How the bank protects you.
The highest standard of safeguards. Specialists monitoring the system 24/7. We are doing all we can to ensure full security of your data when using our platforms, at each stage of interaction.
Select banking type
-
Protection of Internet connection
-
• Website secured with a security certificate
Our website is secured with the security certificate issued by DigiCert, which covers the following addresses: www.online.citibank.pl, www.citibankonline.pl and www.citigold.pl. Security certificate is a digital signature of a site which confirms that you are in a service owned by our Bank. The certificate ensures that all confidential transactions executed via Citibank Online are protected with the use of SSL encryption.
If you see atypical or suspicious activities, immediately report them to the Bank at (+48 22) 692 24 84.
-
-
Protection during login
-
SMS after a failed attempt to log in
In case of a failed attempt to log in to the system, you will automatically receive an SMS message informing you of this fact. If you are unsure whether it was you who made a failed attempt to log in, please scan your computer for viruses and change your login and/or password to more difficult ones.
-
-
Protection when executing transactions
-
“Confirm transaction” SMS
The “Confirm transaction” SMS service is based on two-way communication between the Bank and the Client, aimed at boosting the security of the transaction and monitoring transactions that, in the Bank’s opinion, could suggest unauthorized use. Thanks to this service you will be informed via SMS about a transaction identified as suspicious by the Bank immediately after it has been executed.
We would like to remind you that: If you wish to use the “Confirm transaction” service, please update your contact details. You can verify your contact details by logging in to Citibank Online.
-
Single-use activation codes
When executing a transaction or operation, such as transfer to a new recipient or linking a card to an FX account, the Client receives an SMS message with a 6-digit verification code to confirm the operation by entering the code on the online platform or in the mobile application. On Citibank Online, enter the code in a separate, pop-up window. Apart from the code, the SMS message also includes the name of the operation, date and time of execution.
The single-use activation code has a specific, short validity period – in order to additionally protect against an unauthorized operation.
-
3D Secure code for online card transactions
When making online payments with payment card at shops which have implemented 3D Secure, a Client will receive a free text message from the Bank with an 8-digit code. The transaction will not be initiated until you have entered the 8-digit code on the website. Make sure that the shop name and amount are consistent with the payment you want to make.
-
Automatic session expiration
Each session expires automatically after 5 minutes of inactivity. This prevents third-party access to your accounts if you forget to log out from the platform.
-
Daily payment limits
The total amount of payments made during the day via Citibank Online cannot exceed the limit set by the account holder.
-
SMS confirming change of personal data
For security reasons, each change of your personal data, such as your mailing address, email address, mobile phone number, birth date and mother’s maiden name, will be confirmed in an SMS or email message. This communication will also warn you in case someone else tries to change your personal data in the Bank’s system. Please be advised that you may update your email address and mailing address also via Citibank Online.
-
Activity monitoring for security purposes
Please be advised that, considering the security of your transactions and the funds entrusted to us, the activity on your accounts is subject to monitoring. Therefore, in certain cases, the Bank may refuse to execute your transaction or delay it, of which you will be informed without delay.
At the same time, in such a case, the Bank will never ask you to provide an additional authorization code, install an additional application or log in through a link sent in a message.
-
Citi Alerts service
Once an operation is executed, for a version of the Citi Alerts Premium service, you will receive notification about the charge summarizing the ordered operation.
-
-
Protection before logging in
-
Updates in respect of security
The application is being updated and tested in respect of security on an ongoing basis. We recommend to always use the latest version of the application and the latest available versions of the operating system (Android or iOS) for the phone.
-
Requirements regarding software version
In order to ensure maximum safety, the Bank defines the minimum requirements regarding the version of the phone software. For iPhones it is iOS 8.0 or higher, for Android the minimum system version is 4.4.
-
-
Protection when using the mobile application
-
Limited session duration
The session duration is limited to 5 minutes. After this period of inactivity in the application, the user will be logged out automatically.
-
No storage of financial data
The Citi Mobile® app does not save any financial data or any information on your products.
-
Security with PUSH codes under the Citi Mobile Token service
All transactions made to recipients who are not defined in the system are additionally secured with PUSH codes generated under the Citi Mobile Token service. Make sure that the details, such as the shop name, recipient name and amount, are consistent with the payment you want to make.
-
Citi Mobile Token authorization service
This service can be assigned to one mobile device only. Thus, when you change your device, you will be informed in an SMS message that the service has been deactivated on the previous device and assigned to a new one.
-