Online Security Tips
- Computer Safety Tips
- Online Computer Safety Tips
- Mobile Banking Safety Tips
- Mobile App Safety Tips
- Email Safety Tips
- Citizens Bank's Security
- Citizens Bank's Security Statement
- Secure Access and Verifying User Authenticity
- Children's Online Policy
- Compromised Information
Protecting the security of your computer can help you avoid potential online risks such as viruses, spyware, and worms from infecting your computer.
- Make sure you have virus protection on your computer and that it is up-to-date.
- Make sure your Operating System is up-to-date.
- Make sure you have a Firewall on your computer and it is activated; keeping your firewall up-to-date will also help.
- Regularly scan your computer for viruses.
- Always sign out of secure websites rather than close them with the "x" at the top right hand side of the browser screen.
- When visiting Citizens Bank's website, key in our address at www.citizensEbank.com rather than clicking on a link.
- Use one computer for your Online Banking needs.
- Verify that a site is secure before you type sensitive information into the website. You can identify a secure site by looking for the "padlock" symbol on your browser and in the address bar.
- Use browsers that have added features such as phishing protection, web filters and other security functions. Examples of these are Firefox, Google Chrome, and Safari (if on an Apple computer).
- On occasion, Online Banking will be unavailable for use. If you are met with an error message claiming Online Banking is unavailable while entering in your credentials and you are redirected to another "warning" website or asked to click on a link to enter in your credentials, be cautious and contact Citizens Bank.
- Make sure to have a password set on your mobile device. Many devices offer extended passwords that use more than the 4 character numerical password.
- Close out of Mobile Banking when you are finished with your session.
- Do not leave your Password or account information on your phone.
- If you should lose your phone, contact your mobile service provider immediately and have your phone disabled or download anti-theft apps that allow you to remotely wipe, lock, and locate your phone. Apple products offer this built-in, you can turn this feature on by opening the “Find my iPhone” application as long as you are on the latest software update.
- Citizens Bank will never ask for your login ID or Password. If you get such a request, be sure to check your phone for malware or other viruses.
- Keep your device updated, many devices will prompt you when an update is available.
- Jailbreaking your phone can leave it susceptible to malware, it is not recommended to edit the operating software.
- Make sure your home Wi-Fi network is password protected. This can be done yourself or by calling your ISP (internet service provider).
- If you download an app, be cautious if it asks you for access to anything on your phone, i.e. Calendar, mail, messages, microphone, photos, etc.
- Sticking to either the Google Play Store or Apple App Store will ensure that a downloaded app has been approved by the manufacturing provider of your mobile device.
- Don't use public Wi-Fi when performing financial transactions. Most mobile devices can use both wireless Internet and a mobile provider's 3G or 4G network. Use only 3G or 4G networks for any secure transactions such as banking.
- Update all apps when notified.
- Follow your organization's policies. If your mobile device is provided as part of your job, be sure to follow the rules and procedures established by your organization.
- Do not respond to emails requesting information such as social security numbers, account numbers, or any other sensitive information. Your financial institution should already have this information.
- Do not open emails or attachments from an unknown source. Emails and attachments can have viruses and malicious software embedded in them to steal sensitive information from your computer.
- Do not reply to emails from unknown sources. Even if you want to tell them to stop sending you emails, this tells the fraudster that they have a legitimate email address and they can target you further.
- Do not reply to emails that warn you if you do not respond your account will be deactivated. Instead call the company at a trusted phone number obtained from their website. Never use a phone number provided in the suspicious email.
Citizens Bank has put many security measures in place to help protect your sensitive information while using Online Banking. Below is a list of the various security processes and software to help keep your information safe and secure.
- For consumer account holders, security measures have been put in place regarding electronic fund transfers and your accounts. For more information please review our Online Access Agreement and Disclosure.
- Citizens Bank will not ask for personal information such as Social Security numbers, Credit Card numbers, or Personal Identification Numbers (PIN) on this website or through email unless required by a government agency.
- For more information on Citizens Bank's Internet security strategies please follow the attached link to our Internet Security Information located on page 2 of our Online Access Agreement and Disclosure.
This Online Banking System, Citizens eBanking, brings together a combination of industry approved security technologies to protect data for Citizens Bank and for you, our customer. It features password controlled system entry, Secure Sockets Layer (SSL) protocol for 128 bit data encryption, and a router loaded with a firewall which regulates and filters the inflow and outflow of server traffic. As used in this Security Statement the words “we”, “our”, “us”, and “Bank” mean Citizens Bank. “You”, “your”, “user”, refer to customer enrolled by Bank to use Citizens eBanking.
To begin a session with Citizens eBanking the user is required to enter their 12 digit login ID, password, choose an image, and answer 3 questions upon initial login. Without the proper login, the user cannot see or use any web pages within the Citizens eBanking product. Both your login ID and password can be changed after your first successful login. For security purposes, you are required to change your password upon your initial login. Although it is not required, for your safety and security we recommend you change your password every 90 days. You determine a password of your choosing with a minimum of 8 characters, including one upper case and one lower case letter, number, and one of the following special characters (!, @. $, ~, %, *, +, _). The identity of your password is not communicated to us. Your password should not be associated with any commonly known personal identification, such as social security numbers, address, date of birth, or names of children, and should be memorized rather than written down. You agree that we are authorized to act on instructions received under your password. You accept responsibility for the confidentiality and security of your password. Upon three unsuccessful attempts to use your password, your access will be revoked. To re-establish your authorization, you can enable the Password Self-Reset feature in your Online Banking, and then you are able to reset your own password by selecting Forgot Password on the login page. Otherwise, you must contact us during regular business hours to have your password reset. Upon successful login, the Digital ID from VeriSign, authenticates the user's identity and establishes a secure session with that visitor. Login sessions have a timeout limit and after the limit is reached you are required to login again.
Multi-Factor Authentication (MFA) challenges users for additional information prior to accessing Online Banking or completing a transaction, based on a risk score or hard rule. MFA authenticates each user to a Web site based on a password and specific positive device forensics and, at the same time, authenticates the site to the user with visual images, offering both parties assurances that they are taking part in a legitimate transaction. To begin a session with Citizens eBanking the user is required to enter their 12 digit login ID and password, choose an image, and answer 3 questions upon your initial login. You determine the image and answers to the questions; the identity of your MFA Security is not communicated to us. You accept responsibility for the confidentiality and security of your image, questions and answers. Upon three unsuccessful attempts, your access will be revoked. To re-establish your authorization to use Citizens eBanking, you must contact us to have your MFA Security reset.
Account Number Masking and Account Aliases
For security reasons complete account number(s) will not appear in your Online Banking. Account "Aliases" may be defined for the account(s) (i.e., "My Checking") and are used when displaying account information on the screen.
Secure Data Transfer
Once the server session is established, the user and the server are in a secured environment. Because the server has a 128-bit encryption, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the Bank and user is encrypted and can only be decrypted with the public and private key pair. In short, the Online Banking server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new user opens a server session. SSL encryption is the industry standard and is commonly used in Internet applications that require security and privacy for sensitive data.
Router and Firewall
All requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens pathways only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the Bank. Using the above technologies, your Online Banking transactions meet or exceed all industry standards for security.
The online financial services offered through Citizens Bank's website are not designed for or directed toward children under age 13. We do not knowingly solicit or collect data from children, and we do not knowingly market to children online without express parental consent or notification. If we receive online information from any child, we will only use the information to respond directly to a child's request. We recognize that protecting children's identities and online privacy is important and that responsibility rests with us and with parents.
If you believe your child has provided personally identifiable information to us, please Contact us.
Please call us at (541) 752-5161
or toll free outside of the Corvallis area at (844) 770-7100,
or Contact us by email. (Please do not send sensitive information via email.)
If you feel that your sensitive information has been compromised online, Citizens Bank customers are advised to call us immediately at (541) 752-5161 (Corvallis local calling area) or (844) 770-7100. Notify your local law enforcement agency to report the fraud or identity theft. Notify the major credit reporting agencies to request a "fraud alert" on your file. This will require creditors to contact you before any accounts are opened in your name. Below is a list of contacts for the major credit reporting agencies:
- Equifax: (800) 525-6285
- Experian: (888) 397-3742
- TransUnion: (800) 680-7289