The Indian government has asked Meta Platforms Inc. to pause the rollout of WhatsApp usernames due to concerns over fraud and impersonation [1, 2].
This move highlights the tension between expanding social connectivity and managing cyber-crime in one of the world's largest smartphone markets. If scammers use deceptive usernames to mimic government agencies or businesses, it could lead to a surge in financial fraud [1, 2].
The Ministry of Electronics and Information Technology raised the alarm on July 2, 2026 [1, 2]. An official from the ministry said, "The username feature could be misused for fraud and impersonation" [1].
Authorities are concerned that the ability to create usernames could allow bad actors to deceive users into believing they are communicating with trusted individuals [1, 2]. To address these concerns, India has given Meta three days to provide a detailed explanation of how the feature works [2].
Meta has defended its approach to the update. A spokesperson for the company said, "We have built multiple layers of defense to protect users from scams" [2]. The company maintains that the system is designed with security in mind to prevent the very issues the government fears.
Further protections are intended for high-profile accounts. A Meta representative said that celebrities and public figures will be protected under new safeguards [3].
Despite the government's scrutiny, the feature is not yet live [1]. The company is now tasked with proving that its safeguards can mitigate the risks of impersonation before the rollout proceeds in the region [1, 2].
“"The username feature could be misused for fraud and impersonation."”
This clash underscores the growing regulatory scrutiny of Big Tech in India, where the government prioritizes national security and fraud prevention over rapid feature deployment. By demanding a technical justification within a tight window, the Indian government is asserting its authority to veto specific product designs that it deems a risk to public safety, potentially forcing Meta to implement region-specific restrictions on how usernames are verified.



