Fighting Cyber Fraud in India: A Closer Look at TRAI’s New Message Traceability Guidelines

Image

India has been witnessing a significant rise in online scams and cyber fraud over recent years. According to the CERT-In Annual Report 2023 , India reported 1,592,917 cybersecurity incidents  in 2023, reflecting a 14.5% increase  from the 1,392,000 incidents reported in 2022. These included website intrusions, malware propagation, phishing, distributed denial-of-service (DDoS) attacks, website defacements, unauthorized network scanning, ransomware attacks, and data breaches.

This figure represents a significant workload in incident handling and highlights the persistent threat landscape in the country. In response to this growing cyber threat, India has introduced several measures over the years to regulate commercial messaging and protect users from fraudulent activities.

Existing Guidelines: Strengths and Weaknesses

The Telecom Commercial Communications Customer Preference Regulations (TCCCPR), 2018 , introduced by the Telecom Regulatory Authority of India (TRAI) , required businesses to use a blockchain-based Distributed Ledger Technology (DLT)  platform to register entities, headers, and message templates. By doing so, TRAI aimed to enhance transparency and curtail unsolicited commercial communications, providing a more secure and user-friendly messaging environment.

One of the notable strengths of this framework was its ability to improve traceability through mandatory registration, making it harder for unauthorized entities to send commercial messages. Additionally, the regulations empowered consumers by enabling them to block unwanted communications through Do Not Disturb (DND)  services, offering greater control over their messaging preferences.

However, the TCCCPR framework was not without its shortcomings. Enforcement varied significantly across telecom operators, creating inconsistencies that left loopholes in the system. Furthermore, while the registration of message templates added a layer of accountability, the framework struggled to effectively trace the origin of fraudulent messages. Scammers often exploited these gaps, undermining the system's ability to prevent phishing and other forms of cyber fraud.

TRAI’s New Guidelines: Potential Impact on Businesses and Consumers

The new message traceability guidelines, set to take effect on   December 11, 2024 , aim to strengthen the existing framework by ensuring end-to-end traceability  of commercial messages. Under these guidelines, a clearly defined chain  between Principal Entities (PEs) and Telemarketers (TMs) must be established and registered on the DLT platform. Starting from the implementation date, any message traffic with an undefined or mismatched chain will be rejected by telecom operators, preventing such messages from reaching consumers.

For businesses, this development introduces new compliance requirements . Companies must now define and register their PE-TM chains, which will likely necessitate updates to their messaging systems and processes. The failure to comply with these requirements could result in the blocking of messages, causing potential disruptions in customer communication and transactional processes.

On the consumer side, the guidelines are expected to bring significant benefits. Enhanced traceability is anticipated to reduce the prevalence of fraudulent messages and scams, creating a safer communication environment . Additionally, the stricter regulations may lead to a decrease in unsolicited messages and spam calls, improving the overall user experience.

In its official notification, TRAI stated that "with effect from December 11, 2024, any traffic where the chain of telemarketers is not defined or does not match with a pre-defined chain shall be rejected." TRAI has also reassured users that essential services, such as OTP deliveries, will not face delays or disruptions during the implementation of the new system, emphasizing the balance between security and seamless communication.

Understanding the PE-TM Chain in TRAI’s Guidelines

A critical component of TRAI’s new message traceability guidelines  is the structured chain between Principal Entities (PEs)  and Telemarketers (TMs)

Principal Entities (PEs)  are businesses or organizations that originate commercial messages. These include entities such as banks, e-commerce platforms, or service providers that send OTPs, promotional offers, or transactional notifications to their customers.

Telemarketers (TMs)  act as intermediaries authorized by PEs to distribute these messages using telecom networks. TMs can either be independent agencies or in-house teams employed by the PEs.

Image

To maintain traceability, the guidelines mandate that all PEs and TMs register their details on TRAI’s Distributed Ledger Technology (DLT)  platform. This registration process involves several key elements:

  1. Principal Entity Registration:  PEs must register themselves along with their communication templates, ensuring only approved messages are sent.

  2. Telemarketer Registration:  TMs must also register, linking their services to specific PEs.

  3. Template and Header Registration:  Each message template, as well as the header (sender ID), must be registered, ensuring alignment with the PE and TM details.

This defined chain is verified by telecom operators who cross-check message traffic against the records in the DLT platform. Messages from unregistered or mismatched chains are rejected, preventing them from reaching consumers.

This chain provides significant benefits. By ensuring only authorized TMs can send messages on behalf of registered PEs, the system minimizes the risk of scams and fraudulent communications. It also enhances transparency and accountability, as every message can be traced back to its origin. Consumers benefit from a safer messaging environment, with reduced instances of phishing, spoofing, and spam.

Similar Examples in Other Parts of the World

Several countries have implemented telecommunications regulations aimed at preventing scams and fraud:

China: Anti-Telecom and Online Fraud Law

Enacted in December 2022, China's Anti-Telecom and Online Fraud Law mandates that telecommunications operators implement real-name registration for all users and enforce limits on the number of SIM cards per individual. The law also requires telecom operators, financial institutions, and internet service providers to establish internal systems for preventing and controlling fraud risks. These measures aim to curb telecom and online fraud by enhancing traceability and accountability within the telecommunications sector.

United Kingdom: Telecommunications Fraud Sector Charter

In November 2022, the UK government introduced the Telecommunications Fraud Sector Charter, a collaborative effort between the government and telecom providers to combat fraud and scams targeting UK customers. The charter outlines commitments to enhance information sharing, implement protective technologies, and educate consumers about fraud prevention. This initiative aims to reduce consumer harm and financial losses associated with telecommunications fraud.

Australia: Scam Prevention Framework

The Australian government has proposed a Scam Prevention Framework that imposes mandatory obligations on banks, telecommunications companies, and digital platforms to combat scams. The framework includes measures such as verifying sender identities before messages reach recipients and implementing customer dispute resolution mechanisms. Non-compliance can result in substantial fines, emphasizing the importance of proactive scam prevention.

These examples highlight how traceability measures are increasingly being adopted worldwide to address challenges in digital communication. TRAI’s new guidelines align with this global trend by focusing on curbing spam and fraud through robust traceability mechanisms. By mandating the registration of telemarketers and ensuring accountability in message transmission, these regulations promise to enhance security and trust for consumers.

While businesses may face initial compliance challenges, the long-term benefits of reduced fraudulent activity and a safer communication ecosystem could significantly outweigh the costs. This initiative positions India as a proactive player in combating the growing menace of digital fraud.

About the Author

James Greening , operating under a pseudonym, brings a wealth of experience to his role. Formerly the sole driving force behind Fake Website Buster, James leverages his expertise to raise awareness about online scams. He currently serves as a Content Marketing & Design Specialist for the Global Anti-Scam Alliance (GASA), and contributes to ScamAdviser.com .

James’s mission aligns with GASA’s mission to protect consumers worldwide from scams. He is committed to empowering professionals with the insights and tools necessary to detect and mitigate online scams, ensuring the security and integrity of their operations and digital ecosystems.

Connect with James Greening on LinkedIn
Dec 6, 2024
8 minute read
Category
Best Practices Industry - Telecom Operators / Hosters Topic - Scam Detection
Written by
Jorij Abraham
Managing Director
Share article

Latest blogs & research

Romance scams continue to grow worldwide, exploiting trust, emotional vulnerability, and online relationships to manipulate victims into financial and emotional harm. Timed around Brazil’s Valentine’s Day period, the latest GASA meet-up, Golpes do Amor — Como eles acontecem e como se proteger, explored how these scams operate, why they are so effective, and how individuals can better recognise warning signs before becoming victims. Hosted by the Brazil Chapter of the Global Anti-Scam Alliance (GASA), the discussion highlighted findings from O Estado dos Golpes no Brasil. According to the report, romance scams have already affected 18 per cent of surveyed Brazilian adults, while 6 per cent of victims reported falling for this type of scam more than once. Beyond financial losses, speakers emphasised the severe emotional consequences victims often experience, including shame, trauma, and loss of trust. Read the Report – O Estado dos Golpes no Brasil Speakers: Rose Leonel, Journalist and Founder – ONG Marias da Internet Tanila Savoy, Founder – Associação Nacional de Vítimas da Internet (ANVINT) Lisandréa Salvariego Colabuono, Police Chief and Coordinator – NOAD, Polícia Civil de São Paulo Renata Salvini, Brazil Chapter Director – Global Anti-Scam Alliance A major focus of the discussion was the manipulation techniques commonly used in romance scams. Speakers explained how scammers frequently create convincing identities, often pretending to be foreigners, military personnel, or individuals living abroad, while avoiding in-person meetings and building emotional dependency over time. Urgency and financial pressure were highlighted as major warning signs, particularly when victims are pushed to act quickly or send money under emotional circumstances. The webinar also explored the lasting psychological impact of these crimes and reinforced that victims should never be blamed. Rose Leonel shared her personal story of transforming trauma into advocacy after becoming a victim of non-consensual intimate image sharing, an experience that ultimately contributed to the creation of the Rose Leonel Law in Brazil. Speakers stressed the importance of reporting scams, noting that even small details can assist investigations and help prevent future victims. The conversation reinforced the need for greater public awareness, victim support, and collaboration between civil society, law enforcement, and digital platforms to address emotionally manipulative fraud more effectively. Through initiatives like this meet-up, GASA continues working with experts and organisations worldwide to strengthen scam prevention and support victims of online fraud. Watch the full discussion below to learn how individuals and organisations can better recognise and respond to romance scams.

Romance Scams in Brazil: Warning Signs and Prevention

Experts from Brazil discuss how romance scams work, their emotional impact, and how victims can protect themselves online.

Topic - Scam Awareness Video Event - GASA Meet-Ups Industry - Law Enforcement
Acción coordinada. Impacto real. México lidera el cambio

De Viena a la Acción: GASA México y UNODC México Cierran Brechas Operativas

GASA México y UNODC México formalizan un Acuerdo de Intercambio de Comunicaciones, convirtiendo los compromisos globales de Viena en acción coordinada contra el fraude.

News Topic - Fraud Policy Industry - Policy Makers Region - Latin America
un global fraud summit what comes next discussions

What the UN Global Fraud Summit Discussions Tell Us About What Comes Next

Watch expert discussions from the UN Global Fraud Summit on the industrialisation of fraud, global collaboration, public–private frameworks, and next steps for implementation.

Best Practices Industry - National Cyber Security Centers (NCSCs) Region - Europe Region - Global
gasa webinar

Game Over for Scammers: Regional Defenses Against Online Gambling–Related Scams

Experts from INTERPOL, ACMA, and DGOJ examine how gambling-related scams operate and how global enforcement is responding.

Region - Europe Video Topic - Fraud Policy Event - GASA Meet-Ups
22,000 Fraud Signals Bank Attack Trends – March 2026

What 22,000 Fraud & Cyber Crime Operator Signals Reveal About the State of Bank Attacks

Falkin's analysis of 22,661 fraud operator signals shows how bank attacks are evolving across regions, typologies, and AI-driven scam infrastructure.

Research Region - Global Scam Trends Topic - Fraud Research
Microsoft White Paper on Link Analysis and Digital Fingerprinting in Fraud Detection

Reinventing Fraud Detection Through Digital Fingerprinting and Link Analysis

A Microsoft white paper examines how digital fingerprinting and link analysis shift fraud detection from isolated events to connected, network-level intelligence.

Research Topic - Fraud Prevention Region - Global Topic - Scam Detection
gasa meet-up

On the Frontlines: Fighting AI-Powered Scams & Fraud

Experts from Microsoft, OpenAI, Google and C4ADS share how AI is shaping scams and how to fight back.

Topic - Fraud Prevention Region - Global Video Topic - Scam Detection

Telecoms on the Front Line: GASA at the Stimson Center Dialogue on Combating Scams

According to GASA’s Global State of Scams Report, telecommunications channels—voice and SMS in particular—remain a predominant “front door” for scams.

News Topic - Fraud Policy Region - North America Industry - Policy Makers