India halts WhatsApp usernames: fraud or innovation?
Indian government demands pause and justification from Meta, warning of massive identity theft.
July 8, 2026 · 4 min read
TL;DR: India halted the launch of WhatsApp usernames over fears of mass impersonation. Meta has 72 hours to justify the feature. The case reflects the tension between privacy and security in the app's largest market.
What happened?
On June 29, 2026, WhatsApp announced the global launch of usernames, a feature that allows users to identify themselves with a unique alias (e.g., @username) instead of a phone number. However, 48 hours later, India's Ministry of Electronics and Information Technology (MeitY) sent a letter to Meta demanding a pause on the rollout in the country and a justification within 72 hours that the feature would not facilitate mass fraud. The notification, seen by Reuters, was reported by Alina Maria Stan in The Next Web on July 2, 2026. As of this analysis, usernames are not available in India.
Why is this important?
India is WhatsApp's largest market, with over 500 million users. MeitY's decision is not isolated: the country has been combating digital fraud for two years, especially 'digital arrest' calls where scammers impersonate authorities. The specific concern is that usernames could allow impersonation of banks, government agencies, or public figures without verification. As the source notes, anyone could register as @BancoSantanderOficial, opening the door to large-scale scams.
Consequences and context
This pause could delay the global rollout if other regulators follow suit. Meta has already responded that the feature is not active in India and that it has reserved names of official entities to prevent impersonation. However, the 72-hour deadline is a credibility test. If MeitY is not satisfied, it could impose sanctions or demand design changes, such as mandatory identity verification. This would affect WhatsApp's value proposition against competitors like Telegram, which already offers usernames without similar restrictions.
“The Indian regulatory logic is simple: if anyone can choose an alias without linking it to a verified number, the fraud vector is obvious,” notes TheVortiq analysis.
The conflict between privacy and security is not new. In 2021, Brazil blocked WhatsApp Payments over similar concerns, and in 2024, the European Union demanded changes in messaging interoperability. India, with its massive user base and history of phone scams, is particularly sensitive. According to Indian government data, over 200,000 digital fraud cases were recorded in 2025, many involving identity theft. The username feature, by decoupling identity from phone numbers, could double the attack vectors.
What should readers know?
- Users in India: The feature is temporarily blocked. Do not try to activate it as it will not be available until MeitY authorizes it.
- Global users: Although the rollout continues in other countries, the Indian precedent could lead to regulatory reviews in other nations, especially those with strict anti-fraud laws.
- Businesses: If you plan to use usernames for branding on WhatsApp, ensure you verify your accounts with Meta before the feature is widely available.
- Security: Identity theft is a real risk. Enable two-step verification and do not share registration codes.
Technical and regulatory analysis
The username feature is based on a unique alias system, similar to Telegram or Signal. WhatsApp claims that names can be changed and that verified accounts retain their status. However, the lack of mandatory verification for all users is the critical point. India demands that any alternative identity be linked to a verified phone number, which contradicts the privacy goal of the feature. This conflict between privacy and security is not new: in 2021, Brazil blocked WhatsApp Payments over similar concerns. The resolution of this case will set a precedent for future Meta innovations in emerging markets.
The 72-hour deadline imposed by MeitY is unusually short for a regulatory process. Sources close to Meta indicate that the company is preparing a detailed response including plans to verify high-risk names and reporting mechanisms. However, if the Indian government demands mandatory verification, Meta could face a dilemma: comply and weaken privacy, or withdraw the feature from the country. Either way, the impact on user trust will be significant. Telegram's experience shows that usernames can be safe if combined with checks, but WhatsApp's scale makes any failure catastrophic.
In conclusion, the Indian pause is not a simple technical setback but a signal that regulators are vigilant about the implications of new features. Meta must demonstrate that it can innovate without opening security gaps, and the outcome of this case will influence how other jurisdictions address digital identity in mass messaging platforms.