RBI to introduce exclusive internet domains for banks and non-banks
Feb 9, 2025, 13:38 IST
RBI’s move to introduce exclusive banking domains comes on the back of a need to contain cyber security threats such as phishing attacks.
“This initiative aims to reduce cyber security threats and malicious activities like phishing; and, streamline secure financial services, thereby enhancing trust in digital banking and payment services,” the RBI said in a statement on developmental and regulatory policies.
In a significant move to bolster cybersecurity and enhance trust in digital financial services, the Reserve Bank of India (RBI) has announced the introduction of exclusive internet domains for banks and non-banking financial entities. This initiative aims to mitigate cyber threats, particularly phishing attacks, by providing a secure and recognizable online presence for legitimate financial institutions.
Key Highlights:
Exclusive Domains: Indian banks will adopt the 'bank.in' domain, while non-banking financial entities will utilize 'fin.in'. Registrations for 'bank.in' are set to commence in April 2025, with plans to introduce 'fin.in' subsequently.
Objective: The primary goal is to reduce cybersecurity threats and malicious activities like phishing, thereby enhancing trust in digital banking and payment services. By establishing exclusive domains, the RBI aims to streamline secure financial services and provide customers with a reliable means to identify authentic banking websites.
Registrar: The Institute for Development and Research in Banking Technology (IDRBT) has been designated as the exclusive registrar for these domains. Detailed guidelines for banks and non-banking financial entities will be issued separately.
Additional Security Measures: In conjunction with the new domains, the RBI plans to implement Additional Factor of Authentication (AFA) for cross-border 'Card Not Present' transactions. This measure extends the existing AFA requirement, currently mandatory for domestic transactions, to international online transactions, providing an extra layer of security where overseas merchants support AFA.
RBI Governor Sanjay Malhotra emphasized the importance of this initiative, stating, "Increased instances of fraud in digital payments are a significant concern. To combat the same, the Reserve Bank is introducing the 'bank.in' exclusive internet domain for our banks. This initiative aims to reduce cybersecurity threats and malicious activities like phishing; and, streamline secure financial services, thereby enhancing trust in digital banking and payment services."
This proactive approach by the RBI underscores its commitment to safeguarding the integrity of India's digital financial ecosystem and ensuring a secure banking experience for consumers.