MUMBAI: The Reserve Bank of India (RBI) is taking significant steps to bolster the security of international transactions and protect customers from rising online fraud. Governor Sanjay Malhotra recently announced the introduction of exclusive domain names for banks, aimed at streamlining the identification of genuine banking websites. Customers will now be able to verify the authenticity of their bank's website by checking for the 'bank.in' extension prior to making any transactions.
Malhotra explained, "Rising fraud in digital payments is a major concern... The move will not only facilitate easier identification of legitimate banks but also help curb cyber threats, ensuring secure financial services for customers." The RBI plans to roll out these changes with the support of the Institute for Development and Research in Banking Technology (IDRBT), which will serve as the exclusive registrar for the new domains starting April 2025.
The 'bank.in' domain initiative is part of the RBI's broader strategy to create a secure online environment for banking institutions and their customers. This specific initiative builds on the introduction of the 'bank' generic top-level domains (gTLDs) launched back in 2015, which were developed to provide safer and verified online identities for banks worldwide.
Malhotra remarked, "This initiative will definitely help to increase trust among users of digital banking and payment services, providing them with peace of mind when engaging in online transactions." A future plan is also set to introduce the 'fin.in' domain for non-bank financial entities.
To complement these new domain measures, the RBI is also focusing on enhancing the security of international payments made with India-issued cards. Traditionally, merchants accepting international transactions have not required two-factor authentication, which is standard practice domestically through one-time passwords (OTP). Malhotra announced plans to mandate Additional Factor Authentication (AFA) for international online payments where it is supported by the overseas merchants.
This step aims to increase security for users engaging with international merchants, helping to bolster confidence among Indian cardholders who may face difficulties with these payments due to lax security requirements abroad. Malhotra emphasized, "This will provide an additional layer of security, safeguarding customer transactions online." A draft circular detailing these security enhancements is anticipated to be released soon for stakeholder feedback.
The RBI's recent initiatives reflect its commitment to ensuring customer safety amid rising cyber threats, as well as aligning with global standards to facilitate secure financial exchanges. With the digital payment ecosystem growing rapidly, the central bank's focus on cybersecurity remains pivotal.
These changes come at a time when phishing attacks are on the rise, emphasizing the importance of verified domains and secure payment methods. The RBI's initiatives not only promise to streamline the banking experience but also bolster the overall security framework of financial operations conducted online.
By introducing these exclusive domains and advocating for AFA on international transactions, the RBI is taking proactive measures to mitigate risks associated with online banking, ensuring customers can manage their financial transactions with confidence.