Mumbai, Feb 7: In an effort to address cyber security challenges, the Reserve Bank of India (RBI) announced that Indian banks will adopt a dedicated internet domain name, ‘bank.in,’ while non-bank financial entities will use ‘fin.in.’
During the announcement of the final bi-monthly monetary policy for the fiscal year, RBI Governor Sanjay Malhotra revealed that registrations for the ‘bank.in’ domain will begin in April 2025, and the ‘fin.in’ domain will be introduced thereafter.
The move is designed to build trust within the financial sector, particularly in light of increasing fraud in digital payments. “To combat the rising fraud, the Reserve Bank of India is introducing the exclusive ‘bank.in’ internet domain for Indian banks,” Malhotra explained.
This initiative aims to minimize cybersecurity risks, such as phishing, while enhancing secure financial services and boosting confidence in digital banking and payment systems. The Institute for Development and Research in Banking Technology (IDRBT) will oversee the registration process for these domains.
Looking ahead, Malhotra also outlined plans to introduce the ‘fin.in’ domain specifically for non-bank financial entities.
Additionally, the RBI revealed plans to strengthen security by introducing Additional Factor Authentication (AFA) for cross-border ‘Card Not Present’ transactions. While the AFA requirement is already mandatory for domestic transactions, the move will extend similar safety measures to international card payments.
The RBI emphasized that the AFA for international online transactions will offer an extra layer of protection where overseas merchants support the authentication process. A draft circular will soon be released for feedback from industry stakeholders.
