 90 days. Reports also said that Apple was unlikely to oblige to the diktat from the government.

The directive, as expected, created a wide outrage with privacy advocates raising concerns over the government overreach and possibilities of government snooping. The move also met criticism from the key opposition leaders who have also demanded rolling back the directive. Though, the government has denied the charges of possible snooping. A senior tech researcher said

‘’The Government has no business being in citizens' lives and their phones. While this may have been rolled back, SIM binding mandate is still a major concern that will make citizens lives harder. A very bad architectural decision that will not solve the problem. If DOT is serious about solving the issue, it should address major fraud vectors such as social engineering like phishing, smishing, remote access apps SIM swap, mule bank account, fake loan apps, cross border call centres. These require financial network controls, not a phone side app,"  

Moreover, Internet Freedom Foundation, a digital rights organization, in an elaborated post said that the problems deepen when we look at the scope and safeguards. The order invokes "telecom cyber security" as a catch all justification, but it does not define the functional perimeter of the app. Clause 5 of the Directions refers to identifying acts that "endanger telecom cyber security," an expression so vague that it invites function creep as a design feature, not a bug. Today, the app may be framed as a benign IMEI checker. Tomorrow, through a server-side update, it could be repurposed for client-side scanning for "banned" applications, flag VPN usage, correlate SIM activity, or trawl SMS logs in the name of fraud detection.

"Nothing in the order constrains these possibilities. In effect, the state is asking every smartphone user in India to accept an open ended, updatable surveillance capability on their primary personal device, and to do so without the basic guardrails that a constitutional democracy should insist on as a matter of course. IFF is deeply concerned with this direction that sets up a precedent to enforce client-side scanning on all smartphones in India and calls for its recall,"

Labels:

Popular posts from this blog

ChatGPT-5 Is Powerful and Fast, But It Can’t Replace Software Engineers!

  As someone who’s been following tech closely for over a decade, I’ve seen countless innovations come and go but few have stirred as much excitement and debate as ChatGPT. ChatGPT has developed, and launch ChatGPT 5, it genuinely seems that the enhancements have significantly slowed down. Previous iterations led to significant advancements in AI capabilities, particularly in assisting with coding. However, the enhancements now seem minor and somewhat gradual. It feels as though we’re experiencing diminishing returns in the extent to which these models improve at truly substituting real coding tasks. The vast majority of people say that AI is going to replace software engineers very soon. Yes, AI can perform simple activities and support routine activities, but where there are intricate things like planning the system, tackling more challenging problems, grasping actual business needs, and collaboration with others, it hasn't been able to catch up yet. T hese require creativity...
Read more

Security Flaw in India's Income Tax Portal Exposes Sensitive Taxpayer Data

A major security vulnerability in India's income tax filing portal has been fixed, TechCrunch reported. The flaw, discovered by security researchers Akshay CS and "Viral" in September, allowed logged-in users to access real-time personal and financial information of other taxpayers. This included sensitive details such as full names, home addresses, email addresses, dates of birth, phone numbers and bank account information. Exposed Aadhaar numbers of individuals The security flaw in the income tax filing portal also exposed Aadhaar numbers, a unique government-issued identification number used for identity verification and accessing government services. TechCrunch verified the data by allowing researchers to search its records on the portal. The researchers confirmed on October 2 that the vulnerability had been patched. Discovery process Researchers found bug while filing tax returns The researchers found the security flaw while filing their recent income tax return on...
Read more

Beware of Fake Starlink Mini Messages: Satellite internet is not free in India.

    A viral message is making the rounds on WhatsApp and social media in India, claiming to offer zero monthly fees and unlimited internet  via a device called   Starlink Mini.While the offer may sound tempting but it is completely misleading and has been flagged by the Indian government as unauthorized and false. Starlink Is Not Yet Operational in India As of June 2025 The satellite internet service by Elon Musk’s SpaceX has not launched its commercial operations in India. Although the company has received a Letter of Intent from the Department of Telecommunications (DoT), it still requires key regulatory approvals including: 1.Spectrum allocation 2.Clearance from IN-SPACE (Indian National Space Promotion and Authorization Centre) Until these approvals are granted, no official Starlink services including Starlink Mini are available in India. Once Starlink gets the green light to operate in India, here’s what consumers can realistically expect: Monthly ...
Read more