The following describes the security measures we take to protect your information
on the Internet:
We recommend periodically changing your password every 30-60 days.
To change your password, sign on and go to the Manage My Account menu and select Update Account Profile.
For additional security password tips
view User ID and Password Guidelines.
We use Secured Socket Layer (SSL) for secure transmissions. SSL
applies encryption between two communicating applications, such as your PC and
our corporate Internet server. When your data is transmitted over the Internet, it is
encrypted or "scrambled" at the sending end and then decrypted or "unscrambled"
at the receiving end. We use 128-bit encryption, the highest level generally
Encryption is a technology that allows secure transmittal of information along the Internet by encoding the transmitted data using a mathematical formula that scrambles it. Without a corresponding "decoder," the transmission would look like nonsense text and would be unusable. It can be used with many applications, including electronic commerce (sending credit card numbers for orders or transmitting account information), email messages and sensitive documents.
Basic encryption involves the transmission of data from one party to another. The sender encodes the data by scrambling it, then sends it on. The receiver must decode the data with the correct "decoder" in order to read and use it.
The effectiveness (or level of security) for encryption is measured in terms of how long the key is - the longer the key, the longer it would take for someone without the correct "decoder" to break the code. This is measured in bits, e.g. 40-bit encryption, the level of encryption used with many ordinary browsers, versus the level of encryption recommended to use Account Online. For a 40-bit key, there are 240 possible combinations. For a 128-bit key, there are 2128 possible combinations.
A cookie is a small piece of information which is created by a web server during a
user's visit to a website. If you configure your web browser to alert you regarding
the presence of cookies, you may receive a notice that a web server wishes to set
a cookie. There are two kinds of cookies - "persistent" and "transient."
Sometimes we use persistent cookies which remain on the hard drive of your
personal computer. We use persistent cookies for a number of purposes including
to store your preferences for certain kinds of information, to provide you with
access to certain websites for which you have previously registered, to retrieve
information you have provided us previously, etc. You can set your browser to
disable cookies or prevent them, or you can delete cookies which have already
been set by instructing your browser accordingly. The persistent cookies used on
Citibank, N.A. credit card Websites are available only to Citibank, N.A. or to certain agents of Citibank, N.A. who are performing services or hosting specific websites on our behalf.
We may also use transient cookies, which are not stored on your hard drive and
are not available to anyone other than Citibank, N.A. Transient cookies contain
information that identifies you and allows you to navigate our site from one page
to another without requiring you to log in again on each page. When you leave our
site, or when your session expires, the transient cookies expire.