TRAI issues guidelines to Access Service Providers to prevent misuse of messaging services
Introduction
The Telecom Regulatory Authority of India (TRAI) on 20th August 2024 issued directives requiring Access Service Providers to adhere to the specific guidelines to protect consumer interests and prevent fraudulent activities. TRAI has mandated all Access Service Providers to abide by the directives. These steps advance TRAI's efforts to promote a secure messaging ecosystem, protecting consumer interests and eliminating fraudulent conduct.
Key Highlights of the TRAI’s Directives
- For improved monitoring and control, TRAI has directed that Access Service Providers move telemarketing calls, beginning with the 140 series, to an online DLT (Digital Ledger Technology) platform by September 30, 2024, at the latest.
- All Access Service Providers will be forbidden from sending messages that contain URLs, APKs, OTT links, or callback numbers that the sender has not whitelisted, the rule is to be effective from September 1st, 2024.
- In an effort to improve message traceability, TRAI has made it mandatory for all messages, starting on November 1, 2024, to include a traceable trail from sender to receiver. Any message with an undefined or mismatched telemarketer chain will be rejected.
- To discourage the exploitation or misuse of templates for promotional content, TRAI has introduced punitive actions in case of non-compliance. Content Templates registered in the wrong category will be banned, and subsequent offences will result in a one-month suspension of the Sender's services.
- To assure compliance with rules, all Headers and Content Templates registered on DLT must follow the requirements. Furthermore, a single Content Template cannot be connected to numerous headers.
- If any misuse of headers or content templates by a sender is discovered, TRAI has instructed an immediate ‘suspension of traffic’ from all of that sender's headers and content templates for their verification. Such suspension can only be revoked only after the Sender has taken legal action against such usage. Furthermore, Delivery-Telemarketers must identify and disclose companies guilty of such misuse within two business days, or else risk comparable repercussions.
CyberPeace Policy Outlook
TRAI’s measures are aimed at curbing the misuse of messaging services including spam. TRAI has mandated that headers and content templates follow defined requirements. Punitive actions are introduced in case of non-compliance with the directives, such as blacklisting and service suspension. TRAI’s measures will surely curb the increasing rate of scams such as phishing, spamming, and other fraudulent activities and ultimately protect consumer's interests and establish a true cyber-safe environment in messaging services ecosystem.
The official text of TRAI directives is available on the official website of TRAI or you can access the link here.
References
- https://www.trai.gov.in/sites/default/files/Direction_20082024.pdf
- https://www.trai.gov.in/sites/default/files/PR_No.53of2024.pdf
- https://pib.gov.in/PressReleaseIframePage.aspx?PRID=2046872
- https://legal.economictimes.indiatimes.com/news/regulators/trai-issues-directives-to-access-providers-to-curb-misuse-fraud-through-messaging/112669368
Related Blogs
Introduction
The Department of Telecommunications (DoT) has launched the 'Digital Intelligence Platform (DIP)'and the 'Chakshu' facility on the Sanchar Saathi portal to combat cybercrimes and financial frauds. Union telecom, IT and railways minister Ashwini Vaishnaw announced the initiatives, stating that the government has been working to counter cyber frauds at national, organizational, and individual levels. The Sanchar Saathi portal has successfully tackled such attacks, and the two new portals will further enhance the capacity to check any kind of cyber security threat.
The Digital Intelligence Platform is a secure and integrated platform for real-time intelligence sharing, information exchange, and coordination among stakeholders, including telecom operators, law enforcement agencies, banks, financial institutions, social media platforms, and identity document issuing authorities. It also contains information regarding cases detected as misuse of telecom resources.
The 'Chakshu' facility allows citizens to report suspected fraud communication received over call, SMS, or WhatsApp with the intention of defrauding, such as KYC expiry, bank account/payment wallet/SIM/gas connection/electricity connection, sextortion, impersonations a government official/relative for sending money, and disconnection of all mobile numbers by the Department of Telecommunications.
The launch of these proactive initiatives or steps represents another significant stride by the Ministry of Communications and the Department of Telecommunications in combating cybersecurity threats to citizens' digital assets.
In this age of technology, there is a reason to be concerned about the threats posed by cybercrooks to individuals and organizations. The risk of using digital means for communication, e-commerce, and critical infrastructure has increased significantly. It is important to have proper measures in place to prevent cybercrime and destructive behavior. The Department of Telecommunication has unveiled "Chakshu," a digital intelligence portal aimed at combating cybercrimes. This platform seeks to enhance the country's cyber defense capabilities by providing enforcement agencies with effective tools and actionable intelligence for countering cybercrimes, including financial frauds.
Digital Intelligence Platform (DIP)
Digital Intelligence Platform (DIP) developed by the Department of Telecommunications is a secure and integrated platform for real-time intelligence sharing, information exchange and coordination among the stakeholders i.e. Telecom Service Providers(TSPs), law enforcement agencies (LEAs), banks and financial institutions(FIs), social media platforms, identity document issuing authorities etc. The portal also contains information regarding the cases detected as misuse of telecom resources. The shared information could be useful to the stakeholders in their respective domains. It also works as a backend repository for the citizen-initiated requests on the Sanchar Saathi portal for action by the stakeholders. The DIP is accessible to the stakeholders through secure connectivity, and the relevant information is shared based on their respective roles. However, the platform is not accessible to citizens.
What is Chakshu?
Chakshu, which means “eye” in Hindi, is a new feature on the Sanchar Saathi portal. This citizen-friendly platform allows you to report suspicious communication you receive via calls, SMS, or WhatsApp. “Chakshu” is a new advanced tool to safeguard against modern-day cybercriminal activities. Chakshu is a sophisticated design that uses the latest technologies for assembling and analyzing digital information and provides law enforcement agencies with useful data on what should be done next. Below are some of its attributes.
Here are some examples of what you can report:
- Fraudulent messages claiming your KYC (Know Your Customer)details need to be updated.
- Fraudulent requests to update your bank account, payment wallet, or SIM card details.
- Phishing attempts impersonating government officials or relatives asking for money.
- Fraudulent threats of disconnection of your sim connections.
How Chakshu Aims to crackdown Cybercrime and Financial Frauds
Chakshu is a new tool on the Sanchar Saathi platform that invites individuals to report suspected fraudulent communications received by phone, SMS, or WhatsApp. These fraudulent activities may include attempts to deceive individuals through schemes such as KYC expiry or update requests for bank accounts, payment wallets, SIM cards, gas connections, and electricity connections, sextortion, impersonation of government officials or relatives for financial gain, or false claims of mobile number disconnection by the Department of Telecommunications.
The tool is well-designed and equipped to help the investigators with actionable intelligence and insights, enabling LEAs to conduct targeted investigations on financial frauds and cyber-crimes; the tool helps in gathering a comprehensive data analysis and evidence collection capability by mapping out the connection between individuals, organizations and illicit activities, it, therefore, allows the law enforcement agencies in dismantling criminal activities and help the law enforcement agencies.
Chakshu’s Impact
India has launched Chakshu, a digital intelligence tool that strengthens the country's cybersecurity policy. Chakshu employs modern technology and real-time data analysis to enhance India's cyber defenses. Law enforcement can detect and neutralize possible threats by taking proactive approach to threat analysis and prevention before they become significant crises. Chakshu also improves the resilience of critical infrastructure and digital ecosystems, safeguarding them against cyber-attacks. Overall, Chakshu plays an important role in India's cybersecurity posture and the protection of national interests in the digital era.
Where can Chaksu be accessed?
Chakshu can be accessed through the government's Sanchar Saathi web portal:https://sancharsaathi.gov.in
Conclusion
The launch of the Digital Intelligence Platform and Chakshu facility is a step forward in safeguarding citizens from cybercrimes and financial fraud. These initiatives use advanced technology and stakeholder collaboration to empower law enforcement agencies. The Department of Telecommunications' proactive approach demonstrates the government's commitment to cybersecurity defenses and protecting digital assets, ensuring a safer digital environment for citizens and critical infrastructure.
References
- https://telecom.economictimes.indiatimes.com/news/policy/dot-launches-digital-intelligence-portal-chakshu-facility-to-curb-cybercrimes-financial-frauds/108220814
- https://bankingfrontiers.com/digital-intelligence-platform-launched-to-curb-cybercrime-financial-fraud/
- https://www.business-standard.com/india-news/calcutta-hc-justice-abhijit-gangopadhyay-sends-his-resignation-to-prez-cji-124030500367_1.html
- https://www.the420.in/dip-chakshu-government-launches-powerful-weapons-against-cybercrime/
- https://pib.gov.in/PressReleaseIframePage.aspx?PRID=2011383
Introduction
Summer vacations have always been one of the most anticipated times in a child’s life. In earlier times, it was something entirely different. The season was filled with outdoor games, muddy hands, mango-stained mouths, and stories shared with cousins under the stars. Children lived in the moment, playing in parks, riding bicycles, and inventing new adventures without a screen in sight. Today, those same summer days are shaped by glowing devices, virtual games, and hours spent online. While technology brings learning and entertainment, it also invites risks that parents cannot ignore. The Cyber Mom Toolkit is here to help you navigate this shift, offering simple and thoughtful ways to keep your children safe, balanced, and joyful during these screen filled holidays.
The Hidden Cyber Risks of Summer Break
With increased leisure time and less supervision, children are likely to venture into unknown reaches of the internet. I4C reports indicate that child-related cases, such as cyberbullying, sextortion, and viewing offensive content, surge during school vacations. Gaming applications, social networking applications, and YouTube can serve as entry points for cyber predators and spammers. That's why it is important that parents, particularly mothers know what digital spaces their children live in and how to intervene appropriately.
Your Action Plan for Being a Cyber Smart Mom
Moms Need to Get Digitally Engaged
You do not need to be a tech expert to become a cyber smart mom. With just a few simple digital skills, you can start protecting your child online with confidence and ease.
1. Know the Platforms Your Children Use
Spend some time investigating apps such as Instagram, Snapchat, Discord, YouTube, or computer games like Roblox and Minecraft. Familiarise yourself with the type of content, chat options, and privacy loopholes they may have.
2. Install Parental Controls
Make use of native features on devices (Android, iOS, Windows) to limit screen time, block mature content, and track downloads. Applications such as Google Family Link and Apple Screen Time enable parents to control apps and web browsing.
3. Develop a Family Cyber Agreement
- Establish common rules such as:
- No devices in bedrooms past 9 p.m.
- Add only safe connections on social media.
- Don't open suspicious messages or click on mysterious links.
- Always tell your mom if something makes you feel uncomfortable online.
Talk Openly and Often
Kids tend to hide things online because they don't want to get punished or embarrassed. Trust is built better than monitoring. Here's how:
- Have non-judgmental chats about what they do online.
- Use news reports or real-life cases as conversation starters: "Did you hear about that YouTuber's hacked account?
- Encourage them to question things if they're confused or frightened.
- Honour their online life as a legitimate aspect of their lives.
Look for the Signs of Online Trouble
Stay alert to subtle changes in your child’s behavior, as they can be early signs of trouble in their online world.
- Sudden secrecy or aggression when questioned about online activity.
- Overuse of screens, particularly in the evening.
- Deterioration in school work or interest in leisure activities.
- Mood swings, anxiety, or withdrawn behaviour.
If you notice these, speak to your child calmly. You can also report serious matters such as cyberbullying or blackmail on the Cybercrime Helpline 1930 or visit https://cybercrime.gov.in
Support Healthy Digital Behaviours
Teach your kids to be good netizens by leading them to:
- Reflect Before Posting: No address, school name, or family information should ever appear in public posts.
- Set Strong Passwords: Passwords must be long, complicated, and not disclosed to friends, even best friends.
- Enable Privacy Settings: Keep social media accounts privately. Disable location sharing. Restrict comments and messages from others.
- Vigilance: Encourage them to spot fake news, scams, and manipulative ads. Critical thinking is the ultimate defence.
Stay alert to subtle changes in your child’s behavior, as they can be early signs of trouble in their online world.
Where to Learn More and Get Support as a Cyber Mom
Cyber moms looking to deepen their understanding of online safety can explore a range of helpful resources offered by CyberPeace. Our blog features easy-to-understand articles on current cyber threats, safety tips, and parenting guidance for the digital age. You can also follow our social media pages for regular updates, quick tips, and awareness campaigns designed especially for families. If you ever feel concerned or need help, the CyberPeace Helpline is available to offer support and guidance. (+91 9570000066 or write to us at helpline@cyberpeace.net). For those who want to get more involved, joining the CyberPeace Corps allows you to become part of a larger community working to promote digital safety and cyber awareness across the country.
Empowering Mothers Empowers Society
We at CyberPeace feel that every mother, irrespective of her background and technological expertise, has the potential to be a Cyber Mom. The intention is not to control the child but to mentor towards safer decisions, identify issues early, and prepare them for a lifetime of online responsibility. Mothers are empowered when they know. And children are safe when they are protected.
Conclusion
The web isn't disappearing, and neither are its dangers. But when mothers are digital role models, they can make summer screen time a season of wise decisions. This summer, become a Cyber Mom: someone who learns, leads, and listens. Whether it's installing a parental control app, discussing openly about cyberbullying, or just asking your child, "What did you discover online today? " that engagement can make a difference. This summer break, help your child become digitally equipped with the skills and knowledge they need to navigate the online world safely and confidently.
Cyber safety starts at home, and there's no better point of departure than being alongside your child, rather than behind them.
References
- https://cybercrime.gov.in
- https://support.apple.com/en-in/HT208982
- https://beinternetawesome.withgoogle.com
- https://www.cyberpeace.org
- https://ncpcr.gov.in
Introduction
With the modernization of automobiles, so have the methods employed by criminals who seek to commit thefts. The old method of smashing a car window or bypassing an engine lock is no longer prevalent. Modern car thieves employ cloning techniques for keys and digital signals, and sophisticated methods to commit crimes without any traces left behind. In an era where intelligence is crucial, the forensic examination of car keys has become an indispensable tool for investigations, providing clues buried within ordinary car keys.
The Need for Car Key Forensics Today
Daily, thousands of cars worth millions are being hacked or stolen around the globe. The shocking thing is that most of these hacks do not have any sign of breakage or forced entry. It is because the thieves use vulnerabilities in the wireless key systems to unlock the vehicles without leaving any trace behind. Therefore, car-key forensics has now become more important than ever before.
Forensic Value of Smart Key
The smart key is not just comprised of locking and unlocking features for vehicles. Actually, it operates as a miniature computer within the key itself. Information such as pairing records, frequency of use, or the last instance that the key was used to unlock something could be contained in smart keys, thus offering evidence of any criminal activity conducted using these items.
Patterns of Vehicle Theft
Through the examination of the chip in a key, one will be able to establish whether the key was legally programmed or had been tampered with by some other means. Such forensics become more important when trying to detect and monitor any car theft rings, which employ cloning machines or software.
Confirming Ownership and Authenticity
In cases involving insurance claims or fraud, smart key data can help confirm whether the person making a claim actually owned or used the car during the incident. It’s digital proof that goes beyond what paperwork or statements can show.
Strengthening Legal Cases
When brought to court, data doesn’t lie. A properly handled forensic examination of a car key can provide hard evidence — the kind that holds up under questioning and supports or disproves claims with complete accuracy. In many cases, this small device becomes the most reliable witness in the investigation.
A Real-Life Example
Consider the following scenario: An expensive SUV is stolen from a parking lot secured with security surveillance. No one is captured on camera and there is no sign of forced entry. After days of investigation, the police end up arresting a suspect with a smart key.
During forensic analysis of the smart key, it is revealed that:
- The transponder has an ID number which can be matched against the immobilizer installed in the vehicle.
- The rolling code counter has been incremented in such a way that the date corresponds with the report of theft of the vehicle.
- The extracted information helps match the pair timestamp of the key with the particular make and model of the vehicle.
All this from a single piece of evidence – the smart key.
Inside a Smart Key: Where the Data Lives
An average smart key is not only a remote but also a multi-level set of data carriers:
- Plastic Shell– could include serial numbers and information on the manufacture.
- Battery – helps calculate the time of using the key or detect any modifications.
- Antenna Coil – sends encrypted information to the immobilizer of a car. Draw the picture of this element.
- Microchip / EEPROM – holds key identification code, rolling code, VIN number, and/or other information of the vehicle.
- Buttons / sensors – could record any pressing or transmission actions in some cases.
All the little devices above, once properly studied via forensics software, provide valuable information.
How the Investigator Uncovers the Truth
In relation to investigating the true story about a vehicle, it is no different than handling other forms of digital evidence, as forensic analysts treat the car key in the same way. It is nothing more than an encrypted device in your hands, and using special techniques, they are able to reveal the information contained within the device.
Some of the methods used by modern forensic laboratories include:
1. Intercepting Radio Signals
Any intelligent key transmits radio signals to communicate with a car. Specialists employ advanced antennas and radio frequency (RF) analysers to catch and analyse them. This way, it is possible to understand the interaction between the key and the car – how often was it used, what kind of authentication procedure takes place, and if the signal matches the car’s one or has been forged somehow.
2. Checking Out the Key’s Brain (Analysis of EEPROM)
There is always a special chip on the key that is responsible for its activity. The chip contains an important memory module (EEPROM – Electrically Erasable Programmable Read-Only Memory), which holds various data, including key IDs and rolling codes. It can be carefully retrieved via advanced tools. Thus, it is possible to determine whether somebody tried to tamper with the key.
3. The Correlation between the Key and Car’s Information
The information stored inside the key will not be used separately since investigators will correlate the key's data with that of the vehicle itself (ECU and immobilizer). If the two kinds of information coincide, the investigation may conclude that the key belongs to the vehicle. Otherwise, this may mean either cloning or tampering.
4. Identifying the Tampering and Cloning Evidence
As was mentioned above, thieves sometimes resort to using unlawful programming devices for duplicating smart car keys. In order to detect possible cloning, experts examine the key using various diagnostic devices to find out whether the keys were modified by changing the encryption code, frequencies, and hardware itself.
At the end of the process, some kind of miracle occurs because of the following: all actions committed with this particular key become documented, recorded inside the device itself. Even if someone tries to hide anything or remove any information concerning this particular incident, there will always remain some data.
Car Key Forensics in the Future
The evolution of cars to connect with other devices and adopt self-driving technologies requires new investigative methods to be used for vehicle-related crimes. Advanced car keys or smartphone apps that replace physical keys will likely incorporate biometric authentication, cloud integration, or blockchain records of key activity in the near future.
Such improvements will pose several threats and offer many benefits:
- Artificial intelligence tools can determine if the car key is cloned based on its behaviour pattern.
- Blockchain validation ensures all key-related activities are recorded and cannot be altered.
- Cyber-forensic protocols will become increasingly necessary for investigating criminal activity related to vehicles.
Car key forensics technology will not only allow solving crimes but may become instrumental in crime prevention.
Conclusion
A car key in this era is more than just an unlocking mechanism; it is a miniature data storage facility, which can yield information about the user, intentions, and access rights. The more cars become technologically advanced, the more the examination of smart keys becomes necessary as part of correlating physical evidence with digital investigation. It clearly indicates how small objects such as keys can play pivotal roles in cracking cases.
