The Telecom Regulatory Authority of India (TRAI) has reportedly directed all telecom operators to pre-tag variable components in commercial SMS templates to tackle rising fraud and phishing attempts. Variable components are the parts of an SMS that change for each user, such as URLs, app download links, or callback numbers, while the rest of the message remains constant. Under the new rule, senders must tag every variable field during template registration and clearly state its purpose.
Access providers and principal entities have 60 days to update all existing templates. After that, any message using a non-compliant template will be rejected.
According to TRAI, recent investigations revealed systematic misuse of these variable fields, allowing fraudsters to slip malicious links into legitimate-looking messages, resulting in financial fraud, data theft, and other cyber harm.
