TRAI suspends new anti-spam SMS rules as customers face OTP issues
The Telecom Communications Customer Preference Regulations (TCCCPR) were meant to supress pesky SMSes but ended up affecting OTP delivery for crucial services.
March 09, 2021 / 05:51 PM IST
The Telecom Regulatory Authority of India (TRAI) has temporarily suspended the implementation of the new anti-spam regulations for commercial texts that led to a massive disruption of SMS services on March 8.
Telecom companies had implemented the Telecom Communications Customer Preference Regulations (TCCCPR) that were meant to reduce the SMS spam leading to disruptions in the delivery of OTP messages affecting banking transactions, online ticket bookings, Aadhaar authentication and other OTP-based services.
The new process under a system called Distributed Ledger Technology or DLT was the reason for OTP services getting affected.
According to a Gadgets360 report the OTP APIs that caused the issue will soon be working normally and the suspension will be only till the problem is fixed.
TRAI has so far not provided any information on the duration of the suspension but some reports suggest it could be seven days.
The source said TRAI has not yet informed the mobile operators of their decision. The new technology was supposed to clamp down on spam SMSes by making it necessary to verify each SMS with a registered template.
This caused a problem with OTP services causing many users grief as they sat around waiting to log in to services that require OTP activation. Services such as the Unified Payments Interface (UPI), Aadhar services, net banking and credit card authentications were facing issues with OTP delivery.
As per a report by Economic Times, nearly 40 percent of the one billion daily average commercial SMSes failed to deliver. Banks saw a failure rate of 25 percent as well.
The reason why the TRAI mandated the new regulations in the first place was due to the increasing threat of SMS pollution, bombarding users with spam messages through the day.
In 2018, TRAI implemented a 'Do Not Disturb' service that had twenty-three crore subscribers but people soon discovered workarounds and gained a customers consent under false pretences.
The new regulations that were put in place required explicit recorded consent from a user before any service is activated. They were also given the option to opt out of or revoke their consent in case of abuse.