India's Ministry of Electronics and Information Technology has warned WhatsApp that its new username feature could increase risks of cyber-fraud [1].
The rollout marks a significant shift in how users connect on the platform. By allowing individuals to be identified by a chosen name rather than a phone number, the feature intends to enhance privacy, but officials said it creates new vulnerabilities for impersonation [1, 2].
Secretary S. Krishnan of the IT Ministry said that the ability to mask phone numbers could be exploited by bad actors to facilitate scams [1]. The government's concern centers on the potential for criminals to create deceptive identities to mislead victims, a tactic often used in social engineering attacks [2].
This warning comes amid a broader struggle against digital crime in the region. India has recorded 24.65 lakh cyber-fraud complaints [2]. The ministry said that removing the phone number as the primary identifier makes it harder for users to verify the actual identity of the person contacting them [1].
WhatsApp, owned by Meta, is implementing the change to give users more control over who sees their personal contact information [1]. However, the Indian government said that the platform must address how to prevent the feature from being used for malicious purposes [1, 2].
“The IT Ministry warns the feature could enable impersonation and cyber-fraud.”
The tension between user privacy and platform security is intensifying as messaging apps move away from phone-number-based identities. While usernames protect personal data from public view, they remove a critical layer of authentication that helps users identify known contacts, potentially increasing the success rate of phishing and impersonation scams in high-population digital markets like India.


