MUMBAI: Reserve Bank of India‘s (RBI) decision to introduce exclusive domains for banks will make it easier to identify genuine banking websites and avoid phishing scams. Customers can verify a bank’s authenticity by checking if its website has the ‘bank.in’ extension before making transactions.
RBI governor Sanjay Malhotra said rising fraud in digital payments is a major concern, prompting the central bank to introduce the ‘bank.in’ domain exclusively for Indian banks.This initiative aims to curb cyber threats while ensuring secure financial services. “The move will enhance trust in digital banking and payment services,” he said.
Institute for Development and Research in Banking Technology (IDRBT) will be the exclusive registrar, with registrations beginning in April 2025, Malhotra said. “Detailed guidelines for banks will be issued separately,” he added. A separate domain, ‘fin.in’ is planned for non-bank financial entities in the future.
Internationally, Internet Corporation for Assigned Names and Numbers – a non-profit that manages internet domain names – paved way for new generic top-level domains (gTLDs) in 2012, allowing organisations to apply for custom domain extensions. Following this, a group of banks and financial service trade associations formed fTLD Registry Services to operate the ‘bank gTLD’.
The ‘bank.in’ domain launched in 2015, providing a verified and more secure online presence for banks worldwide. It was introduced as a measure to enhance cybersecurity, prevent phishing, and create a trusted space for financial institutions and their customers.