Current Affairs Topics Archive
International Relations Economics Polity & Governance Environment & Ecology Science & Technology Internal Security Geography Social Issues Art & Culture Modern History

From biometric checks to cap of 9 SIM cards per person, Centre moves to tighten SIM issuance to curb digital arrest fraud

March 26, 2026 5 min read Science & Technology Internal Security GS Paper 3 (Cybersecurity Internal Security) and GS Paper 2 (Governance)
On This Page

What Happened

  • The Central Government is pushing for mandatory biometric authentication for all SIM card issuances, including at the point of sale by retailers, to prevent fraudulent SIM procurement used in cybercrime.
  • A cap of 9 SIM cards per individual across all operators has been formalised under the Telecom Act 2023 framework, with a lower limit of 6 SIMs per person applicable in J&K, Assam, and the North-East.
  • The measures specifically target "digital arrest" fraud — a scheme where criminals, posing as law enforcement officials, use Voice-over-IP calls routed through fake SIMs to coerce victims into transferring money under threat of fake legal action.
  • India recorded cybercrime-related financial losses of approximately ₹18,000 crore in 2025, with digital arrest scams among the most prevalent types.
  • Additional measures being rolled out include Caller Name Presentation (CNAP) — displaying verified caller identity to recipients — and SIM Binding for apps, requiring app-based verification to use a number as an identifier.

Static Topic Bridges

Telecommunications Act, 2023: Key Provisions on SIM Fraud Prevention

The Telecommunications Act, 2023 (No. 44 of 2023), enacted on December 24, 2023, replaced the Indian Telegraph Act, 1885 and the Wireless Telegraphy Act, 1933 — two colonial-era statutes. The Act creates a modern legislative framework for telecom regulation and grants the Central Government and the Department of Telecommunications (DoT) broad powers over subscriber identity management. Section 42(3) prohibits acquiring SIM cards through deceitful means and tampering with telecom identifiers; these offences are cognizable and non-bailable under Section 42(7). Penalties under Section 42(3) include imprisonment up to 3 years, fines up to ₹50 lakh, or both.

  • Telecom Act, 2023: enacted December 24, 2023; replaces Indian Telegraph Act 1885
  • Section 42(3)(c): prohibits tampering with telecom identifiers
  • Section 42(3)(e): prohibits obtaining SIM cards by deceit
  • Section 42(7): offences are cognizable and non-bailable
  • Penalty: up to 3 years imprisonment + ₹50 lakh fine
  • Civil penalty for excess SIM possession: ₹50,000 (first offence); ₹2 lakh (subsequent)
  • SIM limit: 9 per person nationally; 6 per person in J&K, Assam, North-East
  • October 2025: DoT notified Telecom (Cyber Security) Amendment Rules under Section 56(2)(v) — SIM binding platform

Connection to this news: The proposed biometric check and SIM cap draw their legal authority directly from the Telecom Act 2023's provisions on subscriber identity management and fraud prevention.

Digital Fraud Mechanisms: "Digital Arrest" and Cyber Financial Crime

"Digital arrest" is a form of social engineering fraud where cybercriminals impersonate CBI, ED, Narcotics Control Bureau, or Customs officials and inform victims that they are under a "digital arrest" — fabricating involvement in drug trafficking, money laundering, or other crimes. Victims are kept under video surveillance on WhatsApp or Skype and coerced into transferring large sums to "settle" the case. The criminals use SIM cards obtained under fake KYC, VoIP services, and mule bank accounts. Prime Minister Narendra Modi specifically called out "digital arrest" fraud in a Mann Ki Baat address in October 2024, marking the first time the term entered mainstream public discourse from the highest political office.

  • Mechanism: impersonation of law enforcement + video call intimidation + financial coercion
  • Tools used: fake SIM cards, VoIP calls, mule bank accounts, spoofed caller IDs
  • PM Modi Mann Ki Baat alert: October 2024
  • Cyber financial crime losses: ₹18,000 crore in 2025 (India)
  • I4C (Indian Cyber Crime Coordination Centre): nodal body under MHA for cybercrime coordination
  • National Cyber Crime Reporting Portal: cybercrime.gov.in; helpline 1930

Connection to this news: The biometric SIM verification and 9-card cap directly attack the supply chain of fake SIMs that underpins digital arrest fraud — removing the anonymity that allows criminals to operate without identity traceability.

Aadhaar-Based eKYC and Biometric Authentication: Infrastructure for Fraud Prevention

India's telecom KYC regime has evolved from paper-based identity verification to Aadhaar-based eKYC, leveraging the UIDAI's biometric database. Under the current framework, Aadhaar authentication — fingerprint or iris scan — is mandatory for new SIM connections at authorised Point of Sale (PoS) retailers. The Aadhaar Act, 2016 permits use of Aadhaar authentication for public welfare schemes and regulated purposes, including telecom. UIDAI's authentication ecosystem processes billions of authentications annually. The proposed expansion of biometric checks to all SIM issuances (including retailer-level) would extend this infrastructure to the last mile.

  • Aadhaar Act, 2016: permits biometric authentication for regulated purposes
  • UIDAI (Unique Identification Authority of India): statutory body under Aadhaar Act 2016
  • Current requirement: Aadhaar-based eKYC for new SIM connections
  • Biometric modalities: fingerprint and iris scan
  • Supreme Court (2018, Justice Chandrachud partial dissent / Puttaswamy): Aadhaar mandatory for telecom struck down in 2018; post-2021 voluntary authentication model applies
  • Voluntary Aadhaar-based eKYC: available as faster alternative to physical document verification

Connection to this news: The push for mandatory biometric checks at the retail SIM issuance level would re-activate and expand the UIDAI authentication infrastructure for fraud prevention — building on the existing eKYC framework rather than creating a new system.

Caller Name Presentation (CNAP) and SIM Binding: India's 2026 Anti-Fraud Telecom Reforms

Beyond the SIM cap, two additional reforms are being rolled out nationally in 2026. CNAP (Caller Name Presentation) will display the verified subscriber name — as registered with the telecom operator — on the called party's screen, analogous to truecaller but with regulatory backing. This makes spoofed and anonymous calls more traceable. SIM Binding requires that apps using mobile numbers as identifiers (banking apps, UPI apps, messaging platforms) verify the SIM-device pairing at each login, preventing SIM swap fraud and account takeovers. These reforms were mandated under the Telecom Cyber Security Amendment Rules, 2025.

  • CNAP: regulatory requirement to display verified caller name; counters spoofed IDs
  • SIM Binding: app-level verification that the SIM is physically in the registered device
  • Notified under: Telecom (Cyber Security) Amendment Rules, 2025 (October 22, 2025)
  • Legal authority: Section 56(2)(v) of Telecommunications Act, 2023
  • Implications for UPI/banking: SIM swap attacks (a major fraud vector) are mitigated by SIM binding

Connection to this news: The biometric SIM check and 9-card cap form the upstream intervention (supply-side); CNAP and SIM binding form the downstream intervention (usage-side) — together constituting a layered anti-fraud architecture.

Key Facts & Data

  • SIM card limit per person: 9 (nationally); 6 (J&K, Assam, North-East)
  • Cybercrime financial losses in India (2025): approximately ₹18,000 crore
  • Telecom Act 2023: enacted December 24, 2023 (No. 44 of 2023)
  • Key provision: Section 42 — SIM fraud; Section 42(7) — cognizable, non-bailable offences
  • Penalty: up to 3 years imprisonment + ₹50 lakh fine (criminal); ₹50,000–₹2 lakh (civil)
  • National Cyber Crime Reporting Portal: cybercrime.gov.in; Helpline: 1930
  • I4C: Indian Cyber Crime Coordination Centre (under MHA)
  • CNAP and SIM Binding: notified October 2025 under Telecom Cyber Security Amendment Rules
  • PM Modi "digital arrest" alert: Mann Ki Baat, October 2024