The government is currently evaluating a proposal to replace old SIM cards used in mobile phones across India. This initiative follows an investigation by the country’s leading cybersecurity agency, which revealed that some chipsets in these SIM cards originated from China. The inquiry, conducted by the National Cyber Security Coordinator and the home ministry, has sparked significant concerns regarding national security, leading to discussions about the feasibility of replacing old SIM cards.
According to a report in Mint, the National Cyber Security Coordinator (NCSC) convened meetings with executives from major telecom operators, including Reliance Jio, Airtel, and Vi, along with representatives from the telecommunications ministry. The aim of these discussions was to address vulnerabilities in the procurement process for telecom resources, and a framework for replacing old SIM cards was a key topic.
In light of national security issues, the government has already imposed bans on Chinese equipment manufacturers such as Huawei and ZTE. To safeguard national security interests, telecom equipment must undergo mandatory testing and certification before it can be imported, sold, or utilised in India. This regulatory framework ensures that telecom gear adheres to both national and international safety, performance, and security standards.
How Chinese chips arrived in Indian SIM cards
Telecom operators typically outsource SIM card procurement to vendors that have been certified as trusted suppliers. These vendors source chips from approved locations like Vietnam and Taiwan, then assemble, package, and serialize the cards domestically before delivering them to mobile service providers.
However, reports indicate that some vendors misused their trusted source certification. Initially, they claimed that their SIM card chips were procured from reliable suppliers, but subsequent investigations uncovered that some chips actually originated from China.
Period of effected SIM cards:
In March 2021, the Department of Telecommunications (DoT) revised the Unified Access Service license to bar telecom operators from sourcing equipment from untrusted vendors. The National Cyber Security Centre (NCSC) was given the responsibility to approve reliable suppliers and companies that could provide such equipment. However, investigations have uncovered that some vendors exploited their trusted source certification. As a result, the affected SIM cards are linked to periods both before and after 2021 when the regulations regarding trusted vendors were put in place.
The government plans to enhance the approval process for trusted sources and will implement ongoing testing for telecom equipment that enters the country.
ALSO READ: SIM card fraud: DoT shares tips to prevent cybercriminals from using your documents