India orders phone makers to preload devices with state-owned cyber safety app

India’s telecoms ministry has privately asked smartphone makers to preload all new devices with a state-owned cybersecurity app that cannot be deleted, a government order showed, a move likely to antagonize Apple and privacy advocates.

In tackling a recent surge of cybercrime and hacking, India is joining authorities worldwide, most recently in Russia, to frame rules blocking the use of stolen phones for fraud or promoting state-backed government service apps.

Apple, which has previously locked horns with the telecoms regulator over development of a government anti-spam mobile app, is among the companies, such as Samsung, Vivo, Oppo and Xiaomi bound by the new order.

The 28 November order gives major smartphone companies 90 days to ensure that the government’s Sanchar Saathi app is pre-installed on new mobile phones, with a provision that users cannot disable it.

For devices already in the supply chain, manufacturers should push the app to phones via software updates, the ministry said in its order, which was not made public and was sent privately to select companies.

A lawyer specializing in technology matters said India’s move was cause for concern, however.

“The government effectively removes user consent as a meaningful choice,” said Mishi Choudhary, who works on internet advocacy issues.

Privacy advocates criticized a similar requirement by Russia in August for a state-backed messenger app called Max to be pre-installed on phones.

One of the world’s largest telephone markets, India has more than 1.2 billion subscribers, and government figures show the app, launched in January, has helped recover more than 700,000 lost phones, including 50,000 in October alone.

The government said the app was essential to combat “serious endangerment” of telecom cybersecurity from duplicate or spoofed IMEI numbers, which enable scams and network misuse.

Apple’s iOS powered an estimated 4.5% of 735m smartphones in India by mid-2025, with the rest using Android, according to Counterpoint Research.

While Apple pre-installs its own proprietary apps on phones, its internal policies prohibit installation of any government or third-party app before sale of a smartphone, a source with direct knowledge of the matter said.

“Apple has historically refused such requests from governments,” said Tarun Pathak, a research director at Counterpoint.

“It’s likely to seek a middle ground: instead of a mandatory pre-install, they might negotiate and ask for an option to nudge users toward installing the app.”

Apple, Google, Samsung and Xiaomi did not respond to requests for comment. India’s telecom ministry also did not respond.

A 14- to 17-digit number unique to each handset, the IMEI, or International Mobile Equipment Identity, is most commonly used to cut off network access for phones reported to have been stolen.

The Sanchar Saathi app is mainly designed to help users block and track lost or stolen smartphones across all telecom networks, using a central registry. It also lets them identify, and disconnect, fraudulent mobile connections.

With more than 5m downloads since its launch, the app has helped block more than 3.7m stolen or lost mobile phones, while more than 30m fraudulent connections have also been terminated.

The government says the software helps prevent cyberthreats and assists tracking and blocking of lost or stolen phones, helping police to trace devices, while keeping counterfeits out of the black market.