
India is one of the largest digital economies in the world, with over 1.16 billion mobile connections and a fast-growing base of digital users. From banking apps to food delivery services, mobile numbers have become an essential identity tool. But with that growth has come a dark side — a surge in cybercrime. Now, the Indian government is preparing to launch a new rule that could change how we use mobile numbers online.
The Department of Telecommunications (DoT) has proposed a system called Mobile Number Validation (MNV). This system will verify whether a mobile number is actually being used by the person claiming it. The idea is to reduce fraud by checking phone numbers through a government-run platform. This change could affect almost every Indian who uses a digital service — whether it is WhatsApp, Zomato, Paytm, or a banking app.
According to a recent written reply in Parliament, over 7.81 lakh SIM cards and 2.08 lakh IMEI numbers were blocked due to digital fraud cases. More than 3,962 Skype IDs and 83,668 WhatsApp accounts have also been involved in cybercrimes. These staggering numbers show the seriousness of the problem. Fraudsters often use fake or stolen mobile numbers to commit phishing scams, apply for loans, or even run rackets known as "digital arrests."
The core idea behind the MNV rule is to create a secure link between a person’s mobile number and their identity, especially when using services that fall under the definition of Telecommunication Identifier User Entities (TIUEs). This includes ride-hailing apps like Ola and Uber, food delivery platforms such as Zomato and Swiggy, fintech services, online shopping sites, and banks. If these platforms use your phone number to send OTPs or confirm your account, they would need to ensure that the number is genuine and linked to you.
Currently, companies can verify numbers if they choose to. But under the proposed law, the government can mandate verification during cybercrime investigations or under orders from security agencies. It’s a move aimed at plugging the loopholes that criminals exploit, especially mule SIM cards that bypass KYC norms.
Cybersecurity experts have mixed reactions. Sandeep K Shukla, a professor at IIT Kanpur, agrees that this move might help fight fraud. But he warns about privacy concerns. If the platform can verify a number, can it also collect personal data linked to it? That is still unclear.
Vikram Jeet Singh, an expert in internet regulations, also raised red flags. He noted that although the draft rules mention a simple “Yes/No” system for verification, there is no transparency about how much data will be accessed or stored. The possibility of misuse cannot be ruled out.
To prevent misuse and keep it affordable, the draft rules propose a tiered pricing model. Government agencies will get free access. Government-authorized requests will cost ₹1.50 per validation, while private firms making voluntary requests will pay ₹3. The concern, however, is not about the cost but the lack of clarity on data security.
Another big challenge is implementation. With more than a billion mobile connections, how will the system keep up? Will it be fast and accurate enough? And what if someone changes their number or uses dual SIMs? These practical questions need answers before the plan can succeed.
Globally, other countries have tried similar models. For example, in South Korea and China, real-name mobile number registration has helped reduce fraud. But it also raised concerns about surveillance. India must find a balance between security and freedom.
At a time when India is pushing for digital governance and cashless payments, protecting users from fraud is essential. But it must be done with responsibility. Citizens should know what data is being checked and how it is being used. Otherwise, a move meant to fight crime could become another reason for fear.
The proposed mobile number verification rule has potential. It can strengthen India's digital infrastructure and make online platforms safer. But like all strong medicines, it needs a prescription — clear rules, privacy safeguards, and public trust. Only then will this bold step truly serve its purpose.