Why are SBI, ICICI, HDFC and other banks using ‘.bank.in’ domain, and how will it benefit customers?

Earlier this year, the Reserve Bank of India (RBI) asked all banks to move their official websites to an exclusive online domain ending with ‘.bank.in’ from the earlier ‘.co.in’. This was introduced to enhance security and prevent scams across the country. 

“It has now been decided to operationalise the ‘.bank.in’ domain for banks through the Institute for Development and Research in Banking Technology (IDRBT), which has been authorised by National Internet Exchange of India (NIXI), under the aegis of the Ministry of Electronics and Information Technology (MeitY), to serve as the exclusive registrar for this domain,” the RBI said in April. 

The central bank advised all the banks, including major banks in the country like the State Bank of India (SBI), HDFC Bank and ICICI Bank, to migrate their existing domains to the ‘.bank.in’ domain by October 31, 2025. 

“All banks are advised to commence the migration of their existing domains to the ‘.bank.in’ domain and complete the process at the earliest and in any case, not later than October 31, 2025,” the RBI said. 

How will the use of '.bank.in' domain benefit customers?

In this digital era, hundreds of customers are scammed every other day, and many have fallen victim to phishing attacks. In many frauds, criminals create lookalike websites with some minor changes in the URL. 

For example, if there’s a website called abc.com, someone can make a website with a minor tweak: abc-.com. We think we will notice things like this, but when they actually happen to us, we often miss them.

With these fake sites, fraudsters trick customers into giving their personal banking details, resulting in huge financial losses. 

The '.bank.in' domain is exclusive to verified financial institutions regulated by the Reserve Bank of India. This means that only entities verified and regulated by the RBI can use this domain, making it safer than others. 

By this, the RBI is aiming to reduce online banking fraud and strengthen cybersecurity across the country. 

Does this step make this domain entirely safe?

No, while this step makes the domain safer, it’s still not entirely safe, as fraudsters can trick people with URLs that look like '.bank.in' too. 

Here are some steps you can take to stay safe while doing online banking: 

• Always verify the website URL. Make sure it starts with https:// and ends with the bank’s correct domain. For enhanced safety, you can also bookmark the correct URLs. 
• Never click banking links from SMS, WhatsApp or email, as most scammers contact people through these channels. Even if the message looks real and trustworthy, go to the bank website yourself. 
• Use the official mobile banking app by downloading it from the Google Play Store or the Apple App Store. 
• Enable two-factor authentication (2FA) to ensure safety. 
• Never share any OTPs, PINs or passwords, as a bank employee would never ask you for them. 
• Set lower transaction limits. 
• Be cautious while using public WiFi. 
• Check your account statement regularly to be aware of any suspicious activity. 

Bank fraud in India

In the financial year 2024-25 (FY25), while the total number of banking fraud cases declined in India, the total amount involved nearly tripled, as per the RBI’s annual report released in May. A majority of these frauds were linked to digital payments. 

In FY25, a total of 23,953 bank fraud cases were recorded, down 34% as compared to FY24. The value of these frauds jumped nearly three times year-on-year (YoY) to ₹36,014 crore.

The significant increase in value was because of the reclassification of 122 past cases worth ₹18,674 crore, RBI’s report noted. 

Private-sector banks reported the largest number of fraud cases at 14,233, making up 59.4% of all cases reported during FY25. Public-sector banks, however, reported the largest share of the total amount involved in the frauds, at ₹25,667 crore against ₹10,088 crore reported by private lenders. Public-sector banks reported a total of 6,935 cases in FY25.