Tourists are shown a digital display of the messaging app WhatsApp on the forecourt of the iconic India Gate in Mumbai on August 25, 2023.
Indranil Mukherjee | AFP | Getty Images
US social media giant meta platform The company has defended the publication of usernames on its messaging platform after the Indian government announced Wednesday that the move could lead to an increase in cybercrime.
“Users still need a phone number to use WhatsApp, and we’ve built multiple layers of protection against fraud into usernames,” a Meta spokesperson told CNBC in an email.
The tech company said it will limit the number of new people an account can contact, block repeated attempts to guess usernames, and allow its systems to detect and remove activity that shows common patterns related to impersonation and fraud.
It added that the username feature has not yet been rolled out and will be rolled out “slowly later this year.” On Monday, WhatsApp introduced usernames, billing it as a “key privacy feature” designed to let people stay connected without revealing their phone numbers.
The Indian government said the username feature “could significantly increase the incidence of online fraud, phishing, digital arrest fraud, and identity theft attacks by allowing malicious actors to recruit victims and send messages,” according to a report by Indian news agency ANI.
The government has given WhatsApp three days to provide a detailed explanation of the feature or take action under the country’s information technology regulations. The company has been instructed to pause the rollout of this feature until the government’s concerns are resolved.
Safety over privacy
While user privacy plays a role in policy-making, “the explosion in cyber-based financial crime has definitely shifted the focus towards security,” Reema Bhattacharya, head of Asia research at Verisk Maplecroft, told CNBC.
Meta’s proprietary March Adversarial Threat report found that online fraud syndicates are targeting users in India more frequently than in countries outside the United States. According to the Indian government, cybercrime incidents more than doubled from 1 million in 2022 to nearly 2.3 million in 2024.
Experts say India has more than 500 million WhatsApp users, a size that makes it susceptible to government surveillance.
Neil Shah, vice president of research at Counterpoint Research, said WhatApp’s reach, combined with its username feature, means “misinformation can spread even faster,” and scammers can use familiar names and photos to impersonate people.
Some of these concerns are addressed by meta. The company told CNBC it reserves the most high-profile names that can only be claimed by their rightful owners and refrains from similar derivatives of known names to prevent identity theft.
Bhattacharya said governments increasingly expect digital platforms to share responsibility for mitigating harm, but added that it is difficult to “draw the line between lawful regulation and measures that may stifle innovation or weaken user privacy.”
The government’s oversight of WhatsApp’s username feature comes just weeks after India temporarily banned Telegram to prevent exam fraud during important national exams.
The government said the platform hosted multiple channels that falsely claimed to have leaked exam questions and demanded money from test takers and their families for access. Telegram countered that the measure was meant to punish India’s “150 million general users of the app” and not the person who leaked the exam materials.
