| | Home>Other Services>Online Security Tips | |  |  | | At Citibank, we're constantly updating our security technology to protect your privacy and confidentiality. It is as important that you take the necessary measures to safeguard yourself. | | | To ensure your online banking sessions are secure, Citibank recommends that you follow these simple security tips. | | |      | | Do Not Use Public Or Shared Computers: | | - You are responsible for keeping your PIN confidential. You should not use public or shared computers like those in Internet Cafes or even computers belonging to someone else for Internet banking, you may be open to harmful or specific software programs housed within these computers, which could capture your personal information.
| | | Bank Safely Online: | | - Always enter the Citibank website address "http://www.citibank.com.sg" , "www.citigold.com.sg" or "www.citibank.com.sg/commercial" directly into your browser address bar before you login to ensure that you are on the legitimate Citibank website.
- Check that the bank's website address changes from http:// to https:// and a security icon that looks like a lock or key appears at the bottom of the webpage when authentication and encryption is expected.
- You can click on the lock icon at the bottom of the webpage to review the Secure Sockets Layer (SSL) certificate information. The certificate should be issued to www.citibank.com.sg , www.citigold.citibank.com.sg or www.citibank.com.sg/commercial
- Click log out when you have finished your banking session. Do not just close your browser window.
- Update the bank when you change your contact details. This will enable us to contact you in a timely manner if we detect unusual transactions.
- If you hold a Citibank banking account, check your accounts on a regular basis and contact Citibank immediately at our 24-hour CitiPhone Banking at
(65) 6225-5225 should you encounter any difficulties or irregularities. - If you hold a Commercial Bank account, check your accounts on a regular basis and contact Citibank immediately at our 24-Hour Commercial Bank Hotline at (65) 6238-8833 should you encounter any difficulties or irregularities.
| | | How to Protect Your PIN: | | - Your PIN should be at least 6 digits or 6 alphanumeric characters, without repeating any digit or character more than once.
- Your PIN should not be based on a user-id, personal telephone number, birthday or other personal information.
- You should memorise your PIN and not record it anywhere.
- You should change your PIN regularly.
- Always enter the Citibank website address "http://www.citibank.com.sg" or "www.citigold.com.sg or www.citibank.com.sg/commercial" directly into your browser address bar before you login to ensure that you are on the legitimate Citibank website.
- Click log out when you have finished your banking session. Do not just close your browser window.
- You should use a separate PIN for online banking and for logging into other non-banking websites.
- You should not use the same digit more than twice in your PIN.
- Ensure that no one is watching you while you key in your PIN or any other sensitive information. Do not share your PIN or make it accessible to others.
- You should NOT reveal your PIN to anyone even if they purport to be a staff member of Citibank.
- Check your accounts on a regular basis and contact Citibank immediately at our 24-hour CitiPhone Banking at 6225-5225 should you encounter any difficulties or irregularities.
| | | One-Time PIN (OTP): | | - You should not allow anyone to keep, use or tamper with your Online Security Device(OSD).
- You should not reveal the OTP generated by your OSD to anyone.
- You should not divulge the serial number of your security token to anyone.
- If you hold a Citibank banking account, you should update the bank immediately when you misplace your mobile phone or change your mobile number.
- If you hold a Commercial Bank account, you should update the bank immediately when you misplace your OSD.
| | | Protecting Your Computer | | - Do not select the option auto save on browsers for storing or retaining user name and password when logging into online banking
- Make sure your computer has the most current anti-virus software. Anti-virus software needs frequent updates to guard against new viruses. Make sure you download the anti-virus updates as soon as you are notified that a download is available.
- Make sure your computer's Operating System and browser software is updated with the latest security patches
- Install a personal firewall and the latest anti virus software to help prevent unauthorized access to your home computer, particularly when they are linked via broadband connections, digital subscriber lines or cable modems. Be sure to update the anti-virus and firewall products with security patches or newer versions on a regular basis
- Clear your browser's cache and history after each session so that your account information is removed, especially if you are using a shared computer.
- If you are using a Windows OS, ensure File & Print sharing is disabled while online, particularly if you are linked to the Internet via any broadband connection, digital subscriber lines or cable modems.
- Make regular backups of critical data.
- Consider the use of encryption technology to protect highly sensitive data.
| | | Wireless Networks | | - You should set a password for your wireless point. This will prevent unauthorised users from accessing and using your wireless connection.
- Disable broadcasting to your network name (SSID-Service Set Identifier) to prevent casual surfers from detecting and connecting to your wireless network.
- You should use encryption on data transmission to protect your wireless network.
- You should allow only registered machines for your wireless network.
| | | Beware Of Scam Emails: | | - A fraudulent (a.k.a. spoofing, impostor, or phishing) e-mail is one that has been forged. It usually tricks you into providing sensitive personal information either on the spot (e.g. by replying to the e-mail) or including links to a fake website that tries to get you to disclose personal data or log in. See examples of scam emails on citibank.com.
- Do not disclose personal, financial or credit card information to little known or suspect websites.
- Do not open email attachments from strangers or install software or run programs of an unknown origin.
- Under no circumstances will Citibank ever send you an email asking for your personal information. You should NOT respond to such email or reveal your PIN to anyone.
| | | Beware Of Spyware: | | - Spyware is a piece of software inserted in your computer that collects information about you and your Internet traffic.
It is stored in your PC (with / without your consent) when you download software, games, screensavers, etc from the Web. It usually claims to be able to improve your computer's performance. - Spyware can be used maliciously to gain access to your passwords, PINs, card numbers and Internet browsing history.
They can also be used to scan files on your hard drive and slow down your computer by consuming system resources leading to system instability or a crash. - Do not log in to Citibank Online while such software is installed on your computer.
If you have installed any software that claims to speed up your internet connection, or have additional third-party toolbars on your browsers, then you may be using software that has the ability to track your internet sessions. We recommend that you uninstall such software. | | | Protecting our customers and providing a secure online banking experience is top priority at Citibank. Here's the list of features we work with to make banking with us safer: | | | 128 Bit Encryption | | | All data sent to and from Citibank is "scrambled" and "reassembled" between Citibank and your personal computer using 128-bit encryption, the highest level of encryption commercially available.s | | | Secured log in using Card Number and Personal Identification Number (PIN) | | | Only customers using their Citibank ATM card / Credit Card number and PIN, will be able to access the accounts. A customer's PIN must be entered every time he/she logs into Citibank Online. Under no circumstances will Citibank store a customer's PIN locally on his/her computer. | | | One-Time PIN (OTP) | | | Whether you are logging on from home, the office or elsewhere, the One-Time PIN (OTP) when used with your User Name and Password, provides additional protection against unauthorised access of your online account information and from various forms of online fraud. | | | Dynamic PIN Pad | | | Citibank offers an enhanced PIN Pad log in mechanism that provides extra security for our customers when they log in. | | | Automatic Time Out | | | When there is no activity for 8 minutes, Citibank will terminate customer's secured Citibank Online session to help protect against unauthorized access. | | | Strict Protection of Customer Information | | | Citibank has strict standards of security and confidentiality to safeguard the confidentiality of customer information. Regular audits are conducted internally to uphold these standards. | | | Adherence to Regulatory Standards | | | We abide by all information security and online banking regulations set by the authorities both here in Singapore and in the U.S., with regular audits conducted to ensure compliance. | | | Online banking users also have a role to play to ensure that they are protected online. | | - You are responsible for keeping your PIN confidential. Take all steps to prevent discovery of your PIN and the unauthorized access of your account, which would include ensuring that no one is watching you while you key in your PIN.
- Do not use a shared computer or device that cannot be trusted for online banking such as an Internet Cafe computer.
- If you believe that your card number and/or ATM/credit card PIN may have been lost or stolen, or that someone has transferred or may transfer money from your account(s) or otherwise has operated your account(s) without your permission, you should notify Citibank immediately by calling CitiPhone Banking at 6225-5225 or or Commercial Bank hotline at (65) 6238 8833 for business accounts.
- Read and follow Citibank's recommended online security tips to ensure the safeguarding of your personal information and computer.
- Do not leave your computer unattended while you are still engaged in an online banking session or any security breach caused as the result of using a shared or "public" computer to do your online banking.
- You are responsible for abiding to the Citibank's terms & conditions for online banking and obliged to read & agree to these prior to commencing online banking.
| | | At Citibank, we're constantly updating our security technology to protect your privacy and confidentiality. It is as important that you take the necessary measures to safeguard yourself.Citibank shall neither be liable for acting upon instructions nor obliged to investigate the authenticity or authority of persons effecting your instructions or verify the accuracy and completeness of your instructions. Such instructions shall be deemed irrevocable and binding on you upon receipt by Citibank notwithstanding any error, fraud, forgery, lack of clarity or misunderstanding in respect of the terms of such instructions. | | | Every Internet user should know about spoof (a.k.a. phishing or hoax) emails and letters that appear to be from a well-known company but can put you at risk. | | | Although they can be difficult to spot, the emails generally ask you to click a link back to a spoof website and the letters ask you to call a phone number, and provide, update or confirm sensitive personal information. To bait you, they may allude to an urgent or threatening condition concerning your account. | | | Under no circumstances will Citibank ever send you an email or letter asking for your account specific information. | | | You should NOT respond to such emails, letters, websites or phone numbers, or reveal your PIN to anyone. | | | Keep your PIN private and do not share this with anyone, particularly on written correspondence such as email or letters. | | | Don't give your account number over the phone unless you know the company and you made the call. | | | Credit and Debit Card Advisory | | | You may have read or heard about a security breach at CardSystems Solutions, Inc., a third-party processor of payments for credit and debit card transactions, including Visa and MasterCard. | | | When we become aware of a breach, we take appropriate steps, above and beyond our normal prevention and detection actions, on any customer accounts that may have been impacted. Our detection actions include the use of Citi's sophisticated Fraud Early Warning System to monitor accounts, and our prevention actions include notifying some customers who we think may be at risk due to suspicious activity. | | | There is a low risk of identity theft in this situation since the data compromised, as we understand it, included only name, account number, card verification codes and expiration date. Our cardholders will not be held liable for these proven unauthorized transactions. | | | Citibank suggests customers continue to monitor their monthly statements to ensure they have authorized all activity on their account, and if they notice something suspicious to contact the customer service number on the back of their card immediately. Protecting our customers' accounts and personal information is one of our highest priorities. | | | What you can do | | | Call our 24-Hour CitiPhone banking at (65) 6225-5225 to report any suspicious emails, letters, websites or phone calls or Commercial Bank hotline at (65) 6238 8833 . | | Our security team will then investigate and disable the look-alike site.
Remember, always sign on to Internet banking from your browser by typing www.citibank.com.sg or www.citigold.com.sg into the address bar or add Citibank to your list of favourites. Do not follow links from an email. | | | If you suspect that there has been any un-authorized breach of your account(s) online, or that an online transaction has taken place that you did not initiate, you should notify Citibank immediately by calling our 24-Hour CitiPhone banking at (65) 6225-5225 or Commercial Bank hotline at (65) 6238 8833. | | - Security incidents will be escalated to our technical support staff for evaluation. If any breach of security appears to have occurred, the bank will investigate it further
- Citibank will provide you an interim update of our investigations and the status of your case. Final resolution of any incident, though, will depend on the nature and complexity of the incident, as well as the details surrounding the case.
- While we investigate, our officers may ask you to provide more details surrounding the incident to allow us to resolve your case as quickly and as efficiently as possible.
| | | | | | | Find out more about Citibank's One-Time PIN (OTP) | | | Supported Browsers | | |
