The Reserve Bank of India (RBI) has announced the launch of a dedicated “bank.in” domain exclusively for Indian banks, aimed at strengthening cybersecurity measures and reducing digital financial fraud. The Institute for Development and Research in Banking Technology (IDRBT) will serve as the sole registrar for these domains, with registrations scheduled to begin in April 2025.

The initiative is designed to minimize phishing attacks and other malicious activities while promoting secure financial services. Additionally, the RBI plans to introduce a “fin.in” domain specifically for non-bank financial institutions.

To further enhance digital payment security, the central bank is implementing Additional Factor Authentication (AFA) for cross-border card-not-present (CNP) online transactions. This multi-factor authentication system will provide extra security for international transactions where merchants support AFA capabilities.

While the RBI hasn’t specified a particular authentication method, India’s digital payment ecosystem predominantly uses SMS-based one-time passwords (OTPs) as their preferred AFA mechanism. These measures reflect the central bank’s commitment to strengthening the security infrastructure of India’s digital financial ecosystem.