The Central government has broadened its scrutiny of digital messaging platforms by issuing notices to Meta-owned WhatsApp, Telegram and Signal over features that enable users to communicate without disclosing their mobile numbers.
The move comes amid growing concerns within the Ministry of Electronics and Information Technology (MeitY) that anonymity-based communication tools could be misused for cybercrimes, including impersonation, phishing attacks, financial fraud and so-called digital arrest scams.
Speaking to reporters in New Delhi on Friday, MeitY Secretary S Krishnan said the government sees a significant risk that such features could facilitate cybercrime by making it easier for fraudsters to conceal their identities.
Krishnan said the Centre is closely examining the implications of username-based communication systems and their potential impact on online safety.
“We have taken up the issue of using usernames because there is a serious possibility of impersonations and there is the kind of encouragement that facilitates cybercrime, which is a very serious issue,” he said.
According to officials, allowing users to interact solely through usernames could create new opportunities for cybercriminals to approach potential victims while masking their true identities. Authorities believe this may complicate efforts by users to verify who they are communicating with and increase the risk of fraudulent activities.
The government’s concerns follow a notice issued to WhatsApp’s parent company, Meta, on July 1 regarding the platform’s proposed username-based messaging feature.
In the notice, the Centre warned that communication based solely on usernames could potentially increase incidents of phishing, impersonation, digital arrest scams, financial fraud and other cyber offences.
Officials directed WhatsApp to defer the rollout of the feature until consultations with the government are completed and concerns related to user safety are adequately addressed.
The notice also sought an explanation from the company on why action should not be initiated under provisions of the Information Technology Act and related rules if the feature is found to facilitate cybercrime.
Government officials reminded the company that WhatsApp, classified as a Significant Social Media Intermediary under Indian law, is required to comply with due diligence obligations aimed at preventing misuse of its platform.
WhatsApp is reportedly developing a system that would allow users to create unique usernames, similar to features already available on Telegram and Instagram.
Under the proposed model, users would be able to connect and exchange messages without sharing their mobile numbers. The feature is intended to enhance privacy by reducing the need to disclose personal contact information.
However, officials argue that such a system may make it more difficult for users to verify identities, creating opportunities for fraudsters to pose as government officials, bank representatives, company executives or trusted contacts.
Authorities fear that cybercriminals could exploit anonymous communication channels to launch phishing campaigns, investment scams and other forms of online fraud.
Responding to the government’s concerns, WhatsApp has said that several safeguards have been incorporated into the proposed feature.
According to the company, usernames linked to public figures, celebrities, government institutions and verified Meta accounts have been reserved to ensure they can only be claimed by legitimate owners.
WhatsApp has also stated that it has introduced measures to block deceptive lookalike usernames that could be used to impersonate prominent individuals, organisations or institutions.
The company maintains that these protections are designed to reduce risks associated with fraud, impersonation and misinformation while preserving user privacy.
The government’s scrutiny has now expanded beyond WhatsApp to include Telegram and Signal, both of which already allow users to communicate through usernames while keeping their phone numbers hidden.
According to officials, both platforms have been asked to explain what safeguards they have in place to prevent impersonation, identity fraud and other forms of misuse linked to anonymous communication features.
The notices seek details regarding verification systems, security controls, user protection mechanisms and procedures for preventing criminals from exploiting username-based interactions.
The move marks a broader regulatory review of anonymity-driven communication tools across major messaging platforms rather than focusing on a single feature under development.
Government officials have linked their concerns to the increasing number of cyber fraud cases reported across the country.
Authorities believe anonymous communication features could be exploited by criminals posing as police officers, government officials, bank employees or corporate representatives. Such tactics have frequently been used in digital arrest scams, where victims are threatened with legal action and coerced into transferring money.
Officials also warn that anonymity may facilitate identity theft, financial fraud, phishing attacks and organised cybercrime networks operating across jurisdictions.
Law enforcement agencies have argued that concealed identities could complicate investigations by making it more difficult to trace suspects and establish links between cybercriminals and their activities.
The latest notices come amid heightened scrutiny of Telegram by Indian authorities.
Government agencies have previously expressed concerns that Telegram’s username-based communication model and encrypted messaging features could be exploited by cybercriminals while making enforcement efforts more challenging.
Officials say the current review is aimed at ensuring that privacy-enhancing technologies do not inadvertently create opportunities for criminal misuse.
With notices now issued to WhatsApp, Telegram and Signal, the Centre has signalled a wider regulatory focus on anonymity features across digital communication platforms as it seeks stronger safeguards against cyber fraud and online impersonation.













