The Indian government has ordered Meta to pause the rollout of WhatsApp's new username feature, citing risks of impersonation, phishing, and digital fraud. Authorities have directed the company to provide a detailed safety explanation within three days, emphasizing that digital platforms must ensure security is built into their architecture.
NEW DELHI — The Union government has formally issued a notice to Meta, directing the company to halt the rollout of its proposed "username" feature on WhatsApp in India. The directive, issued by the Ministry of Electronics and Information Technology (MeitY) on Wednesday, July 1, 2026, mandates that the tech giant pause the launch until detailed consultations regarding public safety and cybersecurity are concluded.
The feature, which was designed to allow users to interact on the platform without disclosing their mobile phone numbers, is currently under intense scrutiny. While Meta has positioned the update as a privacy-focused tool, the government has expressed significant reservations, warning that the move could inadvertently provide a new avenue for cybercriminals.
Regulatory Concerns and Cyber Fraud Risks
The Ministry’s notice highlights deep-seated anxieties regarding the potential for "materially increased" instances of online fraud. Officials specifically pointed to the risks of phishing, "digital arrest" scams, and sophisticated impersonation attacks. By decoupling the messaging identity from a verified phone number, the government fears that bad actors could more easily solicit and deceive unsuspecting victims.
Furthermore, the notice warns of identity spoofing. The government stated that the feature could facilitate the adoption of usernames closely resembling those of public authorities, financial institutions, and government agencies. This could potentially allow fraudsters to masquerade as official entities to gain trust and extract sensitive information or funds from users.
Official Stance and Compliance Obligations
The Indian government has reminded Meta that, as a "significant social media intermediary," WhatsApp is bound by stringent due diligence obligations under the Information Technology (IT) Act and the IT Rules of 2021. The notice cites several provisions, including those governing intermediary responsibilities and the requirement for lawful identification of the "first originator" of messages.
The government has directed Meta’s India operations to provide a detailed explanation of the proposed feature—supported by relevant technical documentation—within three days of receiving the notice. The firm has been explicitly instructed to refrain from proceeding with the rollout until it has satisfied the government’s security requirements.
Meta’s Response and Proposed Safeguards
A WhatsApp spokesperson confirmed that the username feature has not yet gone live and is intended for a gradual rollout later this year. In response to the regulatory friction, the company emphasized that the feature is designed as an optional layer of privacy rather than a replacement for phone number-based verification.
Meta stated that it has built multiple safeguards into the architecture, including:
Reserved Names: High-profile identities, such as public figures, government entities, and celebrities, have been reserved to prevent impersonation.
Contact Limitations: Systems will be in place to limit how many new people an account can contact via a username.
Abuse Detection: Automated mechanisms will block repeated attempts to guess username keys and identify common impersonation patterns.
Transparency Measures: Users will be alerted if a first-time message originates from an unknown account or a different country.
Why It Matters: Implications for Digital Safety
The government's intervention reflects a broader regulatory trend of holding digital platforms directly accountable for the design of their infrastructure. Because WhatsApp serves as critical communication infrastructure in India—used for everything from personal chats to business payments and government services—authorities are prioritizing "secure by design" principles.
For the average user, this means the wait for username-based communication will continue until Meta can demonstrate that the feature does not compromise the security frameworks currently in place. For businesses and investors, the move signals a firm stance from New Delhi that privacy-enhancing features must not come at the cost of traceability or accountability in the digital ecosystem.
Key Facts at a Glance
Temporary Suspension: The Indian government has ordered Meta to pause the WhatsApp username feature rollout until further notice.
Primary Concerns: Authorities fear an increase in phishing, digital arrest scams, and impersonation of government or financial entities.
Regulatory Basis: The notice invokes the IT Act, 2000, and IT Rules, 2021, reminding Meta of its due diligence obligations.
Response Deadline: Meta must submit a detailed explanation and relevant documents to the Ministry of Electronics and Information Technology within three days.
Meta's Position: The company maintains that the feature is optional and includes safeguards like reserved names and spam detection.
Frequently Asked Questions (FAQ)
Is the WhatsApp username feature permanently banned?
No, the government has requested a pause on the rollout to conduct consultations. It remains on hold until the government is satisfied with the security safeguards.
Why is the government worried about usernames?
Officials are concerned that usernames could allow bad actors to hide behind fake identities, making it difficult to trace the originators of fraudulent messages and making it easier to impersonate trusted institutions.
Will I still need a phone number to use WhatsApp?
Yes, Meta has clarified that a phone number will remain a mandatory requirement for WhatsApp account verification; the username feature was intended to provide an additional layer of identity privacy.
What happens if Meta fails to comply?
The notice warns that regulatory action may be initiated under the IT Act for failing to meet due diligence requirements or for launching features that increase risks to public safety.
Source: Ministry of Electronics and Information Technology (MeitY), The Hindu, The Indian Express, Times of India