
India’s attempt to stop WhatsApp’s username rollout is becoming more than a domestic regulatory dispute. It is emerging as an early test of how far governments can influence the design of encrypted messaging platforms before new features reach users.
The confrontation comes as WhatsApp prepares one of its biggest identity changes since launching in 2009. The platform, which now serves more than three billion users worldwide, is introducing optional usernames that will eventually let people connect without sharing their mobile numbers. India, WhatsApp’s largest market with more than 850 million users, has asked Meta to pause the feature over concerns that it could make impersonation and financial fraud easier.
Digital rights advocates argue the debate extends well beyond India. If Meta alters or withdraws the feature for one market, they warn, other governments could seek similar concessions over future product design.
Why India Has Raised Concerns About WhatsApp Usernames
WhatsApp’s new username system allows users to connect without revealing their phone numbers. Instead of sharing a mobile number, people will eventually be able to exchange unique usernames while their phone number remains tied to the account behind the scenes.
Meta began rolling out username reservations globally at the end of June, describing the feature as an additional privacy layer for its more than three billion users. The rollout also reflects WhatsApp’s broader evolution beyond private messaging as Meta expands the platform with business services, AI tools, payments and digital commerce. Usernames are intended to let people and businesses connect without exposing personal phone numbers while maintaining a consistent public identity.
The company also confirmed there will be no searchable username directory, users must know an exact username before making first contact, and an optional username key can add another layer of protection.
India, however, sees another side of the equation.
The Ministry of Electronics and Information Technology (MeitY) argues that usernames could make impersonation, phishing and financial fraud more difficult to detect by removing phone numbers from public view. It issued notices to WhatsApp, Telegram, Signal and Arattai, asking them to explain how their username systems address those risks.
WhatsApp agreed not to launch the feature in India while discussions continue and submitted its written response to the government, which is now reviewing the company’s position.
What WhatsApp Says It Has Built to Prevent Abuse
Meta maintains that usernames do not remove accountability from the platform.
Every WhatsApp account will still require a verified phone number behind the scenes, even if other users no longer see it during initial conversations.
The company says it has reserved usernames linked to public figures, government institutions, celebrities and verified Meta accounts to reduce impersonation. It has also blocked lookalike variations of prominent names from being claimed by unrelated users.
Other safeguards include limits on how many new people an account can contact, restrictions on repeated attempts to guess username keys and systems designed to detect impersonation and other abusive behaviour.
Those protections form the centrepiece of Meta’s response to regulators concerned that usernames could become another tool for scammers.
Privacy Advocates See a Broader Policy Question
Several digital rights and cybersecurity experts argue that India’s concerns extend beyond fraud.
Namrata Maheshwari of Access Now warns that requiring platform-specific changes for one country could encourage similar requests elsewhere, leaving technology companies maintaining different privacy standards across markets.
Security technologist Bruce Schneier argues that usernames, like email addresses and phone numbers, are communication infrastructure that can be abused but are not inherently responsible for cybercrime.
The Electronic Frontier Foundation also questioned whether evidence exists showing username-based messaging leads to more fraud than systems already used by Telegram or Signal.
Others see the dispute as unusual because regulators are questioning the design of a feature before it has been widely deployed rather than responding to demonstrated harm.




