The Reserve Bank of India (RBI) has announced the launch of two new second-level domain names—bank.in and fin.in—designed to enhance trust in financial services and safeguard users from fraud. As digital payments surge and phishing attacks become more prevalent, authorities are striving to establish a unified domain standard for banks and financial institutions.
India’s vast and complex banking system comprises 12 state-owned banks, 21 private banks, 43 regional rural banks, more than 300 cooperative banks, and over 1,800 agricultural and rural development banks. This landscape provides fertile ground for cybercriminals, who create fraudulent bank websites to steal customer credentials. The introduction of the bank.in domain aims to distinguish legitimate financial institutions from deceptive platforms, making it easier for users to verify the authenticity of banking entities.
Another newly introduced domain, fin.in, will cater to credit institutions and financial service providers. India is home to approximately 100,000 Primary Agricultural Credit Societies (PACS), many of which have yet to establish an online presence. As the government advances the digitalization of public services and the financial sector, the creation of a dedicated financial domain is expected to facilitate a secure digital transition for cooperative institutions.
In addition to the new domain framework, the Reserve Bank of India is implementing mandatory two-factor authentication for international transactions conducted without a physical card, aiming to curb online payment fraud.
The registration process for bank.in domains will commence in April, with the Institute for Development and Research in Banking Technology (IDRBT) designated as the sole registrar. Operating on a non-profit basis, IDRBT’s oversight minimizes the risk of domain name speculation and protects financial institutions from cyber-squatting threats.
