The Karnataka High Court ruled on June 5, 2026, that Bharat Sanchar Nigam Limited (BSNL) is liable for a cooperative bank's Rs 50.5 lakh loss caused by a SIM swap fraud. The court found BSNL's negligent issuance of a duplicate SIM card directly enabled the theft, highlighting a structural flaw in India's digital payments system that relies heavily on mobile numbers for authentication, according to medianama.com.
Justice Suraj Govindaraj decided on two related petitions: one by the cooperative bank seeking higher compensation and another by BSNL challenging its liability. The court treated telecom service providers as custodians of mobile connectivity, akin to vault keepers, and held that careless issuance of duplicate SIMs makes them responsible for resulting fraud. The ruling emphasized that the duplicate SIM was the proximate cause of the loss, as fraud could not have occurred without it.
The judgment exposes a deeper vulnerability in India’s Unified Payments Interface (UPI) system, where the mobile number registered for One Time Password (OTP) authentication acts as the master security channel. This reliance means that control over a mobile number via a duplicate SIM can compromise an individual’s entire financial identity. The ruling challenges the effectiveness of existing verification methods in preventing such frauds.
The court overturned a prior Permanent Lok Adalat award that had granted the bank only Rs 5 lakh, increasing compensation to Rs 50.5 lakh. This decision sets a precedent for telecom providers’ accountability in SIM swap fraud cases, potentially influencing future rulings and regulatory measures in India’s digital payments landscape.