The Department of Telecommunications (DoT) has cautioned manufacturers, brand owners, importers and resellers of telecom equipment, reminding them of mandatory International Mobile Equipment Identity (IMEI) registration requirements and warning of severe penalties for IMEI tampering under the Telecommunications Act, 2023 and the Telecom Cyber Security Rules, 2024.
According to the DoT, IMEI regulation is critical for safeguarding telecom networks, preventing counterfeit devices and strengthening India’s digital security framework. The government has clarified that any telecommunication device – such as mobile phones, modules, modems, tablets, dongles, SIM Boxes or other equipment with an IMEI – must follow strict compliance protocols.
Under Section 42 of the Telecommunications Act, 2023, tampering with IMEI numbers or possessing devices with knowingly tampered identifiers constitutes a punishable offence. Violations can attract imprisonment of up to three years, fines of up to ₹50 lakh, or both. These offences are cognizable and non-bailable, and similar penalties apply to those aiding or abetting such activities.
The Telecom Cyber Security Rules, 2024 further mandate that all manufacturers must register IMEI numbers of devices produced in India before sale, testing, research, or any other use. Importers are required to complete IMEI registration before importing devices. All registrations must be carried out on the Device Setu – Indian Counterfeited Device Restriction (ICDR) portal.
The government also maintains a central repository of blacklisted or tampered IMEIs. Entities dealing in second-hand devices must verify IMEIs through this national database before any transaction. Additionally, the Telecom Cyber Security Amendment Rules, 2025 empower the Centre to direct manufacturers not to reassign IMEIs already active in Indian telecom networks.
The DoT reiterated that the use, manufacture or sale of devices capable of programmable IMEI configurations effectively amounts to IMEI tampering and will attract legal action. As per the rules, the government may also direct telecom operators to block devices with tampered identifiers from accessing networks.
Emphasising the importance of compliance, the DoT said that strict enforcement is essential for telecom cybersecurity, curbing counterfeit markets, supporting law enforcement efforts and ensuring proper tax collection. Failure to adhere to the regulations will invite stringent punitive measures.
Registrations and detailed procedures – including company verification, TAC-linked brand registration, device model listing and IMEI submission – must be completed through the Device Setu (ICDR) portal.
The Telecommunications Act, 2023, the Telecom Cyber Security Rules, 2024 and the Telecom Cyber Security Amendment Rules, 2025 are available on the DoT website.