Summary of this article
Banks migrating to new secure .bank.in domain
Old domains redirect while transition continues nationwide
Users must avoid old URLs that still function normally with redirecting to the new site
The Reserve Bank of India (RBI) had asked all Indian banks to relocate their official websites to the .bank.in domain before 31 October 2025. This is applicable only to Indian banks. Foreign banks operating in India are excluded from this requirement. The aim is to give customers a clear and verifiable domain format that can only be used by authorised banks.
Confirmation of the Directive by PIB
Following this, the Press Information Bureau (X handle: PIB Fact Check) clarified via X that RBI has indeed instructed banks to move to .bank.in. The post quoted that banks should transfer their existing domains to the new format before the deadline date. It said that the National Internet Exchange of India (NIXI) has appointed the Institute for Development and Research in Banking Technology (IDRBT) as the exclusive registrar for the new domain.
The PIB post also contained a small video explaining the reason behind adopting this new domain. The video highlighted that India reported about 24 lakh cases of digital fraud between April 2024 and January 2025, with losses totalling about Rs 4,200 crore. It said nearly 38 per cent of these frauds came from phishing attempts using fake banking websites. The video reiterated that only the approved banks by RBI can use the new domain, and that users should treat those not ending with .bank.in as potentially unsafe.
The Confusion about Older Bank URLs
There have been several complaints on social media over the fact that older bank URLs show up in search results. A viral post on social media questioned whether old domains indicated a scam.
It should, however, be remembered that the mere presence of an older URL in search results does not mean fraud. During the migration period, many Indian banks continue to retain these old domains. If you click on those older links that pop up in the results page of the search engine, genuine banks would always redirect you to the new site, ending with .bank.in. The correct website would look somewhat like this: youbankname.bank.in.
If you are not directly redirected to the new site, and the old site shows a pop-up window displaying that the bank has migrated to a new site, a domain ending with .bank.in, this also means that they are genuine.
But, if the old site still seems to be working fine with the domain not containing .bank.in, and does not redirect or warn you of the migration, it most likely is a scam.
When an Old URL May Indicate a Problem
An older URL becomes suspicious when it does not redirect to the new .bank.in site but acts as a login page itself. A fully active banking page on an old domain can be a sign of a phishing setup created by a third party. Users should therefore treat such pages with caution and not enter any details regarding login.
Status of Migration Across Banks
Most Indian banks have already migrated to the .bank.in domain or are on the verge of completing the migration. In the case of regional rural banks, several have already made the transition, while others are still in the process of upgrading their internal systems and website architectures. For example, the Uttarbanga Kshatriya Gramin Bank is still using its old site, ending with .org. In case of confusion, visit the bank branch in person.
The foreign banks operating in India do not need to migrate to the .bank.in domain and continue with their original global domains.
Why is this Move Important
The move comes at a time when bank frauds continue to be an issue. According to the RBI's annual report, the number of reported fraud cases in FY25 fell to 23,953, down 34 per cent compared to the previous year. But the total value involved has gone up to Rs 36,014 crore. The rise was caused by the re-classification of 122 cases from the earlier years aggregating Rs 18,674 crore following a Supreme Court judgment in March 2023. Private sector banks accounted for 14,233 incidents in FY25, about 59.4 per cent of all cases.
The public sector banks reported 6,935 cases but recorded a much higher fraud value of Rs 25,667 crore against Rs 10,088 crore reported by private banks. These figures show why consistent domain policies and customer awareness are being prioritised.
What Users Should Be Looking For During The Transition
During the period of migration, users may still see the older domains in search results or in bookmarks. A legitimate bank domain will automatically redirect to the new .bank.in website. If an older domain does not redirect and instead attempts to function like a complete banking site, users should treat it as a potential phishing attempt.
Banks, especially smaller ones or some rural banks, may take some more time to carry out the required technical changes. Users and banks will, therefore, continue to see old and new domains operating simultaneously for some time, as updates are being carried out across websites, apps, and communication systems.
