We have gone to extraordinary lengths to ensure that your Citibank® Online experience is safe, and your accounts and personal data are secure. Our security features are built on the latest technologies and processes.
Citibank® Online currently supports the following security levels:
All data exchanged between Citibank and your computer are encrypted using TLS* 1.0, 1.1, 1.2, and AES** 128 GCM, to make sure your data are not compromised during their transmission.
You yourself choose your user ID and password at the time of registration for Citibank® Online, which guarantees full data confidentiality. Choose a combination of letters and numbers easy for you to remember but hard to guess. We advise against using your own name, names of your family members, dates of birth or other personal information, or using the same password for different websites. Do not write down your password or share it with anyone else, even Citibank staff.
Most of Citibank® Online key functions are additionally protected by a one-time password texted to your mobile phone number. The entering of one-time password gives us added assurance that it’s you who is initiating the transaction.
Every time you sign on to Citibank® Online, you see the date and time of your last login shown under the main menu. Please pay attention to this information, as it will help you find out if someone else has been trying to access your account.
By the way, if someone tries to access your account and enters a wrong password, we will immediately notify you of a failed sign-on attempt by text message and will also show this information on your Citibank® Online page under the main menu. If it weren’t you who made this sign-on attempt, make sure to call CitiPhone and change your user ID and password.
All account and card numbers in Citibank® Online are automatically masked at every login, enabling you to see the name of the account and the last four digits of the account number only (e.g., «Current xxxxxxxxxxxx 4467»).
If you need to view the full account number (e.g., to find out payment details), you can unmask your account numbers for the current session. At your next login, the account and card numbers will be masked again.
Do not just close your browser window after you have completed your session. Make sure to click the «Sign Off» button in the top right-hand corner.
If you are inactive for five minutes, the system will automatically log you out for security reasons. To continue working in Citibank® Online, you will need to sign on again.
If you suddenly notice that your SIM card isn’t working, contact your service provider to find out the reason, as soon as possible. If it turns out that someone else has obtained a duplicate SIM card without your knowledge, call CitiPhone immediately!
Some websites may appear to be legitimate but actually are counterfeits. Take a few extra seconds and type in the URL yourself.
Don’t sign on to Citibank® Online at public internet access points (e.g., cyber cafes) or Wi-Fi hotspots, but if you do, change your user ID and password as soon as possible. This is important because public computers may be infected with malware that can intercept your password without your knowledge.
If you also do online banking on your smartphone, don’t forget to install an antivirus on your smartphone too. If possible, install a personal firewall to block any unauthorized connection attempts. A firewall is especially important if you have a high-speed internet connection.
Some browsers offer to save your login credentials. We advise against doing this, or anyone who has access to your computer will be able to sign on to Citibank® Online by simply selecting the login credentials saved by the browser. The autosave function can be disabled in your browser settings. We would also recommend that you clear your browser cache and Downloads folder from time to time, and do not use virtual keyboards.
For enhanced security, all the devices you use to access Citibank Online and the web-based version of Citi Mobile at mobile.citibank.ru must support the TLS 1.2 protocol as of November 5, 2017. If the device you are using to access Citibank Online or Citi Mobile supports a protocol lower than TLS 1.2, an error page will be displayed.
Please make sure that your browser and operating system meet the minimum requirements listed below.
|Web Browser||Operating System|
|Google Chrome 30||Windows 7|
|Firefox 31.3.0 ESR||Windows 7|
|Internet Explorer 11||Windows 7|
|Opera 17||Windows 7|
|Firefox 27||Windows 8|
|Internet Explorer 11||Windows 8.1|
|Internet Explorer 11||Windows 10 Preview|
|Edge 12||Windows 10|
|Firefox 49||XP SP3|
|Google Chrome 49||XP SP3|
|Google Chrome 34||OS X|
|Firefox 29||OS X|
|Safari 7||OS X 10.9|
|Safari 8||OS X 10.10|
|Safari 10||OS X 10.12|
|Web Browser||Operating System|
|Internet Explorer 11||Windows Phone 8.1|
|Edge 13||Windows Phone 10|
|Safari 5||iOS 5.1.1|
Otherwise, please update your browser and/or operating system.
How to check your browser version
Please do the following depending on what browser you use:
Citibank will never ask for your current PIN or TPIN for transaction purposes in Citibank® Online! You only enter your PIN when you activate your card or change your PIN. Your TPIN is only used for identification and authorization purposes when you call CitiPhone. Your PIN is only required for ATM transactions and POS purchases.
To sign on to Citibank® Online, you only need to enter your user ID and password. Please note that Citibank® Online will only ask for your bank card number, its valid thru date, and your date of birth, for the following purposes:
* Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The primary goal of the TLS protocol is to provide privacy and data integrity between two communicating computer applications. When secured by TLS, connections between a client (e.g., a web browser) and a server have one or more of the following properties:
** Advanced Encryption Standard (AES) is a symmetric-key block cipher algorithm.