The Reserve Bank of India (RBI) has taken a major step to strengthen digital trust and security in India’s financial system. According to an official Notification, RBI is introducing exclusive internet domains – ‘.bank.in’ for Indian banks and ‘.fin.in’ for non-bank financial entities – to enhance cybersecurity in the digital financial ecosystem.
Why these new domains matter
Currently, most banks use “.com” or “.in” websites. Fraudsters often create lookalike websites like mybank-login.com or secure-bankindia.in to trick customers into sharing passwords and OTPs. The RBI press release clearly states: “Only licensed banks and regulated financial institutions will be allowed to use these domains, ensuring that customers can identify genuine websites easily.”
This simple but effective change will help you, as a customer, quickly recognize a legitimate bank or financial website and avoid scams.
Rollout plan
- April 2025 – Registrations for ‘.bank.in’ begin.
- October 31, 2025 – Banks must complete the migration to the new domain.
- Registrar – The Institute for Development and Research in Banking Technology (IDRBT) will manage registrations.
Some major banks viz. State Bank of India, Punjab National Bank, Bank of Baroda, Canara Bank, Punjab and Sind Bank and many other banks already moved to bank.in domain. Many banks have also started moving their websites to .bank.in domains to make the transition smoother for customers.
Benefits for customers
- Instant trust: If a website ends with .bank.in or .fin.in, you know it is genuine.
- Lower fraud risk: Scammers cannot easily replicate these regulated domains.
- Confidence in digital payments: Users are more likely to use online banking safely.
- Global-standard security: India joins other countries with dedicated, secure banking domains.
What you should do
- From late 2025, always check that websites end in .bank.in or .fin.in.
- Type the URL yourself instead of clicking suspicious email or message links.
- Look for the padlock 🔒 symbol (HTTPS) before entering passwords or OTPs.
- Report any suspicious or fake websites to your bank immediately.
Part of RBI’s wider cybersecurity push
This initiative is part of RBI’s broader strategy to secure digital payments and reduce phishing attacks. Other measures include additional OTP verification for international card transactions, tokenization of card details, and stricter regulations for digital lending apps. :
“This initiative is part of RBI’s broader strategy to reduce phishing attacks and protect consumers from online frauds.”
Conclusion
The introduction of .bank.in and .fin.in domains is a major step to protect customers from online fraud. These domains act as trust badges, helping you identify authentic banks and financial services online. As India moves toward a cashless economy,
this initiative ensures that online transactions are safer, more reliable, and worry-free.
Every customer and user of banking or financial services must be aware of these developments, because staying informed is the first and most important step to protect yourself from cyber frauds.
Also read, click the link : RBI’s New Banknote Microsite: Learn to Spot Fake Notes and Unlock Many Hidden Features
🔒 Disclaimer: This post is for information purposes only. Please follow official RBI notifications and your bank’s updates.