RBI mandates banks to adopt ‘Bank.in’ domains by Oct 31 for safer digital access; check FAQs

The Reserve Bank of India (RBI) has established a deadline of October 31, 2025, for all banks to transition their digital operations to the domain 'Bank.in'. This directive is intended to improve the security infrastructure of online banking services across the nation. By standardising the domain name, the RBI aims to make digital banking more secure and user-friendly, reducing the potential for confusion among consumers and increasing trust in digital transactions. 

The move to a unified domain is expected to provide a consistent and secure interface for online banking. It comes as a response to the increasing threats posed by cybercriminals who exploit vulnerabilities in online platforms. This initiative is part of the RBI's broader strategy to safeguard the interests of consumers in a rapidly digitalising financial landscape. The transition will likely require banks to update their IT infrastructures to comply with the new requirements, ensuring a seamless and secure banking experience for customers.

According to RBI circular issued on April 22: “Please refer to para 4 of the Statement on Developmental and Regulatory Policies dated February 7, 2025, on "Enhancing Trust in the Financial Sector through 'bank.in' and 'fin.in' domains" wherein the introduction of exclusive Internet Domain, ‘.bank.in’ for banks to combat the increased instances of fraud in digital payments was announced. This initiative is aimed at strengthening the cybersecurity framework and enhancing public confidence in digital banking and payment systems."

The circular read:  “It has now been decided to operationalise the ‘bank.in’ domain for banks through the Institute for Development and Research in Banking Technology (IDRBT), which has been authorised by National Internet Exchange of India (NIXI), under the aegis of the Ministry of Electronics and Information Technology (MeitY), to serve as the exclusive registrar for this domain. Banks may contact IDRBT at sahyog@idrbt.ac.in to initiate the registration process. IDRBT shall guide the banks on various aspects related to application process and migration to new domain."

The RBI's directive is seen as a proactive measure to address the growing concerns over cybersecurity in the banking sector. The need for improved security protocols has become evident with the rise of digital transactions. By establishing a uniform digital identity for banks under the 'Bank.in' domain, the RBI hopes to mitigate risks associated with fraudulent websites mimicking legitimate banking portals. This initiative aligns with the global trend of enhancing cybersecurity in financial services. 

Ankit Ratan, Co-founder & CEO, Signzy, said: "The operationalisation of the ‘.bank.in’ domain marks a significant step forward in India’s efforts to secure its rapidly growing digital financial ecosystem. With this initiative, the RBI is setting a new benchmark in cybersecurity by creating a trusted, exclusive domain that banks must adopt. This move will drastically reduce cyber threats, phishing attacks, and fake banking websites, which have been major sources of financial fraud. This fixed domain will simplify verification for consumers and tech platforms to more easily identify legitimate banking websites and apps. It’s a simple yet powerful mechanism to boost public confidence in digital transactions. In the long run, this initiative could save the Indian banking sector billions of rupees by preventing fraud and financial losses. It also opens the door to innovations in collaboration with browsers, such as a ‘Financial Secure’ tag for verified banking domains, further safeguarding users. As India’s digital economy expands, such proactive cybersecurity measures are not just welcome—they’re essential."

FAQs on ‘.bank.in’ domain

1. What is the ‘.bank.in’ domain?

The .bank.in domain is a secure and exclusive internet domain introduced by RBI specifically for Indian banks to help curb digital payment fraud and enhance trust in online banking services.

2. Who launched the ‘.bank.in’ domain?

The initiative was launched by the Reserve Bank of India (RBI), with domain registration and operational support provided by the Institute for Development and Research in Banking Technology (IDRBT), under the authorization of National Internet Exchange of India (NIXI) and MeitY.

3. Why is this domain being introduced?

This domain aims to:
Strengthen the cybersecurity framework in the financial sector
Help customers easily identify genuine banking websites
Prevent phishing and spoofing attacks through fake banking domains
Increase public confidence in digital banking systems

4. How can banks register for the ‘.bank.in’ domain?

Banks need to contact IDRBT at sahyog@idrbt.ac.in. IDRBT will guide them through the registration and migration process.

The banking industry in India is witnessing fast-paced technological advancements and increased competition from fintech companies. The RBI's requirement for a domain transition is a step towards modernising the sector and maintaining consumer confidence. Major financial institutions are expected to lead this transition, setting operational benchmarks for smaller entities. This move will likely influence the overall approach to digital security within the sector, reinforcing India's commitment to secure digital banking practices.

While the directive underscores the urgency of adopting robust cybersecurity measures, it also poses a challenge for banks in terms of implementation. Banks will need to invest in IT upgrades and infrastructure to comply with the new domain requirements.