Mumbai: In order to check cyber security threats, the Reserve Bank on Friday decided that Indian banks will have exclusive internet domain name 'bank.in' and non-bank financial entities 'fin.in'.
Unveiling the last bi-monthly monetary policy of this fiscal year, RBI Governor Sanjay Malhotra said registrations for 'bank.in' will commence from April 2025, and going forward 'fin.in' will be introduced.
The decision is aimed at enhancing trust in the financial sector, he said adding the increased instances of fraud in digital payments are a significant concern. "To combat the same, the Reserve Bank of India (RBI) is introducing the 'bank.in' exclusive Internet Domain for Indian banks," he said.
The initiative aims to reduce cyber security threats and malicious activities like phishing and streamline secure financial services, thereby enhancing trust in digital banking and payment services. The Institute for Development and Research in Banking Technology (IDRBT) will act as the exclusive registrar.
Going forward, Malhotra said it is planned to have an exclusive domain -- 'fin.in' -- for non-bank entities in the financial sector. The RBI also decided to introduce an additional layer of security by enabling an Additional Factor of Authentication (AFA) in cross-border 'Card Not Present' transactions.
The central bank said that the introduction of AFA for digital payments has enhanced the safety of transactions which, in turn, provided confidence to customers to adopt digital payments. This requirement, however, is mandatory for domestic transactions only.
"In order to provide a similar level of safety for online international transactions using cards issued in India, it is proposed to enable AFA for international card not present (online) transactions as well," the RBI said.
This will provide an additional layer of security in cases where the overseas merchant is enabled for AFA. A draft circular will be issued shortly for feedback from stakeholders.
