Sanchar Saathi |The Mobile App Triggering India's Surveillance Firestorm

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/60/d9/f3/60d9f3b7-c2e2-5976-0efb-35fe6d08fff7/mza_5533681006261142495.jpg/600x600bb.jpg

Upwardly Mobile - API & App Security News

Approov Mobile Security

113 episodes

5 days ago

Think the App Store’s built-in security is enough? Think again.

Welcome to Upwardly Mobile, the podcast that exposes the gaps in iOS, Android, and HarmonyOS security. Hosts Skye and George take you into the high-stakes world of mobile defense, revealing why standard protections from Apple, Google, and Samsung often leave your sensitive data exposed. Sponsored by Approov—the gold standard in mobile app attestation—we move beyond the basics to tackle weaponized AI threats and dynamic API attacks. From runtime attestation to navigating complex compliance regulations, we equip developers and security pros with the actionable strategies needed to thwart attackers. Don’t leave your app vulnerable.

Subscribe now on Spotify and Apple Podcasts to elevate your security game.

All content for Upwardly Mobile - API & App Security News is the property of Approov Mobile Security and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Sanchar Saathi |The Mobile App Triggering India's Surveillance Firestorm

Upwardly Mobile - API & App Security News

11 minutes

1 month ago

Sanchar Saathi |The Mobile App Triggering India's Surveillance Firestorm

Sanchar Saathi: The Mandatory Cyber Safety App Triggering India's Surveillance Firestorm

In this critical episode of "Upwardly Mobile," we dive into the escalating controversy surrounding India's Sanchar Saathi app, a government-mandated digital tool that is fueling a nationwide debate over state surveillance and digital privacy. Designed as a citizen-centric safety tool to combat telecom fraud and track lost or stolen devices using their unique IMEI, the app has been lauded by the government for its success in blocking millions of fraudulent connections and stolen phones. However, a recent directive mandating its pre-installation on all new smartphones sold in India has drawn fierce criticism from privacy advocates, opposition politicians, and major tech firms. What You Will Learn in This Episode: The Core Conflict: Safety vs. Snooping

The Mandate: The Indian telecom ministry privately ordered all smartphone manufacturers to preload Sanchar Saathi on new devices within 90 days, requiring the app to be "visible, functional, and enabled" upon first setup. This directive could eventually roll out the app to more than 735 million existing phone users via software updates.
Government Defense: Officials state the app is strictly for cyber security and curbing the "serious endangerment" caused by IMEI tampering, promising adequate security for personal information. They also claim the app is optional and does not read private messages.
Surveillance Fears: Privacy experts and the political opposition argue the mandate is unconstitutional and creates a massive surveillance surface area. Opposition leaders have even compared the move to 'Pegasus'.

Technical Deep Dive into Privacy Risks

The Sanchar Saathi app requests a range of "dangerous" or "high-risk" permissions.
The app has the capability to read call logs and all incoming SMS, technically allowing it to parse bank transaction alerts, 2FA codes, and map a user's social graph.
It accesses device identifiers, binding a user's identity to the hardware IMEI, which breaks standard rules for resettable identifiers and aids tracking.
If pre-installed as a system-level application (the proposed state), experts warn that permissions could be auto-granted without user consent, the app could run continuous background services, and it would be virtually impossible for 99% of users to uninstall.
The privacy policy is weak, lacking explicit mechanisms for data deletion, correction, or a clear opt-out feature.

Industry Resistance

Tech giants were given 90 days to comply with the pre-installation mandate.
Apple has specifically resisted the mandate, citing concerns over privacy and system security, as iPhones require explicit user confirmation for permissions and prevent automatic background registration.
The mandate is technically easier to implement on Android devices, which make up over 95% of the Indian smartphone market.

Keywords Sanchar Saathi, India digital privacy, state surveillance, government mandate, telecom fraud, cyber safety app, IMEI tracking, pre-installation controversy, Android security, iOS privacy, Apple resistance, call log permissions, data deletion rights, digital rights, Indian politics.

Digital Autonomy and the Sanchar Saathi App

- Link 1: https://indianexpress.com/article/explained/explained-sci-tech/telecom-scindia-sanchar-saathi-optional-key-concerns-10397728/
- Link 2: https://www.ndtv.com/india-news/sanchar-saathi-communications-ministry-jyotiraditya-scindia-big-brother-or-cybersafety-boost-deep-dive-into-sanchar-saathi-app-9735477
- Link 3: https://indianexpress.com/article/technology/tech-news-technology/sanchar-saathi-app-preinstalled-android-ios-privacy-security-concerns-10397922/
- Link 4: https://www.bbc.com/news/articles/cedxyvx74p4o
- Link 5:...