Securing Digital Banking: RBI Mandates Migration to [.]bank[.]in Domains
Introduction
The Reserve Bank of India (RBI) has mandated banks to switch their digital banking domains to 'Bank.in' by October 31, 2025, as part of a strategy to modernise the sector and maintain consumer confidence. The move is expected to provide a consistent and secure interface for online banking, as a response to the increasing threats posed by cybercriminals who exploit vulnerabilities in online platforms. The RBI's directive is seen as a proactive measure to address the growing concerns over cybersecurity in the banking sector.
RBI Circular - Migration to '.bank.in' domain
The official circular released by the RBI dated April 22, 2025, read as follows:
“It has now been decided to operationalise the ‘. bank.in’ domain for banks through the Institute for Development and Research in Banking Technology (IDRBT), which has been authorised by National Internet Exchange of India (NIXI), under the aegis of the Ministry of Electronics and Information Technology (MeitY), to serve as the exclusive registrar for this domain. Banks may contact IDRBT at sahyog@idrbt.ac.in to initiate the registration process. IDRBT shall guide the banks on various aspects related to application process and migration to new domain.”
“All banks are advised to commence the migration of their existing domains to the ‘.bank.in’ domain and complete the process at the earliest and in any case, not later than October 31, 2025.”
CyberPeace Outlook
The Reserve Bank of India's directive mandating banks to shift to the 'Bank.in' domain by October 31, 2025, represents a strategic and forward-looking measure to modernise the nation’s digital banking infrastructure. With this initiative, the RBI is setting a new benchmark in cybersecurity by creating a trusted, exclusive domain that banks must adopt. This move will drastically reduce cyber threats, phishing attacks, and fake banking websites, which have been major sources of financial fraud. This fixed domain will simplify verification for consumers and tech platforms to more easily identify legitimate banking websites and apps. Furthermore, a strong drop in online financial fraud will have a long-term effect by this order. Since phishing and domain spoofing are two of the most prevalent forms of cybercrime, a shift to a strictly regulated domain name system will remove the potential for lookalike URLs and fraudulent websites that mimic banks. As India’s digital economy grows, RBI’s move is timely, essential, and future-ready.
References
Related Blogs
Executive Summary
A video showing a military convoy moving along a road is being widely circulated on social media with the claim that the entry of CRPF forces into West Bengal has changed the situation on the ground, suggesting strict action is underway during the ongoing elections. However, research by CyberPeace found the claim to be misleading. The video is not recent and has been available online since February 2025.
Claim
The 12-second viral clip shows multiple heavy vehicles moving in a convoy on a road. It has been shared on X (formerly Twitter) with a caption claiming that CRPF’s entry into West Bengal has led to a shift from dialogue to strong action, along with communal assertions.
Fact Check
During the verification process, we found that the same video had been posted by several X users around February 17, 2025. In those earlier posts, the video was described as being from Manipur, not West Bengal.
Further analysis revealed that the video contains background audio in the Manipuri language. To confirm this, we contacted a Manipuri journalist, who stated that the audio includes announcements asking people to stay indoors and avoid gathering on the streets. Notably, this audio is missing in the currently viral version of the clip.Although we could not independently verify the exact date and precise location of the footage, visual elements such as road dividers and streetlight patterns closely resemble those found in Imphal, the capital city of Manipur.
Additionally, reports confirm that central armed police forces have indeed been deployed in West Bengal for election duties in multiple phases. However, there is no evidence linking this specific video to those deployments.
Conclusion
The viral claim is misleading. The video does not show CRPF deployment in West Bengal during the ongoing elections. Instead, it appears to be an older clip from Manipur, likely recorded in early 2025, and has been shared with a false and communal narrative. There is no credible evidence to support the claim made alongside the video. Users are advised to verify content before sharing, especially during sensitive events like elections.
Introduction
In today’s digital environment, national security challenges extend well beyond traditional military domains. One growing concern is the unauthorised extraction of information, which is increasingly being used through subtle and gradual methods rather than overt force. Recent advisories point to a rising pattern in which foreign organisations seek to recruit individuals to collect and handle sensitive material, often using financial cybercrime networks as part of their operational ecosystem. This trend has implications for journalists, defence personnel, researchers, students, and academics working in strategic, geopolitical, and security-related fields. The core risk lies in the fact that these activities can proceed quietly and without coercion, with participants sometimes unaware that their actions may contribute to intelligence gathering efforts.
Digital Platforms as Vectors for Targeted Recruitment
Professional networking and job portals have become central to modern career development. The same visibility that supports professional advancement is being misused by others. Foreign entities reportedly use these platforms to identify individuals with experience in journalism, defence services, strategic studies, cybersecurity, and international relations.
Early-career professionals and students from reputed Higher Education Institutions (HEIs) are particularly vulnerable because they seek freelance work, research experience and international partnerships. Initial outreach is often framed as legitimate consultancy, research assistance, or content development work, which creates the impression of professional credibility through normal business operations.
Task-Based Information Extraction
The organisation assigns writing and research duties to new employees, which seem simple to perform. The topics of source-based articles and analytical pieces include the following two subjects about India.
- The first subject examines India's foreign relations with its strategic partnerships.
- The second subject investigates how armed forces operate through different military movements.
- The third subject focuses on defence procurement activities, which include weapon system development and modernisation projects.
- The fourth subject investigates military activities through joint training exercises and war simulation exercises.
The public possesses most of this knowledge, but its threat emerges from the process of collecting and interpreting data with contextual information. The collection of insights from various sources enables organisations to identify operational patterns, strategic priorities and capacity evaluations which go beyond particular data points.
The Financial Cybercrime Nexus
The financial system that pays contributors presents itself as a major problem for this activity. Payments are often routed through:
- Indian bank accounts, including student accounts
- Funds originating from cyber fraud or financial crimes
- Occasional overseas transfers structured to avoid scrutiny
The system establishes a direct connection between financial cybercrime activities and the theft of confidential information, which brings unintentional danger of legal issues and public image damage to those involved. The Indian legal system considers all connections to illegal financial activities as serious offenses even when the person involved did not intend to commit any crime.
Concealed Identities and Data Harvesting
The entities that conduct recruitment activities willfully hide their real identities. The organisation uses intermediaries for their operations, which they present as foreign consulting firms, think tanks and analytics companies. Contributors who have defence or security experience will face requests to provide their personal data, which includes their PAN and Aadhaar information.
The collection of such data raises significant concerns. The system creates permanent privacy hazards that permit unauthorised access to personal data and identity theft and coercive practices. The ultimate use of this information often remains opaque to the individuals providing it.
Why Incremental Leakage Matters
The threat operates silently because it lacks the visibility of major cyberattacks. The combined effect of all articles and research notes becomes dangerous because no single element can cause harm. Hostile organisations can use incremental information leakage to undermine national security because they can analyse their gathered data to create:
- maps of strategic capabilities,
- defence readiness evaluations,
- security and foreign policy narrative control.
The process of information sovereignty erosion occurs through the establishment of undefined boundaries between journalism and academic research, and consultancy and strategic analysis. The lack of clear boundaries between journalism and academic research, consultancy and strategic analysis makes it difficult to determine who is responsible for research outcomes.
The Role of Institutions and Individuals
The universities and media outlets, together with the professional organizations have essential functions in their quest to diminish environmental effects. The organisation should perform the following proactive steps:
- The organisation should organise training programs which will educate people about its services.
- The organisation should require researchers to conduct thorough investigations before they accept paid assignments for research work and writing tasks.
- The organisation should recommend that people do not share their identity documents except when their institution requires it for authentication purposes.
- The organisation should create specific methods to report any suspicious activities that people might encounter.
Students and professionals need to understand that their specialised knowledge and trustworthiness can be used against them. People must protect their digital identities through three actions, which include verifying their affiliations and assessing the complete effects of their daily activities.
Conclusion
Cyber enabled threats to national security increasingly operate in grey zones, which makes their legality, legitimacy, and true intent difficult to assess. The convergence of foreign recruitment efforts, financial cybercrime, and covert information gathering creates a persistent risk that is still not widely recognised or fully understood. The state does not bear exclusive responsibility for protecting sensitive information. National resilience in an interconnected knowledge economy requires organisations to develop three core capacities, which include institutional awareness and restraint and institutional vigilance. Cyber resilience depends on two essential factors, which include secure systems and informed citizens, because data continues to determine power relationships.
References
- https://reports.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2025.pdf
- https://www.cyber-espionage.ch/
- https://www.theguardian.com/world/2025/nov/18/mi5-issues-alert-to-mps-and-peers-over-chinese-espionage
- http://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/download/263/92
- https://www.researchgate.net/publication/368461675_Cyber_Espionage_Consequences_as_a_Growing_Threat
Introduction
India’s telecommunications infrastructure is one of the world’s largest and most complex, serving over a billion users across urban and rural landscapes. With rampant digitisation and mobile penetration, the vulnerability of telecom networks to cyber threats has grown exponentially. On April 24, 2025, the Ministry of Communications (MOC) released a draft of the “Telecommunications (Telecom Cyber Security) Amendment Rules, 2025,” to update the prior Telecommunications (Telecom Cyber Security) Rules, 2024, to improve cybersecurity in India's telecom industry and fortify network security. Public comments and recommendations regarding these draft rules can be sent to the department by July 24, 2025, after they have been made available for public comment. These rules are enacted under the Telecommunications Act, 2023, to enhance national cybersecurity in the telecom domain. These rules aim to prevent misuse of telecom networks and reinforce data and infrastructure protection mechanisms across service providers.
Safeguarding the Spectrum: Unpacking the 2025 Cybersecurity Revisions
The menace of fraudulent SIM cards deals the issue of cyber threats a fresh hand. The rising number of digital scams can also be attributed to unverified or fake mobile numbers. Fraudulent SIM cards have often been linked to various cybercrimes such as phishing, vishing, SIM swapping and identity theft. The situation has worsened in the face of easy availability of pre-activated SIM cards and weak KYC enforcement. In a recent example, as per reports of June 28, 2025, the Special Task Force (STF) found that the accused was operating a criminal nexus where he utilised fake documents and the Aadhaar credentials of law-abiding locals to activate numerous SIM cards. Following activation, the SIMs were either transferred to other telecom carriers for additional exploitation or sold illegally. This poses a serious concern for the data protection of vulnerable individuals, especially those in rural areas, whose credentials have been compromised.
Given the adverse state of cybersecurity in the telecom industry, the Telecommunications (Telecom Cyber Security) Rules, 2024, were passed on 22nd November, 2024, which put various telecom entities under an obligation to actively prevent cybersecurity threats by adopting such policies that mitigate cybersecurity risks and notify the same to the Central Government. The 2024 Telecom Cybersecurity Rules were a significant step in fortifying India’s telecom infrastructure against cyber threats, but they primarily focused on licensed telecom service providers, leaving behind a large segment of digital platforms operating outside the traditional telecom framework largely unregulated.
Expanding the Net: Key Revisions Under the 2025 Cybersecurity Amendment Rules
The amended rules of 2025 adequately address the regulatory blind spot that is created by the rapid expansion of online services, fintech apps, OTT platforms and social media networks, as these platforms often rely on telecom identifiers such as mobile numbers for user onboarding and service delivery. This regulatory blind spot was exploited for fraud, impersonation and other cybercrimes, especially in the absence of standardised identity verification mechanisms. The proposed regulations would give the government the authority to require private companies’ clients to provide identification if they use a mobile number. For a fee, businesses can also undertake this kind of verification on their own. “ The draft rules introduce a new category called “Telecommunication Identifier User Entities’ (TIUEs), extending cybersecurity compliance obligations to a broad category that now captures any entity using telecom identifiers to deliver digital services. It also creates a unified, government-backed verification framework, enabling better interoperability and uniform user identification norms across sectors.
While strengthening national digital security is the goal of the Telecom Cybersecurity (Amendment) Rules, 2025, the proposed rules create a great deal of uncertainty and compliance difficulties, especially for private digital platforms. A broad definition of Telecommunication Identifier User businesses (TIUEs) may include a variety of businesses, including e-commerce services, fintech apps and OTT platforms, under the purview of required mobile number verification. Given that many platforms already have advanced internal processes in place to verify users, this scope uncertainty creates significant concerns regarding operational clarity.
Conclusion
The Telecommunications (Telecom Cyber Security) Amendment Rules, 2025, represent a necessary evolution in India’s quest to secure its telecom ecosystem amid growing cyber threats. The draft regulations recognise the evolving landscape of digital services by broadening the legal scope to encompass Telecommunication Identifier User Entities (TIUEs). Though the goal of creating a strong, transparent and accountable framework is admirable, more clarification and stakeholder involvement are required due to the scope’s vagueness and the possible compliance burden on digital platforms. A truly durable telecom cybersecurity regime will require striking the correct balance between security, viability and privacy.
References
- https://www.cyberpeace.org/resources/blogs/the-government-enforces-key-sections-of-the-telecommunication-act-2023
- https://www.cyberpeace.org/resources/blogs/govt-notifies-the-telecommunications-telecom-cyber-security-rules-2024
- https://the420.in/uttarakhand-stf-busts-fake-sim-racket-linked-to-cyber-crimes-and-nepal-network/
- https://www.thehindu.com/business/dot-puts-out-draft-rules-to-enable-mobile-user-validation/article69741367.ece
- https://www.scconline.com/blog/post/2025/06/28/dot-telecom-cyber-security-draft-policy-update/
