TRAI ordered Truecaller to hide ‘Spam’ labels on 140 and 1600 numbers. Now, its CEO explains how it backfired
Source Entity
The Indian Express

Intelligence Synthesis
AI-Generated Core Insights
Truecaller CEO Rishit Jhunjhunwala has warned that the Telecom Regulatory Authority of India's (TRAI) mandate to hide 'Spam' labels on 140 and 1600 series numbers has inadvertently empowered spammers, making it easier for them to deceive users.
The Regulatory Conflict: TRAI vs. Truecaller
In a developing conflict between regulatory oversight and consumer-driven security, Rishit Jhunjhunwala, the CEO of Truecaller, has highlighted a critical failure in the Telecom Regulatory Authority of India's (TRAI) recent directives. The core of the issue lies in TRAI's order requiring Truecaller to remove 'Spam' labels from phone numbers starting with the 140 and 1600 prefixes. These number series are typically reserved for commercial communications and transactional alerts. While the regulator's intent may have been to protect legitimate businesses from being unfairly flagged by crowd-sourced data, the real-world application has created a significant vulnerability in the consumer defense mechanism.
The Mechanism of the 'Backfire' Effect
Truecaller operates primarily on a community-based reporting system where millions of users flag suspicious numbers in real-time. When TRAI mandated the hiding of spam labels for the 140 and 1600 series, it effectively silenced this community warning system for a specific subset of numbers. According to Jhunjhunwala, this has "backfired" because spammers have quickly identified this loophole. By routing their fraudulent calls through these specific number series, spammers can now reach users without the immediate 'Spam' warning that usually prompts a user to ignore the call. This removes the first line of defense for the consumer, significantly increasing the success rate of phishing attempts and unsolicited marketing calls.
Understanding the 140 and 1600 Series
To understand the gravity of this situation, one must look at the nature of these number series. The 140 and 1600 prefixes are designed for official business communications, such as bank alerts, OTPs, and corporate notifications. Because these numbers are perceived as 'official,' users are naturally more inclined to trust them. When Truecaller is forbidden from labeling a number in this range as spam—even if thousands of users have reported it as a scam—the user is left with a false sense of security. This creates a dangerous environment where a fraudulent call appearing as a '140' number is far more likely to be answered and believed than a standard mobile number.
The Tension Between Regulation and User Security
This clash underscores a broader tension between government-mandated telecommunications standards and third-party security applications. TRAI's priority appears to be the standardization of commercial communication and the prevention of 'incorrect' labeling that could harm legitimate corporate interests. However, this top-down approach ignores the dynamic nature of digital fraud. Spammers do not follow regulatory guidelines; they exploit them. By prioritizing the 'reputation' of the number series over the 'behavior' of the caller, the regulator has inadvertently prioritized corporate convenience over individual consumer safety.
Broader Implications for Cybersecurity in India
If this trend continues, it could lead to a surge in financial fraud and social engineering attacks across India. As cybercriminals migrate toward 'protected' number series, the effectiveness of crowd-sourced security tools diminishes. This may force users to become overly skeptical of all commercial communications, potentially leading them to ignore legitimate bank alerts or urgent transactional notifications, thereby defeating the original purpose of the 140 and 1600 series. The incident highlights the need for a more collaborative approach where regulators work with tech platforms to create dynamic filtering systems rather than static bans on labels.
Future Outlook and Predictions
Looking forward, it is likely that Truecaller and other similar services will push for a more nuanced regulatory framework that allows for 'probabilistic' warnings rather than binary labels. We may see a shift where the industry demands a government-backed, real-time spam database that integrates directly with handset operating systems, reducing the reliance on third-party apps. Until then, the tussle between TRAI and Truecaller serves as a cautionary tale: when regulatory mandates ignore the adversarial nature of spammers, the end result is often a weakened security posture for the general public.
Summary
The dispute between TRAI and Truecaller reveals a critical gap in India's telecom regulation. By forcing the removal of spam labels on 140 and 1600 numbers, TRAI has inadvertently provided a shield for spammers, allowing them to masquerade as legitimate entities. This situation emphasizes the necessity of balancing corporate communication standards with the urgent need for real-time, user-driven security warnings to combat the evolving threat of digital fraud.