HomeEverything
Equities & FundsCrypto & Digital AssetsAI & TechnologyBusiness & CorporateUS Politics & PolicyGeopolitics & Global RiskMacro, Rates & FXCommodities & EnergyEuropean Politics & MarketsAsia-PacificReal Estate & Property
← All Stories

India regulators flag WhatsApp username feature for impersonation risk

Created at 1 Jul · 10:25 PM1 source↑ Market-relevant
IN SHORT

India's Ministry of Electronics and Information Technology has warned WhatsApp that its new username feature could increase fraud and impersonation, requesting the company explain why regulatory action should not be taken and to halt the rollout until consultations are complete.

✉Newsletter

PiQ Daily

Pick your topics. Get only what matters, on your cadence.

Key Numbers

500 millionWhatsApp users in India

Who's Involved

WhatsApp
messaging platform rolling out username feature
Meta
parent company of WhatsApp
Ministry of Electronics and Information Technology (MeitY)
Indian regulator issuing notice to WhatsApp
Narendra Modi
Indian Prime Minister referenced in username example
Shah Rukh Khan
Bollywood actor referenced in username example
Amitabh Bachchan
Bollywood actor referenced in username example
Mukesh Ambani
Billionaire referenced in username example
Reserve Bank of India
Indian financial institution referenced in username example
Changpeng Zhao
Binance founder
Rachel Tobac
CEO of SocialProof Security
Internet Freedom Foundation (IFF)
digital rights group
Mozilla Foundation
organization flagging potential tradeoffs
India regulators flag WhatsApp username feature for impersonation risk

↳ Why This Matters

The introduction of usernames on WhatsApp, while aiming to enhance privacy, presents significant risks of impersonation and fraud, prompting regulatory scrutiny in key markets like India and raising questions about platform design and user safety.

Key facts

  • India's Ministry of Electronics and Information Technology (MeitY) has raised concerns about WhatsApp's new username feature.
  • Regulators warned the feature could facilitate impersonation and increase online fraud, phishing, and scams.
  • MeitY directed WhatsApp to explain why regulatory action should not be initiated and to halt the feature's rollout.
  • Examples of usernames resembling prominent Indian figures and institutions were found to be available for reservation.
  • Meta stated it reserves usernames for public figures and government entities but did not detail its process for handling lookalike names.

WhatsApp has begun rolling out a username reservation feature, allowing users to be found and messaged via handles instead of phone numbers. This change, intended by Meta to enhance privacy, has immediately triggered concerns about impersonation and fraud, particularly in India, WhatsApp's largest market.

Security experts and Indian regulators have voiced apprehension that the new system could enable malicious actors to impersonate individuals, public authorities, and financial institutions without revealing their phone numbers. Early testing revealed that usernames resembling prominent figures like Indian Prime Minister Narendra Modi, Bollywood stars Shah Rukh Khan and Amitabh Bachchan, and institutions such as the Reserve Bank of India were available for reservation.

Meta has stated that it reserves usernames for public figures and government entities, along with some variations, but has not elaborated on its process for identifying and reserving lookalike handles. Binance founder Changpeng Zhao reported being unable to reserve his existing handle, "cz_binance."

India's Ministry of Electronics and Information Technology (MeitY) issued a notice to WhatsApp, warning that the feature could significantly increase online fraud, phishing, and impersonation attacks. The ministry directed WhatsApp to explain why regulatory action should not be taken under India's IT laws and to pause the feature's rollout until consultations are complete.

Digital rights group Internet Freedom Foundation (IFF) criticized MeitY's notice, arguing it lacked a clear legal basis and could grant the executive excessive power over product design. They contend that impersonation and fraud should be addressed through criminal law enforcement rather than dictating platform features.

The situation draws parallels to observations made by the Delhi High Court regarding Telegram's username feature, which suggested that usernames could facilitate the concealment of identity and the faster spread of illicit content. Security experts like Rachel Tobac of SocialProof Security acknowledge that usernames offer a privacy benefit by reducing phone number sharing but emphasize that lookalike handles still present impersonation risks. Tobac advises users to choose unique, non-guessable usernames.

The Mozilla Foundation also flagged potential downsides, including an increase in scams from fake handles, and noted that while usernames reduce phone number exposure, the platform's design choices permit these harms. They also pointed out that Meta's ability to link usernames across its platforms highlights its control over user identity management.

Frequently asked questions

WhatsApp is rolling out a username reservation feature that allows users to find and message each other using a handle instead of a phone number.

The primary concerns are that the username feature could be exploited for impersonation, fraud, phishing, and scams, as malicious actors could create handles that closely resemble those of legitimate individuals or organizations.

India's Ministry of Electronics and Information Technology (MeitY) has issued a notice to WhatsApp, warning of the risks and asking the company to explain why regulatory action should not be taken and to pause the feature's rollout.

Meta states it reserves usernames for public figures and government entities, including some variations, but has not detailed its process for handling lookalike usernames.

What Happens Next

01WhatsApp will engage in consultations with Indian regulators.
02WhatsApp may adjust its username rollout strategy based on feedback and regulatory engagement.

Get the newsletter.

Pick the topics you actually care about. We'll email when there's news worth your time, on the cadence you choose. Cancel any time from your account.

Cadence

How It Developed

WhatsApp began rolling out username reservations ahead of a broader launch.
Concerns about impersonation and fraud were raised by security experts and regulators in India.
Examples of potentially reservable usernames resembling public figures and institutions were found.
Meta stated it reserves usernames for public figures and government entities but did not detail its process for lookalike names.
India's Ministry of Electronics and Information Technology (MeitY) sent a notice to WhatsApp.
MeitY warned the feature could increase online fraud and impersonation by allowing bad actors to contact users without revealing phone numbers.
The ministry directed WhatsApp to explain why regulatory action should not be initiated and to pause the feature's rollout.
A senior government official confirmed engagement with WhatsApp over the feature.

Sources

T1
WhatsApp usernames are already raising impersonation red flagsTechCrunch

Related Stories

India asks WhatsApp to hold 'usernames' rollout pending consultations
1 Jul · 5:27 PM
UK banks launch voluntary digital ID service amid government controversy
1 Jul · 2:05 AM
China's new 'ethnic unity' law sparks fears of targeting critics abroad
1 Jul · 6:50 AM
US FTC: AI bias safeguards could violate consumer law
1 Jul · 7:10 PM
FBI deems Nancy Guthrie kidnapping notes fake, source says
1 Jul · 1:10 AM