More than 400 Indian banks switch to .bank.in domains.

2026-02-12

More than 400 banks in India have now migrated to the .bank.in domain, as per a directive from the Reserve Bank of India (RBI).

This move is part of broader regulatory initiatives aimed at combating phishing and enhancing online banking security. The RBI had given all regulated banks until October 31, 2025, to transition from generic domains like .com and .co.in to the safer .bank.in extension.

Exclusive Domain to Combat Phishing

The .bank.in top-level domain is restricted exclusively for RBI-regulated banking institutions. NIXI has been appointed as the authorised registrar under India’s internet governance structure, ensuring that only verified banks can use this domain. This helps users differentiate between genuine banking sites and deceptive ones designed to lure in credentials or perpetrate financial fraud.

Phishing attacks, where cybercriminals mimic real bank login pages to steal personal data, have been a significant issue in India’s digital banking sector. The controlled environment offered by the restricted domain makes it harder for fraudulent websites to operate unnoticed. While all major banks have completed the transition, some delayed until after the initial deadline.

This initiative is part of a broader strategy by the RBI to secure digital finance, which includes enhanced authentication systems and consumer protection mechanisms.

Domain Policy Aligns with Cybersecurity Goals

According to the policy for .bank.in, only institutions overseen by the RBI can register this domain. This measure is expected to deter unauthorised entities from creating misleading banking sites, thus reducing specific types of online financial fraud.

In the lead-up, India is preparing to apply for additional generic top-level domains such as .india and .bharat through ICANN’s next round of gTLD applications. These will be available for use by Indian entities.

For banking customers, the new domain means that official bank websites should end with .bank.in. It is recommended to always check the domain before entering any personal information and to be wary of communications directing you to addresses without this extension as these might be phishing attempts. Ensure a secure HTTPS connection when logging in or making transactions.

The transition to .bank.in underscores the RBI’s continuous efforts to improve trust and security within digital banking, reflecting the increasing trend of financial activity moving online.