Minister of state (MoS) for Communications and Rural Development, in a written reply to the Lok Sabha said that the Department of Telecommunications (DoT) has taken various policy and technical measures to strengthen the security of the telecom network and to prevent cyber-attacks and misuse of telecommunications infrastructure in the country. The notable ones are as under:

  • DoT and telecom service providers (TSPs) have devised a system to identify and block incoming international spoofed calls displaying Indian mobile numbers. The system has resulted in almost 99 per cent reduction in such calls.
  • DoT has developed an online secure digital intelligence platform (DIP) for sharing of information related to misuse of telecom resources with different stakeholders’ central security agencies, State/union territories (UT) Police, Banks, unified payments interface (UPI) service providers, TSPs etc.
  • DoT directive requires TSPs to audit their network or get the network audited from security point of view once a year or as and when configuration of network is changed significantly, from a network certification agency which is accredited to carry out the network audit under international standards such as ISO/IEC 270011 including Vulnerability Assessment and Penetration Testing (VAPT). An external audit of the TSPs network is mandatory once in a period of three years.
  • DoT has issued advisory to telecom service providers to strengthen protection of sensitive telecom datasets such as subscriber detail record (SDR), call detail record (CDR) and IP detail record (IPDR) for the security of data at rest and transit.
  • DoT has issued instructions on “Minimum Requirement for Security Policy of DoT Licensees” to be complied with by all licensees. Security Policy will provide direction for establishment, implementation, maintenance and continual improvement in security and security management.
  • Cross Check Network Security Audit of TSPs/ internet service providers (ISPs) is being done annually to ensure security of network equipment, software, supply chains and data management from perspective of national security.
  • The Department has established a telecom security operations centre (TSOC) to enhance situational awareness, monitoring, and coordination on telecom cyber security matters.

Further, DoT has developed financial fraud risk indicator (FRI), which is a risk-based metric that classifies a mobile number to have been associated with medium, high, or very high risk of financial fraud. FRI empowers stakeholders-especially banks, non-banking financial companies ( NBFCs), and UPI service providers to prioritise enforcement and take additional customer protection measures in case a mobile number has high risk. As reported by stakeholders, total fraud amount prevented based on transaction decline and alert/notifications given to citizens is more than Rs 10 billion.

DoT has developed Sanchar Saathi, a citizen centric initiative, which facilitates citizens to report suspected fraud communications, to know mobile connections in their name, to report lost/ stolen mobile handsets, to check genuineness of mobile handset etc. Outcomes of Sanchar Saathi are as under:

  • 7 million lost/ stolen mobile handsets have been traced and 0.8 million lost/ stolen mobile handsets have been recovered and returned to rightful owners by State/ UT Police.
  • 2 million mobile connections have been disconnected based on reporting by citizens as ‘Not My Number’ or ‘Not Required’.
  • 9 million mobile connections have been disconnected based on 0.7 million inputs provided by vigilant citizens related to suspected fraud communications.