The Indian government has issued a notice asking WhatsApp to pause the rollout of its new username feature until consultations are complete [1, 2].

This intervention highlights the tension between platform usability and national security. By allowing users to be found via usernames rather than phone numbers, the feature could inadvertently lower the barrier for bad actors to target unsuspecting citizens.

The government, referred to as the Centre, said it has concerns that the feature could increase the prevalence of online fraud [1, 2]. Specifically, officials said that the ability to create usernames may make it easier for fraudsters to impersonate other individuals or organizations, a tactic often used in sophisticated phishing attacks [1, 2].

Of particular concern to the Centre are digital-arrest scams [1, 2]. In these schemes, criminals pose as law enforcement officers to intimidate victims into paying money to avoid fake arrests. The government said the new identification system could facilitate the creation of more convincing fake profiles to carry out these crimes [1, 2].

WhatsApp has not yet provided a public timeline for the resumption of the rollout. The notice requires the company to engage in further discussions with government authorities to ensure the feature does not compromise user safety [1, 2].

The move comes as India continues to tighten its grip on social media and messaging platforms to curb the spread of misinformation and cybercrime [1, 2].

The Centre issued a notice asking WhatsApp to pause the rollout of its new username feature

This clash underscores a broader regulatory trend in India where the state prioritizes the prevention of cyber-fraud over the feature updates of global tech firms. By flagging 'digital-arrest' scams, the government is addressing a specific, rising pattern of social engineering that relies on the perceived legitimacy of a profile; a username feature could potentially mask a scammer's true identity more effectively than a traceable phone number.