Citizens Bank - Contact Us
Random Login Form Consumer Enroll New Page 1

Online Banking at your fingertips

Citizens Bank - Online Security

Online Security

Some tips to help you go about your daily online activities.

Online Safety Brochures &  Whitepages

*Republished with permission from Microsoft

**Republished with permission from the American Bankers Association (ABA)

Computer Safety Tips

Protecting the security of your computer can help you avoid potential online risks such as viruses, spyware and worms from infecting your computer. Here are some tips to remember next time you are using your computer:

  • Make sure you have virus protection on your computer and make sure it is up to date.
  • Download the latest updates from your operating system manufacturer. These updates sometimes have security patches in them that can help prevent potential threats to your computer.
  • Make sure you have a firewall on your computer and it is activated.
  • Regularly scan your computer for viruses (or set your system to automatically scan for threats such as malware to help avoid performance issues and data loss). If your computer recognizes a threat on your computer, remove the threat immediately.
  • When you are not using your computer, you might consider turning it off or disconnecting from the Internet.

back to top

Online Computer Safety Tips

  • Always sign out of secure websites rather than close them with the "x" at the top right hand side of the browser screen. If you don't log out, you open the door to a potential threat of your information on that particular webpage.
  • When visiting Citizens Bank's website, key in our address at rather than clicking on a link to our site from an e-mail. This will ensure you are going to our website rather than a "phished" site.
  • Use one computer for your Online Banking needs. This will limit the number of computers that you have entered your secure information on.
  • Verify that a site is secure before you type sensitive information into the website. You can identify a secure site (a site that is protected with a Secure Sockets Layer (SSL) certificate) by looking for the "padlock" symbol on your browser and in the address bar look for "https://" rather than "http://" without the "s". The "s" represents the site is secure.
  • Use browsers that have added features such as phishing protection, web filters and other security functions.
  • On occasion, Online Banking will be unavailable for use. If you are met with an error message claiming Online Banking is unavailable while entering in your credentials and you are redirected to another "warning" website or asked to click on a link to enter in your credentials, be cautious and contact Citizens Bank. Your computer could be infected with malware and fraudsters could be trying to obtain your personal information.

back to top

Mobile Banking Safety Tips

  • Lock your phone or tablet when not in use. This password protects your device so that nobody else can use it or view information. Also be sure to store your device in a safe location.
  • Close out of Mobile Banking when you are finished with your session.
  • Do not leave your phone unattended and leave your Password or account information on your phone.
  • If you should lose your phone, contact your mobile service provider immediately and have your phone disabled or  download anti-theft apps that allow you to remotely wipe, lock and locate your phone.
  • Citizens Bank will never ask for your login ID or Password. If you get such a request, be sure to check your phone for malware or other viruses.
  • Keep your device updated, contact your mobile service provider.
  • Do not hack your device (also known as Jailbreaking) as this can leave it open to infection from a virus or Trojan. We recommend you also install security software, if available.
  • Stick with a secure network by ensuring wherever possible, that all internet connections are password protected.

back to top

Mobile App Safety Tips

  • Make sure you actually need an app. Every time you download an app you open yourself to potential vulnerabilities. Only download those apps you deem necessary with the understanding of the risks involved.
  • Be careful about which app store you use. If you decide to download an app, be aware of which app store you use. App stores have different standards for which apps they will offer to the public. Some app stores require apps to be put through rigorous testing first, while other app stores accept all apps.
  • Do research and check the source. If you're downloading an app, it is wise to do research on the application itself, the sponsoring company, and/or the developer's website. Be cautious about downloading new applications, as they may contain coding bugs that haven't yet been addressed. Most app markets post user reviews on the apps that they offer. Look for apps that have a high number of reviews. Take time to read the app's Privacy Policy. Check to see if the app needs access to and will report your position via GPS and will it expose your private and personal information to other users or any potential buyer of that data? You want to be aware of what apps are doing with your location and private data.
  • Don't use public Wi-Fi when performing financial transactions. Most mobile devices can use both wireless Internet and a mobile provider's 3G or 4G network. Use only 3G or 4G networks for any secure transactions such as banking.
  • Be alert to changes in your mobile device's performance. If you download an app, and your device starts performing differently (for example- responding slowly to commands or draining its battery faster) that could be a sign that malicious code is present on the device.
  • Update Apps. Update all apps when notified.
  • Disable Bluetooth settings on your mobile device whenever it is not in use. If left on, someone could potentially pair to your device and obtain information or take over your device.
  • Follow your organization's policies. If your mobile device is provided as part of your job, be sure to follow the rules and procedures established by your organization.

back to top

Email Safety Tips

  • Do not respond to e-mails requesting information such as social security numbers, account numbers or any other sensitive information. Your financial institution should already have this information.
  • Do not open e-mails or attachments from an unknown source. E-mails and attachments can have viruses and malicious software embedded in them to steal sensitive information from your computer.
  • Do not reply to e-mails from unknown sources. Even if you want to tell them to stop sending you e-mails, this tells the fraudster that they have a legitimate e-mail address and they can target you further.
  • Do not reply to e-mails that warn you if you do not respond your account will be deactivated. Instead call the company from a trusted phone number (use the phone book or their website). Never use a phone number provided in the suspicious e-mail.

back to top

Citizens Bank's Security

Citizens Bank has put many security measures in place to help protect your sensitive information while on our Online Banking page. Below is a list of the various security processes and software to help keep your information safe and secure.

  • For consumer account holders, security measures have been put in place regarding electronic fund transfers and your accounts. For more information please follow the attached link to our Electronic Fund Transfers Your Rights and Responsibilities section located within our Online Access Agreement and Disclosure.

  • Citizens Bank will not ask for personal information such as Social Security numbers, Credit Card numbers, or Personal Identification Numbers (PIN) on this website or through e-mail unless required by a government agency.
  • For more information on Citizens Bank's Internet security strategies please follow the attached link to our Internet Security Information located on page 2 of our Online Access Agreement and Disclosure.

back to top

Citizens Bank's Security Statement, February 22, 2017

This Online Banking System, Citizens eBanking, brings together a combination of industry approved security technologies to protect data for Citizens Bank and for you, our customer. It features password controlled system entry, Secure Sockets Layer (SSL) protocol for 128 bit data encryption, and a router loaded with a firewall which regulates and filters the inflow and outflow of server traffic. As used in this Security Statement the words “we”, “our”, “us”, and “Bank” mean Citizens Bank. “You”, “your”, “user”, refer to customer enrolled by Bank to use Citizens eBanking.


Secure Access and Verifying User Authenticity


To begin a session with Citizens eBanking the user is required to enter their 12 digit login ID, password, choose an image, and answer 3 questions upon initial login. Without the proper login, the user cannot see or use any web pages within the Citizens eBanking product. Both your login ID and password can be changed after your first successful login. For security purposes, you are required to change your password upon your initial login. You will be prompted to change your password every 360 days. Although it is not required, for your safety and security we recommend you change your password every 90 days. You determine a password of your choosing with a minimum of 8 characters, including one upper case and one lower case letter, number, and one of the following special characters (!, @. $, ~, %, *, +, _). The identity of your password is not communicated to us. Your password should not be associated with any commonly known personal identification, such as social security numbers, address, date of birth or names of children, and should be memorized rather than written down. You agree that we are authorized to act on instructions received under your password. You accept responsibility for the confidentiality and security of your password and agree to change your password regularly. Upon three unsuccessful attempts to use your password, your access will be revoked. To re-establish your authorization, you can enable the Password Self-Reset feature in your Online Banking, and then you are able to reset your own password by selecting Forgot Password on the login page. Otherwise, you must contact us during regular business hours to have your password reset. Upon successful login, the Digital ID from VeriSign, authenticates the user's identity and establishes a secure session with that visitor. Login sessions have a timeout limit and after the limit is reached you are required to login again.

MFA Security

Multi-Factor Authentication (MFA) challenges users for additional information prior to accessing Online Banking or completing a transaction, based on a risk score or hard rule. MFA authenticates each user to a website based on a password and specific positive device forensics and, at the same time, authenticates the site to the user with visual images, offering both parties assurances that they are taking part in a legitimate transaction. To begin a session with Citizens eBanking the user is required to enter their 12 digit login ID and password, choose an image, and answer 3 questions upon your initial login. You determine the image and answers to the questions; the identity of your MFA Security is not communicated to us. You accept responsibility for the confidentiality and security of your image, questions and answers. Upon three unsuccessful attempts, your access will be revoked. To re-establish your authorization to use Citizens eBanking, you must contact us to have your MFA Security reset.

Account Number Masking and Account Aliases

For security reasons complete account number(s) will not appear in your Online Banking. Account "Aliases" may be defined for the account(s) (i.e., "My Checking") and are used when displaying account information on the screen.

Secure Data Transfer

Once the server session is established, the user and the server are in a secured environment. Because the server has a 128-bit encryption, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the Bank and user is encrypted and can only be decrypted with the public and private key pair. In short, the Online Banking server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new user opens a server session. SSL encryption is the industry standard and is commonly used in Internet applications that require security and privacy for sensitive data.

Router and Firewall

All requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens pathways only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the Bank. Using the above technologies, your Online Banking transactions meet or exceed all industry standards for security.

back to top

Children's Online Policy

The online financial services offered through Citizens Bank's website are not designed for or directed toward children under age 13. We do not knowingly solicit or collect data from children, and we do not knowingly market to children online without express parental consent or notification. If we receive online information from any child, we will only use the information to respond directly to a child's request. We recognize that protecting children's identities and online privacy is important and that responsibility rests with us and with parents.


If you believe your child has provided personally identifiable information to us,
please Contact us.

Please call us at (541) 752-5161
or toll free outside of the Corvallis area at (844) 770-7100,
or Contact us by email. (Please do not send sensitive information via e-mail.)

back to top

If you feel your information has been compromised

If you feel that your sensitive information has been compromised online, Citizens Bank customers are advised to call us immediately at (541) 752-5161 (Corvallis local calling area) or (844) 770-7100. Notify your local law enforcement agency to report the fraud or identity theft. Notify the major credit reporting agencies to request a "fraud alert" on your file. This will require creditors to contact you before any accounts are opened in your name. Below is a list of contacts for the major credit reporting agencies:

  • Equifax: (800) 525-6285 
  • Experian: (888) 397-3742
  • TransUnion: (800) 680-7289

back to top


Animated Content Tabs with CSS3

Business Banking

Personal Banking


Shareholder Relations

About Us

Lost or Stolen ATM/Debit/Check Cards

Online & Mobile


Contact Us

Copyright © 2016 Citizens Bank. All rights reserved.

  Member FDIC logo Member FDIC.

Site designed by Visual Media Center

Equal Housing Lender  .

Equal Housing Lender Logo