RBI Orders Banks To Move To ‘.bank.in’ Domain To Boost Online Security And Curb Fraud

The Reserve Bank of India (RBI) has instructed all banks in the country to migrate their internet banking websites to the exclusive and highly secure ‘.bank.in’ domain. The move, aimed at tightening cybersecurity in the digital banking ecosystem, is part of a broader initiative to shield customers from rising cases of phishing and online banking fraud. The deadline for this migration was October 31, 2025, meaning all regulated banks should now be operating under the new domain.

The ‘.bank.in’ domain stands out because it is restricted solely to verified banking entities that are registered and approved by the RBI. Unlike generic domains such as ‘.com’ or ‘.net’, the new RBI-approved extension can be used only by legitimate financial institutions regulated under India’s banking framework. This ensures that fake or fraudulent sites—often designed to look like real bank portals—cannot acquire the same domain name, significantly reducing the chances of customers being deceived by lookalike websites. Major public and private players such as State Bank of India (SBI), HDFC Bank, ICICI Bank, and Axis Bank have already completed the migration.

This regulatory shift comes amid a sharp rise in online scams targeting bank customers. Cybercriminals have increasingly relied on phishing attacks, fake websites, and malicious apps to steal sensitive information. According to a report by the National Council on Aging (NCOA), individuals aged 60 and above lost a staggering 3.4 billion dollars to financial scams in 2023 alone. In India, similar trends have surfaced, with increasing incidents of frauds where fake banking sites have been used to siphon off customer data and funds.

Also Read: Pune Man Duped of Rs 11 Lakh in Bizarre ‘Get Me Pregnant Job’ Online Scam

In one notable case earlier this year, the Kolkata Police arrested four men for running a fraudulent banking website replicating that of a leading private-sector bank. The accused allegedly duped a businessman of several lakhs of rupees by mimicking Axis Bank’s online interface. Similarly, Lucknow Police and the Cyber Crime Cell uncovered an inter-state racket involving two school dropouts who had developed fake banking portals to target credit card users and account holders across states.

The RBI’s new directive aims to build public trust and enhance digital safety within the financial system as more Indians rely on online transactions. Cybersecurity analysts have praised the move, calling it “a proactive step to fortify the banking sector against evolving online threats.” Customers are now urged to verify that their bank’s website ends with ‘.bank.in’ before logging in, ensuring they connect only to authorized and RBI-verified portals.

Also Read: Supreme Court Sounds Alarm: Will India Ban Online Gambling to End National Crisis?