India's National Testing Agency and IIT-Madras have publicly identified a specific technical vulnerability in Telegram that they say enabled fraudsters to fabricate apparent evidence of question paper leaks ahead of the re-NEET examination. The disclosure came on Tuesday as both institutions sought to justify a temporary restriction on the messaging platform - a move that has drawn sharp criticism from digital rights advocates who argue it constitutes a disproportionate response to exam fraud.
How the Deception Works: Timestamps That Lie
At the core of the controversy is a feature - or, depending on one's perspective, a flaw - in Telegram's architecture. The platform permits channel administrators to silently edit previously sent messages, including file attachments, without altering the original timestamp. A document posted at 3:39 pm can be replaced with an entirely different file minutes, hours, or even up to 48 hours later. Anyone viewing the channel after the edit sees no indication that anything changed. The timestamp remains frozen at 3:39 pm.
IIT-Madras Director V Kamakoti demonstrated this live, walking through the mechanics in plain terms: a user sends one PDF, replaces it with another after the fact, and the record appears entirely unchanged to any subsequent viewer. This is not a bug in the conventional sense - Telegram's editing capability is a deliberate design feature intended to allow users to correct mistakes. But in the context of high-stakes examinations, it has reportedly been weaponised to manufacture a false chronology: the impression that a question paper circulated publicly before the examination began.
NTA Director General Abhishek Singh cited a specific instance from the May 3 NEET examination. A video circulated widely on social media purporting to show a question paper shared on a Telegram channel two days before the exam. NTA's investigation traced the paper through its unique identifier - a tracking mechanism embedded in every NEET question booklet - to a single candidate at a school in Anantnag, Jammu and Kashmir. CCTV footage, attendance records, and the recovered OMR answer sheet all confirmed the paper had only ever existed in that student's hands on exam day. The Telegram post, Singh concluded, was fabricated after the fact.
A Pattern Across Competitive Examinations
Kamakoti said the same technique has been deployed, to his knowledge, in at least two other high-profile examinations: JEE Advanced and the IISER Aptitude Test. This suggests a repeating pattern rather than an isolated incident - one in which the chaos and anxiety surrounding competitive entrance exams create fertile conditions for misinformation. Fraudsters do not need actual access to question papers. They need only panic, social media velocity, and a platform that does not visibly flag edits.
The human cost is immediate and tangible. As Singh acknowledged, Telegram channels have reportedly charged candidates and their families money in exchange for supposed advance access to question papers - access that was never real. "Anyone claiming to sell you any paper is lying, scamming and fooling you," he said in a video message posted to X. Parents under pressure and students facing one of India's most gruelling entrance examinations make precisely the kind of desperate audience that this type of fraud targets.
The Restriction and Its Critics
Against that backdrop, the government ordered a temporary restriction on Telegram ahead of the re-NEET examination, and sources familiar with the matter indicated that the app was removed from the Play Store accordingly. Apple was reported to be likely to follow. The Internet Freedom Foundation responded swiftly, describing the curbs as a "band-aid solution" and a disproportionate measure - a characterisation that echoes longstanding debates about how democracies balance platform accountability against blanket access restrictions.
The IFF's objection carries weight. Blocking an entire platform used by tens of millions of people to prevent a specific misuse of one editing feature is a blunt instrument. It punishes ordinary users - students coordinating study groups, journalists using secure channels, civil society organisations - for the actions of a small number of fraudsters. The technical vulnerability itself remains unaddressed by a platform-level block; it would persist the moment access is restored.
There is also a precedent question. India has increasingly resorted to platform restrictions and app removals as regulatory tools, a pattern that courts and digital rights groups have repeatedly scrutinised. When the justification is exam integrity rather than national security, the legal and democratic thresholds for such action attract closer examination.
What This Exposes About Platform Design and Accountability
The underlying technical issue deserves attention independent of the policy dispute. Silent message editing - the ability to alter content without any visible edit history for channel viewers - is a design choice with real consequences in information-sensitive environments. Other major platforms handle edits differently: some display an "edited" label, some preserve version history, and some restrict editing windows significantly. Telegram's relatively permissive editing rules, combined with its large anonymous channel infrastructure, create conditions that are demonstrably exploitable.
This is not to say that Telegram is uniquely or inherently malicious - it is also widely used for legitimate privacy-preserving communication and is a critical tool for journalists and activists in restricted environments. But the NTA-IIT disclosure points to a category of platform design decision that regulators, developers, and users rarely examine until it causes harm: the gap between a feature's intended use and its potential for abuse in high-stakes contexts. Whether the appropriate response is platform restriction, compulsory design changes, or better public education about how such manipulations work is a question that the current controversy has done little to resolve.
