RBI’s New Rule: The Reserve Bank of India (RBI) has taken a major step to strengthen cyber security across the Indian banking ecosystem. With the growing threat of online fraud, phishing scams, and fake websites, RBI has now made it mandatory for all banks in India to use the new domain extension ‘.bank.in’ for their official websites.
Why RBI Took This Step
Digital banking has revolutionized the Indian economy, but it has also made users vulnerable to cyber fraud. Criminals often create fake bank websites or send deceptive emails and messages to steal customer data. To curb these rising threats, RBI’s new ‘.bank.in’ rule aims to ensure authenticity, trust, and data security in the digital banking system.
What Is the ‘.bank.in’ Domain?
A domain name is the online address of any website — just like a home address in the real world. The ‘.bank.in’ domain is a new, verified digital identity exclusively reserved for Indian banks.
It has been developed by the Institute for Development and Research in Banking Technology (IDRBT) in collaboration with the Ministry of Electronics and Information Technology (MeitY).
Importantly, this domain will be issued only to verified and authorized banks, ensuring that no fake or fraudulent entity can misuse it.
How This Change Will Help Customers
Until now, scammers could easily create lookalike websites to trick users. With every bank now required to operate under the ‘.bank.in’ domain, it will become far easier for customers to distinguish real bank sites from fake ones.
Examples:
- SBI: www.sbi.bank.in
- HDFC Bank: www.hdfc.bank.in
- ICICI Bank: www.icici.bank.in
This unified domain system will help customers easily identify legitimate banking websites and avoid fraud.
Advanced Security Features
The new ‘.bank.in’ domain comes with multiple layers of modern cybersecurity technology:
- DNS Security Extensions (DNSSEC) — protects users from being redirected to fake websites.
- Email Authentication Protocols — blocks phishing emails and unauthorized communication.
- SSL/TLS Encryption — ensures all online banking data is encrypted and secure.
These features together provide an extra shield for customer transactions and personal data.
What Banks and Customers Need to Do
All banks are now required to migrate their websites, mobile apps, and internet banking portals to the new ‘.bank.in’ domain. Customers, on the other hand, should only use websites that end with ‘.bank.in’ for all online banking activities.
If a website claiming to be your bank does not end with ‘.bank.in’, it is likely fake — and you should immediately report it or avoid sharing any information.
RBI’s Cybersecurity Vision
With this initiative, RBI aims to make India’s digital banking space more transparent, secure, and customer-friendly. The ‘.bank.in’ rule will not only strengthen trust but also mark a crucial step toward safer online financial transactions.
About the Author
