The Telecom Regulatory Authority of India (TRAI) has introduced a new set of regulations aimed at reducing the spread of spam and phishing attacks through SMS. These rules, which will take effect on September 1, require institutions such as banks and app-based services to register and whitelist their numbers by August 31 to continue sending one-time passwords (OTPs).
Under the new system, messages will be scanned for suspicious links, which may result in delays in the delivery of OTPs to users. Currently, companies must register the header and template of their messages with telecom providers before sending OTPs and other authentication-related communications. However, the content of these messages is not currently registered or scanned, allowing for the quick delivery of OTPs. The updated system will require telecom companies to scan each message, giving them access to the message contents. Messages that do not adhere to the new template could be blocked, which means that even legitimate OTP messages from banks may be prevented from reaching users if they do not comply with the required format.
The new rules will also affect the delivery of transactional alerts, potentially making it more difficult for users to receive timely updates from their banks if the institutions fail to follow the specified template. While TRAI believes these changes will help reduce fraudulent activities, telecom companies have requested an extension to the September 1 deadline. However, reports suggest that TRAI is firm on the deadline and may not grant an extension.
Additionally, TRAI is collaborating with telecom companies to prompt mobile subscribers with the caller’s name as per their Know Your Customer (KYC) documents. This initiative aims to reveal the true identity of a caller, reducing the reliance on caller identification apps like Truecaller, which depend on user data. By associating a phone number with the owner’s government-issued documents, TRAI’s system is expected to eliminate opportunities for fraud.
 has introduced a new set of regulations aimed at reducing the spread of spam and phishing attacks through SMS....){kind=link}