India has directed all smartphone makers to pre-install the government’s cybersecurity app, Sanchar Saathi, on all new devices. This app cannot be removed or disabled. Makers have 90 days to comply. The Department of Telecommunications says this is to stop the sale of phones with fake or duplicate IMEI numbers. The IMEI is a unique 15-digit number that identifies each phone. Fake IMEIs risk telecom security and financial loss to buyers. India has a large second-hand phone market, making the rule important for security. Sanchar Saathi, launched in January, helps users check IMEI authenticity, report lost or stolen phones, and flag telecom fraud. It has helped recover over 700,000 lost phones so far. Smartphone companies must make the app visible at device setup. They should also try to add it via software updates to unsold phones. Cyber experts and groups like Internet Freedom Foundation worry the app’s wide permissions could allow surveillance. They say users cannot remove or control it, making it "a permanent, non-consensual point of access" on every phone. Technology analyst Prasanto K Roy points out the app asks for many permissions, such as access to the camera and flashlight, which raises concern. On Google Play Store, the app states it does not collect or share user data. The government says this move will improve telecom cyber security. However, some handset makers, including Apple, may resist. Apple has historically refused government requests to pre-install apps and reportedly plans to raise concerns with Indian authorities. This move places India among countries enforcing state-backed security apps on devices, like Russia’s mandatory MAX messenger app. The government has asked for compliance reports within 120 days, making this rule a tough new norm for India’s massive smartphone market.