Telecom regulators in India have reportedly asked smartphone manufacturers to preload a state-owned cybersecurity app that cannot be deleted onto all new devices, and push the app to existing devices via a software update. Reuters reports that, according to a non-public government order sent to manufacturers, Apple, Samsung, Xiaomi and others were given 90 days to comply.The app in question is called Sanchar Saathi (meaning Communication Companion), and is primarily aimed at fraud prevention with tools that allow users to report and lock lost or stolen devices. According to Reuters, the app has a reported 5 million downloads since its release and has helped block 3.7 million stolen or lost phones in India. An additional 30 million reportedly fraudulent connections have been terminated using the app."If I lose my phone, immediately the app is on my phone which I can then register and make sure my phone is not used by any fraudulent individual. It's a step to protect the consumer," Telecom Minister Shri Jyotiraditya M. Scindia said in an interview with CNBC. The Minister said the installation order should be issued in the "next couple of days."How smartphone manufacturers will respond remains to be seen. Apple, for its part, doesn't have the strongest history of standing up to governments that oversee large markets for the company. Just a few weeks ago Apple removed two of the largest LGBTQ+ dating apps from the Chinese App Store at the government's request. In 2019 the iPhone maker removed a Hong Kong protest app following pressure from Chinese authorities. The company has also become increasingly entangled with India as it looks to move US-bound iPhone production to the country.This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/india-will-require-a-state-owned-cybersecurity-app-to-be-installed-on-all-smartphones-192305599.html?src=rss

India is considering new smartphone security rules that would require device makers to allow government access to source code for vulnerability analysis." It would also require companies to notify the government of major software updates and security patches before rollout, according to Reuters.This is the latest in a raft of unprecedented proposals by the Indian government under the guise of security, as it weighs making a package of 83 security standards drafted in 2023 legally binding in the world's second-largest smartphone market with nearly 750 million smartphones.Under the proposals, any source code review would be analyzed and potentially tested at designated labs in India. Major phone manufacturers have reportedly warned the Indian government that such a move risks revealing proprietary information.The source code proposal comes alongside a series of additional recommendations such as restrictions on background permissions for apps and the option to remove all preinstalled apps. Reuters also reports the package would mandate periodic malware scanning and require phones to store system logs for at least 12 months, requirements that industry groups told the publication would drain battery life, run into storage limits and slow the rollout of necessary security updates.The nation's IT ministry told Reuters it "refutes the statement" that it is proposing manufacturers hand over their source code. This was despite a review of internal government and industry documents as part of the reporting. Government officials and industry executives are reportedly due to meet Tuesday for more discussions.Last month, India was set to require a state-owned cybersecurity app be preinstalled on every smartphone in the nation before backpedaling after intense backlash. Just two days later, there was reportedly a proposal to require that smartphones keep location services on at all times with no way to turn them off.This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/india-is-proposing-another-far-reaching-security-rule-for-smartphones-155204829.html?src=rss