A Name Without Context: Why The Upcoming CNAP Solution Could Confuse More Than It Protects

For every mobile user in India today, an incoming phone call has become less of a convenience and more of a shot in the dark. Unknown numbers flash on the screen, often holding urgency, authority, or familiarity—claims of being from banks, government offices, or service providers—leaving users to constantly question whether to answer or ignore it. In a time when scams are rising and people feel unsure, anything that promises clarity feels very appealing.

India’s telecom ecosystem is on the verge of introducing Calling Name Presentation or CNAP, a feature that promises to display a caller’s name using telecom KYC records. At the outset, it feels like a decisive move against India’s growing spam and scam epidemic. But scratch the surface, and the proposition begins to look far less straightforward—raising questions that are as concerning as they are consequential for end users.

The key challenge with CNAP lies in its dependence on a static identity in a world where fraud is highly dynamic. The name displayed through CNAP reflects the individual or entity that originally registered the SIM card, not necessarily the person currently using it. In India, SIM cards are often shared among family members, used by employees within organizations, or even resold and recycled. In some cases, they may also be obtained through fraudulent means like fake ids. As a result, the name that appears on the screen may be outdated, irrelevant, or simply misleading - leading to more uncertainty and danger.

In a country like India, where people often place a high degree of trust in familiar names or authoritative-sounding identities, this can lower natural suspicion. If a call displays a common name like “Rajesh Kumar” or something that appears similar to a bank or government office, many users may instinctively trust it — even if the intent behind the call is malicious. The presence of a name, especially one that seems verified, can make scams more convincing rather than less.

The deeper problem is that CNAP provides identity without any additional context. It answers the question “what name is linked to this number?” but fails to address the far more important question: “why is this person calling?” Modern fraud detection relies on behavioral signals such as unusual calling patterns, reports from other users, and real-time risk indicators. These systems are designed to identify suspicious activity as it happens. CNAP, on the other hand, does not account for behavior, intent, or risk—it simply displays a static label.

Additionally, KYC databases are not designed to reflect real-time usage. User names may remain attached to numbers long after ownership or usage has changed. Corporate or bulk connections may display generic or confusing names, while spelling errors or outdated records can further reduce clarity. Instead of helping users make better decisions, this can create a false sense of precision — where the information looks accurate but lacks real-world relevance.

Possibly the most concerning outcome is the false sense of security CNAP may end up creating. Because it is a network-level feature backed by telecom operators, users may perceive it as more trustworthy than it actually is. This perceived authority can lead to over-reliance, where users assume that a displayed name equates to authenticity. However, as seen globally, identity alone is not a reliable indicator of trust. Fraudsters are highly adaptive and often exploit exactly these kinds of trust signals to make their attacks more effective.

Even when the name shown is correct, there is a risk that CNAP could unintentionally expand the attack surface for scammers. Access to full names linked to phone numbers can help fraudsters craft more personalized and targeted scams. Combined with information from other platforms like messaging apps or social media, this can make fraudulent interactions appear even more credible. At the same time, exposing names by default without user consent raises privacy concerns, particularly in situations where individuals may not want their identity to be easily accessible to unknown callers.

Another limitation is that CNAP operates only within the traditional telecom network and for numbers within India, while a major portion of communication today happens through internet-based platforms like WhatsApp, Telegram and other such apps. This means that even if CNAP works as intended, it addresses only a part of the problem, leaving users vulnerable on other channels where scams are rapidly increasing.

Ultimately, CNAP is not fundamentally flawed - it is simply incomplete. A name can be a useful piece of information, but it cannot serve as a standalone indicator of trust. Without additional context or name tags such as risk signals, behavioral insights, or clear warnings, it may end up doing more harm than good.

In today’s environment, the primary question is no longer just “who is calling?” but “should this call be trusted?” By focusing only on identity and ignoring intent, CNAP risks oversimplifying a complex problem. In doing so, it may inadvertently confuse users, reinforce misplaced trust, and make scams more believable - precisely the opposite of what it aims to achieve.