India plans new security testing for smartphones, crackdown on pre-installed apps
India plans to force smartphone makers to allow removal of pre-installed apps and mandate screening of major operating system updates under proposed new security rules, according to two people and a government document seen by Reuters.
The plan for new rules, details of which have not been previously reported, could extend launch timelines in the world’s No.2 smartphone market and lead to losses in business from pre-installed apps for players including Samsung, Xiaomi, Vivo, and Apple.
India’s IT ministry is considering these rules amid concerns about spying and abuse of user data, said a senior government official, one of the two people who spoke to Reuters on condition of anonymity as the information is not yet public.
“Pre-installed apps can be a weak security point and we want to ensure no foreign nations, including China, are exploiting it. It’s a matter of national security,” the official added.
Chinese manufacturers account for more than half of all smartphone sales in India.
India’s minister for state for IT, Rajeev Chandrasekhar, however, said the news was “plain wrong” and that “there is no “security testing” or “crackdown” as story suggests.”
He added, in a post on Twitter, that there was an ongoing consultation between the government and the industry.
He did not elaborate.
India has ramped up scrutiny of Chinese businesses since a 2020 border clash between the neighbors, banning more than 300 Chinese apps, including TikTok. It has also intensified scrutiny of investments by Chinese firms.
Globally too, many nations have imposed restrictions on the use of technology from Chinese firms like Huawei and Hikvision on fears Beijing could use them to spy on foreign citizens. China denies these allegations.
Currently, most smartphones come with pre-installed apps that cannot be deleted, such as Chinese smartphone maker Xiaomi’s app store GetApps, Samsung’s payment app Samsung Pay and iPhone maker Apple’s browser Safari.
Under the new rules, smartphone makers will have to provide an uninstall option and new models will be checked for compliance by a lab authorized by the Bureau of Indian Standards agency, the two people with knowledge of the plan said.
The government is also considering mandating screening of every major operating system update before it is rolled out to consumers, one of the people said.
Reuters was first to report the deliberations on Tuesday.
A February 8 confidential government record of an IT ministry meeting, seen by Reuters, states: “Majority of smartphones used in India are having pre-installed Apps/Bloatware which poses serious privacy/information security issue(s).”
The closed-door meeting was attended by representatives from Xiaomi, Samsung, Apple and Vivo, the meeting record shows.
The government has decided to give smartphone makers a year to comply once the rule comes into effect, the date for which has not been fixed yet, the document added.
The companies did not respond to a request for comment.
‘Massive hindrance’
India’s fast-growing smartphone market is dominated by Chinese players. Xiaomi and BBK Electronics’ Vivo and Oppo account for 47 percent of total sales, Counterpoint data shows. South Korea’s Samsung has a 20 percent share and Apple has 3 percent.
While European Union regulations require allowing removal of pre-installed apps, it does not have a screening mechanism to check for compliance like India is considering.
An industry executive said some pre-installed apps like the camera are critical to user experience and the government must make a distinction between these and non-essential ones when imposing screening rules.
Smartphone players often sell their devices with proprietary apps, but also sometimes pre-install others with which they have monetization agreements.
The other worry is more testing could prolong approval timelines for smartphones, a second industry executive said. Currently it takes about 21 weeks for a smartphone and its parts to be tested by the government agency for safety compliance.
“It’s a massive hindrance to a company’s go-to market strategy,” the executive said.