The Telecom Regulatory Authority of India (TRAI) has issued a Direction to all Access Providers mandating the pre-tagging of all variable components used in SMS content templates for commercial communication. Variable components typically include elements such as URLs, application download links, or callback numbers that may change from recipient to recipient or time to time, while the rest of the message text remains static.

Under the new requirement, senders must explicitly tag each variable field at the time of template registration i.e. must specify the purpose for which the variable is going to be used. For example, tagging a variable as #url# implies that the variable contains a URL. Unless these variable fields are pre-tagged, Access Providers cannot identify or scrub them to determine whether the inserted values are from whitelisted domains, numbers, or links. Pre-tagging therefore becomes essential for automated identification and scrubbing of variable fields.

Evidence from multiple UCC investigations shows that the absence of predefined tagging has been routinely exploited for fraudulent and phishing activities, allowing unregistered or malicious URLs, app links, and callback numbers to be inserted into approved templates without detection. The Direction aims to further strengthen the anti-spam and anti-fraud framework by ensuring complete visibility of variable fields in SMS and enabling Access Providers to apply stringent content scrubbing.

With the introduction of mandatory pre-tagging, these variable elements will now have to be categorized and registered upfront by the principal entities(PE), making them traceable and accountable. This measure represents a significant regulatory intervention aimed at preventing misuse of registered templates, particularly by fraudsters who insert these harmful links and  call-back numbers to lure unsuspecting users, many times resulting in financial fraud, data theft and cyber harm.

Access Providers and Principal Entities are required to complete modification of existing templates within a period of 60 days. After expiry of this compliance window, messages sent using non-compliant templates will be rejected and not delivered.

This Direction reinforces the safeguards under the Telecom Commercial Communications Customer Preference Regulations (TCCCPR), 2018 and strengthens TRAI’s framework for curbing unauthorized commercial communication. By ensuring that every variable field in commercial SMS is validated before transmission, this initiative is expected to significantly enhance public safety and restore trust in digital messaging channels relied upon for banking, financial services, government and essential services communication.

****

MI/ARJ

(Release ID: 2191273) Visitor Counter : 239