WhatsApp has begun rolling out username reservations, allowing users to find and message one another via handles instead of phone numbers, ahead of a broader launch planned for later this year. This feature is raising impersonation concerns, attracting scrutiny from security experts and regulators in India, where the app has over 500 million users.
The change represents a fundamental shift in user identification on the platform. Meta, which owns WhatsApp, claims this model enhances privacy, but critics warn it could increase opportunities for impersonation. In early testing, available usernames included those resembling notable Indian figures, such as “indiamodi,” “shahrukh.actor,” “teamamitabh,” “ambanijio,” and “rbi_verify.”
Binance founder Changpeng Zhao reported he was unable to reserve “cz_binance,” the handle he uses on other platforms. When questioned about protection against impersonation, Meta stated it reserves usernames for public figures and some variations to prevent misuse but did not clarify the criteria used for reserving certain names.
Tried, couldn't reserve that name. So, definitely not me. 🤣 https://t.co/s779rWSSlY
— CZ 🔶 BNB (@cz_binance) June 30, 2026
The issue has caught the attention of Indian regulators, where cyber fraud using messaging platforms is a prevalent concern. The Ministry of Electronics and Information Technology (MeitY) warned that allowing users to contact others without exposing their phone numbers could significantly increase online fraud, phishing, and impersonation attacks. In a notice sent to WhatsApp, the ministry sought justification for the feature’s rollout and requested a delay until further consultations were completed.
An official within the Indian IT ministry confirmed ongoing discussions with WhatsApp regarding the feature. The Internet Freedom Foundation (IFF), a digital rights group, criticized MeitY’s notice, claiming it lacked a legal basis and could grant the government excessive control over technology product features.
The foundation stated, “Impersonation and fraud are real risks, but they are met by enforcing the criminal law against those who commit them,” opposing regulatory actions that could dictate product design. This argument aligns with previous concerns raised in a Delhi High Court case involving Telegram, highlighting potential risks of identity concealment and illicit content spread associated with username usage.
Rachel Tobac, CEO of SocialProof Security, told TechCrunch that while usernames can enhance privacy by reducing the need to share phone numbers, they also introduce risks related to lookalike usernames. “Ultimately, usernames are a great idea to avoid leaking your phone number to folks you don’t know, but it’s important to verify identity with the username function too,” Tobac said.
WhatsApp suggests users choose unique usernames to avoid impersonation. It also allows users to link existing Instagram or Facebook usernames to maintain consistency across platforms. The Mozilla Foundation expressed concerns about the potential for new scams and impersonation due to these design changes. They noted that the ability to claim existing usernames may also reveal how easily Meta can unify user identities across its services.
Currently, WhatsApp is adopting a cautious approach to the feature’s rollout. The company stated, “We’re taking our time and listening to feedback so that when it rolls out later this year we get it right.”





