RBI’s “.bank.in” Domain Migration Update.
In a move to bolster digital security and reduce banking-phishing risks, the RBI has mandated that all banks in India migrate their official web-domains and net-banking platforms to the exclusive “.bank.in” domain by 31 October 2025.
Under this mandate:
- The Institute for Development and Research in Banking Technology (IDRBT) has been appointed the exclusive registrar for “.bank.in”.
- Banks must apply via IDRBT and migrate their existing domains (e.g., .com, .co.in) to the new domain.
- Until migration is complete, many banks will likely maintain both old and new domains, with redirects from the old to the new domain.
Rationale: With the widespread use of generic domains and look-alike URLs, phishing and spoofing risk has increased dramatically. The uniform “.bank.in” domain aims to clarify authenticity for customers and reduce fraudulent domain-mimicking.
What This Means for You (as a Customer)
- Once migration is complete, your bank’s official website should end in “.bank.in” (for example,
bankname.bank.in). - If you receive email/SMS links, ensure the URL belongs to the new domain or is one of the redirected old domains that clearly point to the new one.
- Don’t automatically trust a domain just because it ends in “.bank.in” — verify via official bank announcements. It is necessary, but not sufficient, that it’s legitimate.
- Update your saved bookmarks, and avoid logging in via old unverified domains once the migration completes.
- Banks will handle redirection of old domains, but you should remain vigilant during transition — fraudsters may exploit old domains or spoof them.
Status & Major Banks — New Domains Where Available
While a full list of all banks with their new “.bank.in” domains is not publicly consolidated, several major banks have publicly disclosed or news articles report their migration. Below is a compiled list of major banks, their old domains, and new domain (if publicly available or reported). You should check your specific bank’s official announcement for full details.
| Bank Name | Sector | Reported / Expected “.bank.in” Domain |
|---|---|---|
| Bank of Baroda | Public | https://bankofbaroda.bank.in/ |
| State Bank of India | Public | https://sbi.bank.in/ |
| Punjab National Bank | Public | https://pnb.bank.in/ |
| Canara Bank | Public | https://canarabank.bank.in |
| HDFC Bank | Private | https://hdfc.bank.in/ |
| ICICI Bank | Private | https://icici.bank.in/ |
| Axis Bank | Private | https://axis.bank.in/ |
| Bank of India | Public | https://bankofindia.bank.in/ |
| Union Bank of India | Public | https://unionbankofindia.bank.in/ |
| IDBI Bank | Public | https://idbi.bank.in/ |
| Karur Vysya Bank | Private | https://kvb.bank.in |
| Kotak Bank | Private | https://kotak.bank.in |
Note: This sample list covers major banks with public-reporting. Many smaller banks and regional banks will also migrate, but official new URLs may not yet be publicly listed.
What to Check & Ask Your Bank
When your bank migrates, you should check/ask:
- Does your bank’s official website now end in “.bank.in”?
- Does the old domain redirect seamlessly to the new one?
- Has your bank issued an announcement/notice about the domain change?
- Are emails sent from the bank using the new domain? (Check sender address)
- Did the bank’s mobile app or net-banking portal clearly indicate any domain change (if applicable)?
- Are there any user instructions from the bank about update of bookmarks, safe login links, etc.?
Risks & Considerations
- The domain change by itself does not guarantee complete elimination of phishing/fraud. Fraudsters may still find new tactics (e.g., misleading sub-domains, look-alike names).
- Some banks may operate both old and new domains during the transition. Until full cut-over, customers should remain vigilant.
- If your bank does not migrate by deadline, or your login via old domain continues without clear redirect, treat it cautiously and verify directly.
- As the move is large-scale (200+ banks reported gearing up), infrastructure/stability issues can occur — banks and customers should monitor for login errors or phishing alerts.
Takeaways
- The RBI’s mandate to migrate to “.bank.in” domains is a strategic step to enhance digital trust and reduce online banking fraud.
- As a customer/investor, you need to stay updated on your bank’s domain change, verify authenticity, and update your bookmarks/links accordingly.
- While a new domain is an important signal of authenticity, good login hygiene, awareness of phishing, and secure practices remain essential.
- Major banks are already reported to have started migration; smaller/regional banks will follow — you should check your bank’s official communication.
