“SIM binding is basically verifying that the device on which you are using an app actually has the SIM which is linked to that app,” said Parag Kar, former vice president for government affairs (India and South Asia) at Qualcomm, during MediaNama’s discussion on the Impact of SIM Binding on Social Media.
The Department of Telecommunications (DoT) has positioned SIM binding as a fraud-prevention measure for app-based communication services. Under the directive, messaging and social media apps must function only when the SIM linked to a user’s account is physically present in the device. The directive also restricts persistent access through web and desktop interfaces.
However, speakers at the MediaNama discussion argued that the directive’s framing of SIM binding relies on technical and regulatory assumptions that do not reflect how modern operating systems, mobile networks, or app-based authentication systems actually work.
How Is SIM Binding Supposed to Work?
At a conceptual level, SIM binding assumes that an app can continuously verify whether the SIM card linked to a user’s account is physically present in the device and disable the service if that linkage breaks.
“If some way that linkage breaks because the SIM has been taken out, the app should not work. That’s the intent,” Kar said.
Importantly, Kar clarified that this is not a one-time verification at login. Instead, the directive assumes an ongoing or continuous check of SIM presence. However, he said apps cannot actually implement that kind of SIM-level verification because modern operating systems restrict access to SIM and hardware identifiers.
Why Apps Cannot Actually Enforce SIM Binding?
The core constraint, according to Kar, comes from how modern mobile operating systems are built. These systems run apps in sandboxed environments and deliberately block access to SIM-level and hardware-level identifiers.
Explaining why this matters for SIM binding, Kar said operating systems no longer allow apps to directly detect whether a specific SIM card is physically present in a device.
“The first case, which I mentioned, is not allowed by the iOS system. The iOS system has prevented it long ago. Android used to allow that in the earlier versions, but now they are preventing it,” Kar said. “Apple has completely debarred any app to look into the device hardware and read the SIM.”
As a result, apps cannot reliably determine whether a particular SIM is present in a device.
“The only way it is possible to do it is through sending an OTP,” he said, referring to SMS-based authentication.
This, Kar argued, leaves the directive effectively imposing SIM binding at the application layer, even though apps have no visibility into SIM or network identity.
Why Is OTP Verification Not SIM Binding?
Building on this limitation, Kar clarified that OTP-based verification is frequently conflated with SIM binding, even though it…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
