India's RBI Introduces Exclusive "bank.in" Domain to combat Digital Banking Fraud

To enhance digital banking security and protect consumers from online banking fraud, the Reserve Bank of India (RBI) has introduced the exclusive "bank.in" domain for all regulated banking institutions in India. This initiative aims to mitigate the rising threats of digital banking fraud by providing a secure and verified online presence for banks operating in the country.

 

Also Read: Number of Bank Fraud Cases Rise in India to 265%: RBI

With the surge in online banking transactions, cybercriminals have exploited vulnerabilities by launching phishing attacks, fake banking websites, and fraudulent email campaigns that mimic legitimate banks. For this, the Institute for Development and Research in Banking Technology (IDRBT) will act as the exclusive registrar. Registrations for the domains are expected to start from April 2025. The RBI's decision to implement an exclusive bank.in domain strategy ensures that customers can easily identify and trust official banking websites, reducing the risk of financial fraud.

The growing adoption of digital banking has revolutionized financial transactions in India, offering seamless access to banking services. However, this digital shift has also led to a rise in cyber threats, with fraudsters creating fake banking portals to deceive users into sharing sensitive information, such as login credentials, OTPs, and banking details.

The RBI’s exclusive domain for banks under "bank.in" aims to:

Enhance banking fraud prevention by eliminating fraudulent websites masquerading as legitimate banking portals.
Improve consumer trust and awareness by ensuring all Indian banks operate under a single, verifiable domain structure.
Strengthen India’s digital banking security by providing a centralized domain that is difficult for cybercriminals to replicate.

The "bank.in" domain will be exclusively available for RBI-regulated banking institutions, ensuring that only legitimate financial entities can use this domain extension. Each bank will have its official website hosted under the bank.in umbrella, making it easier for customers to verify authenticity. For example, a leading bank such as State Bank of India (SBI) might have an official URL like sbi.bank.in, making it clear that the website is legitimate.

To support this transition, the RBI is collaborating with financial institutions, cybersecurity experts, and domain regulatory authorities to ensure a seamless migration to the new domain. Banks will be required to phase out their existing domains and direct customers to their new "bank.in" addresses, ensuring a smooth transition while preventing confusion.

The introduction of the bank.in domain is expected to significantly curb online banking fraud by reducing the success rate of phishing attempts and counterfeit banking websites. With a dedicated domain strategy, customers will have a simpler and more secure way to access their banking services. Additionally, this move aligns with global best practices in banking fraud prevention, where exclusive domains for banks have proven effective in reducing cyber threats. Countries like the United Kingdom and Australia have implemented similar strategies, leading to a drop in digital banking fraud cases.