Pre-installation of Security App: India Holds Manufacturers Accountable

India's Ministry of Telecommunications has urged smartphone manufacturers to pre-install a government-mandated cybersecurity app on all new devices, which cannot be deleted. The government in New Delhi justifies the move by citing efforts to combat the rise of cybercrime. This was reported on Monday by the news agency Reuters, referencing a corresponding government decree.

Companies affected by the new directive include US-based Apple, South Korea's Samsung, and Chinese technology giants like Vivo, Oppo, and Xiaomi. According to Reuters, the regulation dated November 28th gives manufacturers ninety days to ensure that the government's Sanchar Saathi app – the name of the app – is pre-installed on new smartphones. Users must not be able to uninstall it, according to one of the conditions.

For mobile phones that have already left the factory, the app is to be transferred to the devices via software updates, the regulation states. This has not been published so far, but only delivered to selected companies, Reuters writes. User consent is not foreseen. The approach is reminiscent of Russia. The government in Moscow ordered at the end of August that the state-sponsored messenger MAX must be pre-installed on all sold smartphones and tablets starting in September.

Government: App to Combat Cyber Threats

The Indian government stated that the Sanchar Saathi app is essential to combat cybersecurity risks in the telecommunications sector caused by duplicate or fake IMEI numbers. The IMEI (International Mobile Equipment Identity) is a 14- to 17-digit number unique to each mobile phone. It is used, for example, to block network access for phones reported as stolen. However, IMEI numbers also enable fraud and network abuse.

According to Reuters, the app was primarily developed to allow users to block and track lost or stolen smartphones via a central register across all telecommunications networks. Additionally, users can identify and disconnect fraudulent mobile connections with the app. Since its introduction in January, the app has been downloaded more than five million times. According to the government in New Delhi, the mobile application has helped to recover over 700,000 lost mobile phones and block over 3.7 million stolen or lost mobile phones, while more than 30 million fraudulent connections have been terminated. With over 1.2 billion people, India is one of the largest telecommunications markets worldwide.

Apple's Internal Policies

The regulation is unlikely to be met with enthusiasm by tech companies. For example, Apple's internal policies prohibit the installation of apps from authorities or third parties before a smartphone is sold, as Reuters reports, citing a source with direct knowledge of the matter. "Apple has always rejected such requests from authorities in the past," Tarun Pathak, research director at market research firm Counterpoint Research, told Reuters. It is likely that the company will seek a middle ground. "Instead of mandatory pre-installation, they might negotiate and ask for an option that encourages users to install the app."

Apple is already facing an antitrust investigation in India. As in various other countries, it concerns Apple's App Store model, which allegedly allows the company to engage in "abusive behavior." Apple faces an antitrust fine of almost 33 billion euros in India.

(akn)