WhatsApp Rolls Out Usernames to Kill Mandatory Phone Number Sharing 

A massive architectural shift is finally coming to WhatsApp, tackling one of its longest-standing and most heavily criticised design flaws. For well over a decade, using the application has required an uncompromising trade-off: if you wanted to chat with someone, you had to hand over your personal mobile number. This structural setup has long been a glaring privacy vulnerability, forcing users to expose their private contact details to casual delivery drivers, Facebook Marketplace buyers, or hundreds of absolute strangers in massive public group chats just to coordinate a simple interaction or send a quick message. 

To fix this systemic issue, the platform is rolling out a highly anticipated unique username feature that is currently undergoing vital beta testing. This upcoming privacy-first technology allows you to claim a distinct, personal handle, much like an Instagram tag or an X username. Instead of swapping digits with people you barely know, you can simply share your unique handle to connect with them, meaning you can initiate or accept chats while keeping your private mobile number completely hidden from the public eye. 

• Custom Handle Creation: Users can select a distinct, personalised username directly within their profile settings, which must follow standard availability rules. 

  
  

• Complete Number Masking: Once a username is established, strangers who search for you or message you via your handle will see your chosen name and tag, while your actual phone number remains entirely invisible. 

  
  

• Granular Privacy Toggles: The update introduces settings allowing you to decide who can find you by your phone number versus who must look you up via your unique handle. 

  
  

• Seamless Group Integration: When joining massive public communities or large promotional channels, your profile will display your handle to other members, effectively stopping bulk scraping of personal phone numbers by bad actors. 

Under the hood, your physical phone number isn’t disappearing from the ecosystem entirely. It will continue to remain securely tied to your profile strictly for backend account verification, system authentication, and secure logging in, ensuring the app's core infrastructure and spam-prevention systems stay completely stable. However, on the user-facing front end, this new system acts as a total cryptographic shield for your personal identity, giving you far greater control over who gets access to your actual phone line and preventing unwanted calls or harassment down the road. 

This long-awaited upgrade successfully bridges a massive functionality gap between WhatsApp and its more privacy-focused competitors, such as Telegram and Signal, which have successfully offered username-based chatting for years. By removing the mandatory requirement to share your mobile number for everyday communication, the platform is making casual digital interactions significantly safer, reducing the risk of identity exposure, and bringing the global messaging giant firmly in line with modern privacy expectations. 

Source: WhatsApp Finally Lets Users Hide Phone Numbers With New Username Feature: How To Set It Up Now - Tech 

News of the week:   

1. Researchers Warn New WiFi Tech Can Turn Every Router into a Surveillance Tool  

Image Credits 

Scientists at the Karlsruhe Institute of Technology in Germany have published an alarming study warning that ordinary home and office Wi-Fi networks can be transformed into highly precise surveillance tools. The method relies on unencrypted beamforming feedback information, which is a standard signal adjustment feature built into modern routers since Wi-Fi 5, combined with advanced machine learning algorithms. By analysing how radio waves bounce off moving bodies, the system can identify specific individuals with an eerie 99.5% accuracy, essentially acting as an invisible camera that maps a room in real time based on a person's unique physical presence. 

Because these feedback signals are transmitted completely without encryption, the privacy implications are profoundly worrying. Hackers, corporate entities, or state authorities could silently intercept the data to track and identify people passing by a public venue or moving inside a building. Crucially, this passive surveillance method requires absolutely no active participation from the targets, meaning individuals do not need to connect to the Wi-Fi network or even have a mobile phone in their pocket to be accurately monitored. 

Source: Researchers Issue Warning About Tech That Could Turn Every Router 'Into a Potential Means for Surveillance' 

2. Supreme Court Issues Notice to Centre on High-Stakes Battle Over Privacy Law  

 Image Credits 

The Supreme Court of India has issued a formal notice to the Union government regarding petitions challenging the Digital Personal Data Protection Act. In a fascinating paradox, media outlets and transparency advocates argue that India's new privacy laws are actually too strict, making them dangerous to public accountability. 

The legal battle centres on Section 44 of the Privacy Act, which amended the historic Right to Information Act to completely block the disclosure of personal information. Petitioners argue that corrupt public figures are now weaponising this privacy clause as a shield to deny access to public records, salaries, and asset declarations. 

Activists fear that by prioritising absolute personal data protection over the public’s right to know, the new framework fundamentally weakens vital democratic checks and balances. They worry these sweeping changes will dismantle decades of hard-won transparency initiatives that allow citizens to hold government officials accountable. 

Source: Supreme Court Issues Notice on Pleas Challenging DPDP Act’s Impact on RTI Act 

3. CERT-In Mandates 12-Hour Vulnerability Patching to Combat AI-Driven Exploitation  

Image Credits

The Indian Computer Emergency Response Team (CERT-In) has published a strict cyber defence blueprint imposing an aggressive 12-hour patching timeline for internet-facing systems. The agency took this drastic step to combat a massive surge in automated network intrusions, warning that threat actors are now using rogue AI tools and large language models to weaponise bugs within hours of public disclosure. This new mandate requires enterprises, cloud providers, and critical infrastructure facilities to apply hotfixes or isolate systems within half a day of a vulnerability being flagged. 

CERT-In highlighted that traditional multi-week patching cycles are completely obsolete because autonomous AI exploitation toolsets have collapsed the timeline between software exposure and a catastrophic data breach. With cybercriminals accelerating exploit generation at an unprecedented pace, the framework forces organisations to shift toward continuous exposure management to protect digital infrastructure. 

Source: CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks.   

Want to stay ahead? 

Secure your communications today with a tailored privacy and compliance strategy from Tsaaro.com.