RBI Launches ‘Bank.in’ & ‘Fin.in’ for Secure Digital Banking

In a significant move to enhance cybersecurity and trust in digital banking, the Reserve Bank of India (RBI) has announced the introduction of exclusive internet domain names for Indian banks and financial institutions. Indian banks will now have the domain ‘Bank.in’, while non-banking financial entities will be assigned ‘Fin.in’.

This initiative, unveiled by RBI Governor Sanjay Malhotra during the last bi-monthly monetary policy of the fiscal year, aims to reduce cyber threats, prevent phishing attacks, and promote secure financial transactions.

Check: Latest Current Affairs

Why is RBI Introducing ‘Bank.in’ and ‘Fin.in’?

With the rapid growth of digital banking and online financial services, there has been a rise in cyber frauds, phishing attacks, and fake financial websites. Many fraudulent entities create fake banking websites to deceive customers and steal sensitive financial information.

To mitigate these risks, the RBI has decided to introduce exclusive domain names for financial institutions that will serve as a secure identity marker for customers and businesses.

Key Features of ‘Bank.in’ & ‘Fin.in’ Domains

1. Exclusive ‘Bank.in’ Domain for Indian Banks

• All registered Indian banks will have their websites under ‘Bank.in’ to ensure authenticity.
• Registrations for ‘Bank.in’ will begin in April 2025 under RBI’s supervision.
• Institute for Development and Research in Banking Technology (IDRBT) will act as the exclusive registrar for managing domain registrations.
• This initiative will reduce phishing attacks, enhance cybersecurity, and increase customer trust in digital banking platforms.

2. Introduction of ‘Fin.in’ for Non-Banking Financial Entities

• Non-banking financial companies (NBFCs), fintech firms, and other financial entities will be assigned the ‘Fin.in’ domain.
• This will help distinguish legitimate financial firms from fraudulent websites and improve the security of financial transactions.
• The implementation timeline for ‘Fin.in’ will be announced in a phased manner.

Impact on Cybersecurity & Digital Payments

1. Strengthening Digital Banking Security

• The new domain system will protect banks and financial institutions from cyber fraud and phishing scams.
• Customers can easily verify the authenticity of a bank’s website by checking for the ‘.Bank.in’ domain.

2. Enhancing Trust in Online Financial Transactions

• With secure domain names, customers can safely conduct digital transactions without the fear of fraud.
• Financial institutions can ensure compliance with RBI’s cybersecurity regulations.

3. Streamlining Secure Financial Services

• The exclusive domains will help in identifying genuine banking and financial service providers.
• This will create a standardized and trusted online environment for banking operations in India.

Additional Security Measures: Two-Factor Authentication for International Card Transactions

Along with the introduction of exclusive domain names, the RBI is also implementing an Additional Factor of Authentication (AFA) for cross-border ‘Card Not Present’ transactions.

What is AFA & Why is it Important?

• AFA (Additional Factor of Authentication) is a security measure requiring an extra step of authentication during online transactions.
• In India, AFA is already mandatory for domestic online payments, ensuring safety in digital transactions.
• However, international online transactions using Indian-issued cards currently do not require AFA, making them more vulnerable to fraud.

How Will AFA Improve Security?

• AFA will now be enabled for cross-border transactions, providing an extra layer of security for Indian cardholders.
• If the overseas merchant is AFA-enabled, Indian customers will have to authenticate their transactions through an additional verification step.
• A draft circular will soon be issued for stakeholder feedback, ensuring a smooth implementation of the security measure.

RBI Introduces ‘Bank.in’ & ‘Fin.in’ Domains – Summary of Key Announcements

Aspect	Details
Why in News	The Reserve Bank of India (RBI) has announced the launch of exclusive internet domain names ‘Bank.in’ for Indian banks and ‘Fin.in’ for non-banking financial entities. This move aims to enhance cybersecurity, prevent phishing attacks, and strengthen trust in digital banking.
Announced By	RBI Governor Sanjay Malhotra during the last bi-monthly monetary policy of the fiscal year.
Objective	To reduce cyber threats, prevent frauds, and promote secure financial transactions in India’s banking and financial sector.
Exclusive ‘Bank.in’ Domain	– Reserved for registered Indian banks. – Registrations begin in April 2025 under RBI’s supervision. – Institute for Development and Research in Banking Technology (IDRBT) will act as the exclusive registrar.
‘Fin.in’ Domain for Non-Banks	– Assigned to Non-Banking Financial Companies (NBFCs), fintech firms, and financial entities. – Helps differentiate legitimate financial firms from fraudulent websites. – Implementation in a phased manner.
Cybersecurity Impact	– Protects against phishing attacks & cyber frauds. – Verifies authenticity of financial websites. – Enhances customer trust in digital banking and transactions.
Additional Security Measure	Introduction of Additional Factor of Authentication (AFA) for international ‘Card Not Present’ transactions to enhance online payment security.
What is AFA?	– A security measure requiring extra authentication for online transactions. – Already mandatory for domestic online payments in India. – Now being extended to cross-border transactions using Indian-issued cards.
Implementation Timeline	– ‘Bank.in’ registrations start in April 2025. – ‘Fin.in’ implementation will be phased. – Draft circular for AFA to be released soon for stakeholder feedback.