ONLINE SECURITY

Your Protection Is Our Priority!

Your Protection Is Our Priority!

Citibank has brought in systems and processes to protect your valuable online banking transactions, right from the time you login till the time you logout.

How does Citi protect you?

Protecting you and providing a secure environment is a top priority for Citibank. Some of the online security measures taken are given below.

Secure Internet banking

 

Secure Online purchases

 

Secure Mobile banking

 
Secure Internet banking
Logins

Click on    to expand and on    to minimize the details.

The 128-bit Encryption protects all data that is transferred between your Online Citibank Account, internet and your personal computer.

You can now use your mouse to login with the new Citibank Online virtual keypad login screen. The virtual keypad is dynamic and the position of characters changes every time. This protects you from malicious 'Spyware' and 'Trojan Programs' designed to capture your keystrokes and reveal your secret password.

Get the advantage of double protection with the One Time Password. It is a unique password which will be sent only to your mobile number registered with Citibank for performing online transactions apart from basic viewing of our account details. Please note that the OTP received is for single use only and is valid for 5 minutes from the time of generation.

This One Time Password acts as an additional layer of security to your login ID and password.

Transactions

Click on    to expand and on    to minimize the details.

Multi Factor Authentication is done for your sensitive transactions such as adding a new payee, transferring funds and updating your contact details. It is a one time unique password which will be sent to your mobile phone to ensure the safety of your information updates.

In order to enable higher level of security by means of Multi-Factor Authentication, we have introduced Digital certificate Transaction signing as an option for customers. Customers with Digital certificate can register for this function and sign sensitive financial transactions using this digital certificate. Following are the list of transactions that can be digitally signed.

  • Transfer to another Citibank account
  • Transfer to another bank account via
    1. NEFT (National Electronic Fund transfer)
    2. RTGS (Real Time Gross Settlement)
    3. IMPS (Immediate Payment Service)
  • Request for Demand Draft
  • Salary Upload and Bulk Upload (Applicable only to customers enabled for this functionality)

Always remember to logout from your banking sessions when you have finished. However, if at any point of time you forget to logout, or if you are inactive for several minutes on the Citibank website, "time out" session will automatically log you off from the website. This ensures no one else will gain access or view your account information. To resume your banking activity, you will have to login to your account again.

If the Internet Password (IPIN) has been entered incorrectly three consecutive times, Citibank will lock any further online access to the accounts. If you have been locked out of your accounts due to incorrect PIN/password entry, contact your local Citibank Customer Service Officer.

Digital Certificates help you identify unauthorized sites. They give you evidence of the server's authenticity once the session is encrypted. This is done by the Certification Authority, VeriSign. You will see a 'closed lock' icon at the bottom of the Internet Banking screen. When you click on the lock you will see the VeriSign Certificate authenticating the site. The Citibank website has been authenticated by VeriSign Certificate and this will make sure that your online transactions are secure.

EVSSL is an online security certificate to ensure your peace of mind. This is an online security feature where the address bar changes to green colour, so you know the Citibank website you are visiting is genuine. This feature is supported by latest version browsers. We are aware of the OpenSSL vulnerability, and all of our customer- and client-facing banking sites across the Consumer Bank and the Institutional Clients Group have been safeguarded against the Heartbleed bug.

The Citibank websites have several firewalls that protect the computer servers, thereby preventing unauthorized access to our network. This makes your online banking transactions safe and secure. Citibank monitors these firewalls from time to time and also constantly updates them to prevent security breaches.

Signing up for eStatements will ensure that no one else gets your account statements but you. You can save time in retrieving your statements as well as have an archive to locate any of your earlier statements right at your desktop. It also helps in reducing clutter and avoids paper trail.

Alerts

Click on    to expand and on    to minimize the details.

There are instant email and sms alerts sent on all your purchases and transactions done with your Debit/Credit Card to your email ID and mobile phone numbers registered with Citibank. This will ensure you know and keep a track of the purchases you make with your card and alert you if you notice any discrepancies.

Every time you sign in to Citibank Online, your last login date and time will be displayed on the top of the page. This will help you notice any unauthorized logins and alert you if someone other than you had accessed your account.

Secure Online purchases

An extra level of authentication is necessary when you shop online with your Citibank Debit / Credit Card apart from the basic details that you enter for your purchases. After you finish entering your Card details at the merchant website, you will be directed to our secured Citibank Payment gateway, where you will be required to enter your login details and IPIN (Internet Password) or through an OTP (One Time Password) sent to your mobile phone to authenticate and complete your transaction.

Secure Mobile banking

Mobile security

Citi Mobile provides the same level of security as Citibank Online. Here's what we do and what you need to do while banking on your mobile phone.

Security Measures On Citi Mobile

On Citi Mobile your information is protected by the following security measures:

  • Citi Mobile doesn't store personal account information on mobile devices, so your accounts are not exposed if your phone is lost or stolen
  • When you use Citi Mobile, your information is protected by 128-bit encryption, just as when you bank online
  • All Card numbers, account numbers, and other sensitive information is masked when displayed on Citi Mobile
Safe Downloads

When downloading the Citi Mobile app to your mobile device, be sure to go to a trusted source such as the App Store on the iPhone® and iPod touch, ®or Google's Android Market. You can alternately SMS to 52484 and click on the download URL in the response SMS and install the application. Do not download the app from any other third party source.

Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. iPhone® is a trademark of Apple Inc. Android™ is a trademark of Google Inc.

Service Providers
  • Secure your phone with a strong pass code or other privacy feature
  • Do not store your bank account number or IPIN on your mobile phone
  • Be careful when typing out your account number and password details on the mobile phone, especially while using the phone in a public spot, to prevent shoulder surfing
  • Please report the loss of mobile phone to the bank so that we may disable the IPIN and access to your account through Citi Mobile
  • Take the same precautions on your mobile phone as you do on your computer with regard to messaging your account information, downloading applications and online safety
  • Be aware that email or SMS messages requesting your personal identification number, account number or other information is certainly fraudulent
  • Download anti-malware protection for your mobile phone or tablet device
  • Do not root or jailbreak your mobile device to get around limitations set by your carrier or device manufacturer. It may remove any protection built into the device to defend against mobile threats
  • Beware of everything you download onto your smartphone, especially applications. Only use reputed applications from the market. Look at the developer's name, check out reviews and star ratings. Always check the permissions an application requests and ensure that the requests match the features the application provides