Indian security agencies were always suspicious of Chinese companies and products, especially telecom equipment. In a recent development, National Security Council (NSC) has said that SIM cards manufactured by Chinese companies could make the country's telecom and banking networks vulnerable to security threats, according to a report in the Economic Times.

Interestingly, the story appears as the Chinese premier Xi Jinping arrives in India on a two-day official visit.

NSC is the apex agency looking into the country's political, economic, energy and strategic security concerns. It works closely with Intelligence Bureau (IB).

It has written to the department of telecom (DoT), seeking immediate steps to ensure all SIM cards used in the country are domestically manufactured and that the companies making them must secure a security clearance from the ministry of home affairs, according to the report.

This is important to restrain transmission of sensitive data outside territorial limits of India, said the NSC communication.

Despite enough production capacity in the country, 40% SIM cards sold in the country are imported, mostly from China, according to the report. “Consequently, all the secret keys used through the SIM card become available to personalised centres located outside judicial boundaries of Indian security agencies, it said. "Besides SIM card cloning, other security issues that can arise from compromise of keys can be location tracing, call and SMS diversion, copying of data transmitted, remote extraction of network and banking keys," NCS said in its communication.

"With increasing use of mobile phones for various value-added services including mobile banking and payments, the risk of compromise of secret keys is extending to banking and payment infrastructure as well," it added. Explaining the security threat, NCS said that unlike the telecom equipment that is centrally located, SIM cards are in the hands of a million users and can be attacked over the air from external locations.

                                               

It has further said that some SIM card manufacturers, owned and controlled by Chinese nationals with unclear ownership and antecedents, have established SIM card personalisation activity, or making them ready to use, in India. This, according to NSC, was done to bypass the upcoming policy that would mandate domestic production of SIM cards, according to the Economic Times report.

The council has also named Eastcompeace as one of Chinese SIM manufacturers that are partly owned by the sovereign. It said the government needs to clearly establish and monitor the context of ownership before it gives clearance to such facilities. To avert such threat, NSC has proposed that an appropriate technical agency such as the Telecom Engineering Centre (TEC) should inspect and certify security measures instituted by each SIM manufacturing units to ensure that personalisation keys are only located in India and are available to be inspected by the home ministry.