5 hours ago
3
In an effort to enhance cybersecurity and bolster public confidence in digital banking, the Reserve Bank of India (RBI) has mandated that all banks shift their digital platforms to a standardized ‘bank.in’ domain by October 31, 2025. This directive is a cornerstone of RBI’s larger initiative to safeguard India’s rapidly expanding digital finance landscape. It encompasses not only bank websites but any online services customers access.
RBI Governor Sanjay Malhotra originally made the announcement during the Monetary Policy Committee (MPC) meeting held on February 7, which was officially formalized through a circular issued on April 22.
Looking ahead, the RBI also intends to introduce a similar domain—‘fin.in’—to serve financial institutions outside the traditional banking sector. This expansion reflects a broader effort to bring all regulated financial entities under a unified and secure digital identity system.
The RBI hopes to lay a stronger foundation for trust, safety, and resilience in India’s digital finance ecosystem by establishing domain exclusivity for financial institutions.
“It has now been decided to operationalise the ‘. bank.in’ domain for banks through the Institute for Development and Research in Banking Technology (IDRBT), which has been authorised by National Internet Exchange of India (NIXI), under the aegis of the Ministry of Electronics and Information Technology (MeitY), to serve as the exclusive registrar for this domain,” RBI said in the circular.
“Banks may contact IDRBT at [email protected] to initiate the registration process. IDRBT shall guide the banks on various aspects related to application process and migration to new domain. All banks are advised to commence the migration of their existing domains to the ‘.bank.in’ domain and complete the process at the earliest and in any case, not later than October 31, 2025,” RBI said.
In its February 7 ‘Statement on Developmental and Regulatory Policies’, RBI said that increased fraud in digital payments is a significant concern. As part of its strategy to tackle these threats, the RBI has launched a dedicated internet domain—‘bank.in’—exclusively for Indian banking institutions. This move is designed to create a more secure digital environment by minimizing risks such as phishing scams and other forms of online deception.
Introducing the ‘bank.in’ domain represents a proactive approach to safeguarding digital banking channels and reinforcing consumer confidence in online financial transactions. By providing a trusted and verified web address for all legitimate banking services, the RBI aims to streamline access to secure financial platforms and reduce the likelihood of customers falling prey to fraudulent websites.
The responsibility for managing and overseeing domain registrations under ‘bank.in’ will rest with the Institute for Development and Research in Banking Technology (IDRBT). As the sole authorized registrar, IDRBT will facilitate the registration process. Banks will receive separate comprehensive implementation guidelines to ensure a smooth transition to the new domain framework.
Digital payment safety
The RBI has been taking several measures to ensure the safety of digital transactions. This is especially significant because India expects its digital economy to grow almost twice as fast as the overall economy, contributing to nearly one-fifth of national income and surpassing the one trillion mark by 2029-30. India’s digital economy was at 11.74% of the national income in 2022-23 and is likely to rise to 13.42% by 2024-25. India’s digital economy in 2022-23 was roughly $402 billion in gross domestic product (GDP).
Earlier this year, RBI implemented an ‘Additional Factor of Authentication’ (AFA) to enhance the security of digital payment transactions. RBI said this move has played a key role in boosting consumer confidence and encouraging wider adoption of digital payment methods.
“In order to provide a similar level of safety for online international transactions using cards issued in India, it is proposed to enable AFA for international card not present (online) transactions as well. This will provide an additional layer of security in cases where the overseas merchant is enabled for AFA. Draft circular will be issued shortly for feedback from stakeholders,” RBI said.
The RBI has also been conducting public awareness campaigns across various mediums, such as text messages, television and digital advertisements, under the ‘RBI Kehta Hai’ (RBI Says) initiative. The RBI is now further expanding its outreach by adding WhatsApp as an additional means to deliver public awareness messages.
“Through the verified ‘Reserve Bank of India’ account on WhatsApp, we aim to make important financial information more accessible to everyone, regardless of their geographical location. This initiative will ensure that vital information reaches people in a simple, direct, and effective manner, strengthening trust and resilience in our digital financial ecosystem,” RBI said in a statement.
Watch: Cybersecurity fundamentals in today’s digital age with AI & Web3
English (US) · 