India questions WhatsApp’s username plans over scam and impersonation risks

India’s Ministry of Electronics and Information Technology has asked WhatsApp to justify its planned username feature, warning that the change could create new opportunities for fraud. The government...

India’s Ministry of Electronics and Information Technology has asked WhatsApp to justify its planned username feature, warning that the change could create new opportunities for fraud. The government has given the messaging platform three days to respond and has asked it to pause the rollout until officials are satisfied with the safeguards.

WhatsApp announced on June 29 that users will soon be able to reserve usernames and chat without immediately revealing their phone numbers. Meta says the feature is meant to give people more privacy when contacting classmates, neighbors, coworkers, and other groups. The company also said usernames will not be allowed to duplicate existing ones on Facebook or Instagram unless the same account holder controls them.

Government concerns

Indian officials say hiding phone numbers at first contact could make it easier for criminals to pose as banks, public agencies, or other trusted entities. In its letter, the ministry cited fears of phishing, impersonation, and so-called digital arrest scams, in which attackers pressure victims by pretending to represent law enforcement or government bodies.

The government pointed to the Information Technology Act, 2000, and the IT Rules, 2021 as the legal basis for its request. However, digital rights advocates questioned whether those laws give the ministry authority to stop a product launch in this way.

The Internet Freedom Foundation, which published a copy of the letter, argued that the ministry is stretching the law beyond its intent. The group compared the request with a previous attempt to require government approval before AI products could be released publicly, a move that was later withdrawn.

WhatsApp says protections are built in

WhatsApp said the username feature is not yet live and will be introduced gradually later this year. The company said it has designed several controls intended to limit abuse, including:

  • Warnings that help users identify whether a first-time message comes from a new account, a contact, or someone in another country
  • Reservations for certain high-profile usernames to prevent impersonation
  • Restrictions on lookalike usernames
  • Limits on how many new people an account can contact
  • Systems to detect repeated guessing attempts and suspicious behavior

The company also stressed that users will still need a phone number to use WhatsApp. With more than 3 billion users globally and India as its largest market, the platform is likely to face close scrutiny as the feature moves closer to launch.

Scams on messaging platforms are not unique to India, but the country has become especially sensitive to them after several high-profile fraud cases and recent action against other services, including Telegram, over abuse tied to public usernames.