India's Real-Time Defence Against Cyber Fraud: Inside the RBI's Financial Fraud Risk Indicator
The RBI has mandated integration with the DoT's Financial Fraud Risk Indicator (FRI) — a real-time, mobile-number-based fraud scoring system that assigns every number a risk tag before a transaction clears. PhonePe, ICICI Bank, HDFC Bank, Paytm, and PNB are already integrating. This is the next layer of India's Digital Public Infrastructure.
The Silent Pandemic: Cyber Fraud in India’s Digital Payments
India’s digital finance revolution — UPI, mobile banking, instant settlements — has transformed how we transact. But it has also exposed structural gaps in fraud detection. By the time a fraud is reported, the money is gone, the phone is untraceable, and the mule account is shut.
That is exactly what the Financial Fraud Risk Indicator (FRI) — launched by the Department of Telecommunications’ Digital Intelligence Unit in May 2025 and backed by RBI’s June 30, 2025 advisory — is designed to fix.
What the FRI Does
The FRI is a real-time, mobile-number-based fraud scoring system that assigns every number a risk tag: Medium, High, or Very High. Key inputs powering it:
- Complaints from the National Cybercrime Reporting Portal (NCRP) under MHA’s I4C
- Data from Chakshu, DoT’s public alert system for telecom abuse
- Signals from banks, fintechs, and UPI platforms
- The Mobile Number Revocation List (MNRL) identifying disconnected or fraud-used numbers
Telecom meets transaction intelligence to provide a real-time lens into potential fraud vectors — before the money moves.
How It Works in Practice
Following RBI’s June 30, 2025 advisory, all Scheduled Commercial Banks, Payment Banks, Cooperative Banks, and UPI players are expected to integrate with the FRI API.
The flow:
- Customer initiates a UPI payment or banking session
- Bank queries the DoT API with the customer’s mobile number
- Based on risk level: block or delay the transaction, alert the user, or trigger enhanced verification
- Bank shares confirmed fraud instances back to DoT, improving the model
This continuous feedback loop is what makes FRI structurally different from static blacklists — it learns at the speed of the fraud network.
Why This Is a Step Change
- First-of-its-kind public infrastructure — government-grade intelligence powering frontline banking systems
- Frictionless but proactive — no added customer burden in the normal flow, but instant response when risk is detected
- Cross-sector collaboration — RBI, DoT, banks, fintechs, and law enforcement operating from a shared signal grid
- Model agility — FRI evolves with new fraud tactics, not locked to a rule set defined at launch
PhonePe, ICICI Bank, HDFC Bank, Paytm, PNB, and India Post Payments Bank are already integrating. Early pilots show promise in flagging SIM-swap scams, tele-call frauds, and UPI impersonation at the source — the mobile number itself.
The CXO Action Agenda
Prioritise FRI integration in Q3–Q4 2025 — treat it as part of your fraud modernisation roadmap, not a compliance checkbox.
Cross-link with KYC and device intelligence — FRI alongside device fingerprinting and Aadhaar/PAN validation builds the layered defence that single-signal systems cannot provide.
Collaborate with DoT’s Digital Intelligence Platform — share back fraud findings to enrich the model and influence its evolution. Early contributors shape the standard.
Educate fraud ops and customer support teams — FRI will surface friction points that require human judgement, not just automated blocking.
FRI is the next layer of India’s Digital Public Infrastructure. It is not perfect, but in a world where scams travel faster than systems can react, it offers a chance to stay one step ahead.
Sources: PIB Press Release (May 2025), RBI Advisory June 30 2025, Domain-B, TechCircle, Swarajya.