RBI Introduces Exclusive Internet Domains to Enhance Digital Banking Security
New Initiative Aims to Combat Cybersecurity Threats
In a significant move to bolster digital banking security and enhance consumer trust, the Reserve Bank of India (RBI) has announced the introduction of a dedicated “bank.in” internet domain specifically for banks operating in the country. This initiative, aimed at combating the rising threat of digital financial fraud, is anticipated to streamline secure financial services and reduce cybersecurity vulnerabilities associated with phishing and other malicious activities.
In an official statement issued today, the RBI emphasized its commitment to improving the security landscape of digital banking and payment services across India. The establishment of the ‘bank.in’ domain is expected to serve as a crucial step in fostering a safer online environment for financial transactions.
IDRBT to Oversee Domain Registrations
To facilitate this initiative, the Institute for Development and Research in Banking Technology (IDRBT) will assume the role of the exclusive registrar for the new domains. The registration process for the “bank.in” domains is slated to commence in April 2025, allowing banks ample time to transition to this enhanced security framework.
In addition to the “bank.in” domains, the RBI has revealed plans to roll out a similar exclusive domain, “fin.in,” intended for other non-bank entities within the financial sector. This broader approach highlights the RBI’s overarching strategy to enhance security measures across all facets of digital financial services.
Introduction of Additional Factor of Authentication (AFA)
As part of its relentless pursuit to strengthen security within the digital payments ecosystem, the RBI is also introducing an Additional Factor of Authentication (AFA) for cross-border card-not-present (CNP) online transactions. Known colloquially as multi-factor authentication (MFA), AFA utilizes more than one verification method to authenticate users, thereby adding a crucial layer of security to digital transactions conducted via cards and mobile banking channels.
The RBI clarified that while the introduction of AFA aims to provide enhanced protection—especially when dealing with overseas merchants that support this security feature—there are currently no specific mandates regarding the factors to be used in implementing AFA. Nonetheless, the digital payments landscape in India has predominantly adopted SMS-based one-time passwords (OTPs) as a standard practice for this additional authentication process.
Strengthening Consumer Confidence in Digital Transactions
The RBI’s recent initiatives represent a proactive approach to reinforcing consumer confidence in India’s digital banking sector. By addressing cybersecurity threats head-on and fostering a secure online environment, the RBI aims not only to protect consumers but also to encourage greater participation in digital financial services.
As the digital landscape continues to evolve and expand, these efforts by the RBI could play a pivotal role in shaping a secure and trust-based future for digital banking in India.
For more updates and exclusive content related to financial security and regulatory compliance, follow us on Twitter and LinkedIn.
Share this article:
