Your Security is Our Goal
The following describes the security measures we take to protect your information on the Internet:
128-Bit Encryption
Citibank uses Secured Socket Layer (SSL) for secure transmissions. SSL applies
encryption between two communicating computer systems, such as your PC
and our corporate Internet server. When your data is transmitted
over the Internet, it is encrypted or "scrambled" at
the sending end and then decrypted or "unscrambled" at
the receiving end. We use 128-bit encryption, the highest level
generally available today.
Encryption
Encryption is a technology that allows secure transmittal of information
along the Internet by encoding the transmitted data using a mathematical
formula that scrambles it. Without a corresponding "decoder," the transmission
would look like nonsense text and would be unusable. It can be used
with many applications, including electronic commerce (sending credit
card numbers for orders or transmitting account information), email
messages and sensitive documents.
Basic encryption involves the transmission of data from one party to another.
The sender encodes the data by scrambling it, then sends it on. The receiver
must decode the data with the correct "decoder" in order to read and use it.
The effectiveness (or level of security) for encryption is measured
in terms of how long the key is the longer the key, the longer
it would take for someone without the correct "decoder" to break the
code. This is measured in bits, e.g. 40-bit encryption, the level of
encryption used with many ordinary browsers, versus the level of encryption
recommended to use Account Online. For a 40-bit key, there are
240 possible combinations. For a
128-bit key, there are 2128
possible combinations.
Cookie Definition
A cookie is a small piece of information which is created by a web
server during a user's visit to a web site. If you configure your
web browser to alert you regarding the presence of cookies, you
may receive a notice that a web server wishes to set a cookie. There
are two kinds of cookies "persistent" and "transient."
Sometimes we use persistent cookies which remain on the hard drive
of your personal computer. We use persistent cookies for a number
of purposes including to store your preferences for certain kinds
of information, to provide you with access to certain web sites
for which you have previously registered, to retrieve information
you have provided us previously, etc. You can set your browser to
disable cookies or prevent them, or you can delete cookies which
have already been set by instructing your browser accordingly. To
access some information on our website, you'll have to set your
browser to enable cookies. The persistent cookies used on Citi's
credit card websites are available only to Citibank or to certain
agents of Citibank who are performing services or hosting specific
web sites on our behalf.
We may also use transient cookies, which are not stored on your
hard drive and are not available to anyone other than Citibank.
Transient cookies contain information that identifies you and allows
you to navigate on our site from one page to another without requiring
you to log in again on each page. When you leave our site, or when
your session expires, the transient cookies expire.
CHECK ENCRYPTION
Identify the browser you are currently using:
Internet Explorer
- Select Help on the menu bar
- Choose About Internet Explorer from the drop down menu
- The number in the "Cipher Strength" field is your encryption strength
Netscape
- Select Help on the menu bar
- Choose About Navigator or About Communicator from the drop down menu
- Scroll down and look to the left for the statement that begins,
"This version supports U.S. Security with RSA
Public Key Cryptography" That indicates a 128-bit encryption level.
Other
- Check your software manual or contact your browser software provider for product specifications.
How to Protect Yourself Online
Here are simple steps you can take to protect yourself from fraud while shopping and banking online.
- Verify the URL (address) of the sites you visit. If you're on a secure site, it should start with https (the "s" indicates it is secure.) A padlock image also should appear at the bottom of your browser window.
- Install anti-virus software and update it regularly with the most current version.
- Use separate passwords and PINs for your Internet accounts and make them difficult for others to guess. Change passwords and PINs frequently.
- Use the logoff button to end a secure session instead of closing your browser.
- Only open email messages sent by people you know.
- Never send personal or financial information by email. (Remember, we will never ask you to provide personal information via email.)
- Review your order confirmations, credit card and bank statements and report any unusual activity immediately.
- Review the security measures recommended by the Better Business Bureau, the U.S. Government and others at the following sites:
http://www.nipc.gov/warnings/computertips.htm
http://www.bbb.org/alerts/article.asp?ID=153
http:/iisw.cerias.purdue.edu/home_computing/topten.php
|