Some tips to help
you go about your daily online activities.
Online Safety Brochures & Whitepages
*Republished with permission from Microsoft
**Republished with permission from the American Bankers
Computer Safety Tips
Protecting the security of your computer can help you avoid
potential online risks such as viruses, spyware and worms from
infecting your computer. Here are some tips to remember next time
you are using your computer:
- Make sure you have virus protection on your
computer and make sure it is up to date.
- Download the latest updates from your operating
system manufacturer. These updates sometimes have security
patches in them that can help prevent potential threats to your
- Make sure you have a firewall on your computer
and it is activated.
- Regularly scan your computer for viruses (or
set your system to automatically scan for threats such as
malware to help avoid performance issues and data loss). If your
computer recognizes a threat on your computer, remove the threat
- When you are not using your computer, you might
consider turning it off or disconnecting from the Internet.
back to top
Online Computer Safety Tips
- Always sign out of secure websites rather than close them
with the "x" at the top right hand side of the browser screen.
If you don't log out, you open the door to a potential threat of
your information on that particular webpage.
- When visiting Citizens Bank's website, key in our address at
www.citizensEbank.com rather than clicking on a link to our site
from an e-mail. This will ensure you are going to our website
rather than a "phished" site.
- Use one computer for your Online Banking needs. This will
limit the number of computers that you have entered your secure
- Verify that a site is secure before you type sensitive
information into the website. You can identify a secure site (a
site that is protected with a Secure Sockets Layer (SSL)
certificate) by looking for the "padlock"
symbol on your browser and in the address bar look for "https://"
rather than "http://" without the "s". The "s" represents the
the site is secure.
- Use browsers that have added features such as phishing
protection, web filters and other security functions.
- On occasion, Online Banking will be unavailable for use. If
you are met with an error message claiming Online Banking is
unavailable while entering in your credentials and you are
redirected to another "warning" website or asked to click on a
link to enter in your credentials, be cautious and contact
Citizens Bank. Your computer could be infected with malware and
fraudsters could be trying to obtain your personal information.
back to top
Mobile Banking Safety Tips
- Lock your phone or tablet when not in use. This password
protects your device so that nobody else can use it or view
information. Also be sure to store your device in a safe
- Close out of Mobile Banking when you are finished with your
- Do not leave your phone unattended and leave your Password
or account information on your phone.
- If you should lose your phone, contact your mobile service
provider immediately and have your phone disabled or download
anti-theft apps that allow you to remotely wipe, lock and locate
- Citizens Bank will never ask for your login ID or Password.
If you get such a request, be sure to check your phone for
malware or other viruses.
- Keep your device updated, contact your mobile service
- Do not hack your device (also known as Jailbreaking) as this
can leave it open to infection from a virus or Trojan. We
recommend you also install security software, if available.
- Stick with a secure network by ensuring wherever possible,
that all internet connections are password protected.
back to top
Mobile App Safety Tips
- Make sure you actually need an app. Every time you download
an app you open yourself to potential vulnerabilities. Only
download those apps you deem necessary with the understanding of
the risks involved.
- Be careful about which app store you use. If you decide to
download an app, be aware of which app store you use. App stores
have different standards for which apps they will offer to the
public. Some app stores require apps to be put through rigorous
testing first, while other app stores accept all apps.
- Do research and check the source. If you're downloading an
app, it is wise to do research on the application itself, the
sponsoring company, and/or the developer's website. Be cautious
about downloading new applications, as they may contain coding
bugs that haven't yet been addressed. Most app markets post user
reviews on the apps that they offer. Look for apps that have a
high number of reviews. Take time to read the app's Privacy
Policy. Check to see if the app needs access to and will report
your position via GPS and will it expose your private and
personal information to other users or any potential buyer of
that data? You want to be aware of what apps are doing with your
location and private data.
- Don't use public Wi-Fi when performing financial
transactions. Most mobile devices can use both wireless Internet
and a mobile provider's 3G or 4G network. Use only 3G or 4G
networks for any secure transactions such as banking.
- Be alert to changes in your mobile device's performance. If
you download an app, and your device starts performing
differently (for example- responding slowly to commands or
draining its battery faster) that could be a sign that malicious
code is present on the device.
- Update Apps. Update all apps when notified.
- Disable Bluetooth settings on your mobile device whenever it
is not in use. If left on, someone could potentially pair to
your device and obtain information or take over your device.
- Follow your organization's policies. If your mobile device
is provided as part of your job, be sure to follow the rules and
procedures established by your organization.
back to top
Email Safety Tips
- Do not respond to e-mails requesting information such as
social security numbers, account numbers or any other sensitive
information. Your financial institution should already have this
- Do not open e-mails or attachments from an unknown source.
E-mails and attachments can have viruses and malicious software
embedded in them to steal sensitive information from your
- Do not reply to e-mails from unknown sources. Even if you
want to tell them to stop sending you e-mails, this tells the
fraudster that they have a legitimate e-mail address and they
can target you further.
- Do not reply to e-mails that warn you if you do not respond
your account will be deactivated. Instead call the company from
a trusted phone number (use the phone book or their website).
Never use a phone number provided in the suspicious e-mail.
back to top
Citizens Bank's Security
Citizens Bank has put many security measures in place to help
protect your sensitive information while on our Internet Banking
page. Below is a list of the various security processes and
software to help keep your information safe and secure.
- For consumer account holders, security
measures have been put in place regarding electronic fund
transfers and your accounts. For more information please follow
the attached link to our
Electronic Fund Transfers Your Rights and Responsibilities section located within our Online Access
- Citizens Bank will not ask for personal
information such as Social Security numbers, Credit Card
numbers, or Personal Identification Numbers (PIN) on this
website or through e-mail unless required by a government
- For more information on Citizens Bank's
Internet security strategies please follow the attached link to
Internet Security Information located on page 2 of our
Online Access Agreement.
back to top
Citizens Bank's Security Statement
Citizens Bank March 20, 2012 Security Statement This Internet
Banking System, Citizens eBanking, brings together a combination
of industry approved security technologies to protect data for
Citizens Bank and for you, our customer. It features password
controlled system entry, Secure Sockets Layer (SSL) protocol for
128 bit data encryption, and a router loaded with a firewall which
regulates and filters the inflow and outflow of server traffic. As
used in this Security Statement the words "we", "our", "us", and
mean Citizens Bank. "You", "your", "user", refer to customer
enrolled by Bank to use Citizens eBanking.
Access and Verifying User Authenticity
To begin a session with Citizens eBanking the user is required to
enter their 12 digit login ID, password, choose an image, and answer 3 questions upon initial login.
Without the proper login, the user cannot see or use any web pages within the Citizens eBanking product.
Both your login ID and password can be changed after your first successful login. For security purposes,
you are required to change your password upon your initial login. You will be prompted to change
your password every 360 days. Although it is not required, for your safety and security we
recommend you change your password every 90 days. You determine what password you will use with a minimum
of 8 characters and a letter, number, and one of the following special character (!, @. $, &, %,
*, +). The identity of your password is not communicated to us. Your password should not be associated
with any commonly known personal identification, such as social security numbers, address, date of
birth or names of children, and should be memorized rather than written down. You agree that we are
authorized to act on instructions received under your password. You accept responsibility for the confidentiality and security of your
password and agree to change your password regularly. Upon three unsuccessful attempts to use your
password, your access will be revoked. To re-establish your authorization, you can enable the Password
Self-Reset feature in your online banking, and then you are able to reset your own password by selecting
Forgot Password on the login page. Otherwise, you must contact us during regular business hours to
have your password reset. Upon successful login, the Digital ID from VeriSign, authenticates the user's
identity and establishes a secure session with that visitor. Login sessions have a timeout limit and after
the limit is reached you are required to login again.
Multi-Factor Authentication (MFA) challenges users for additional
information prior to accessing online banking or completing a transaction, based on a risk score or hard
rule. MFA authenticates each user to a Web site based on a password and specific positive device
forensics and, at the same time, authenticates the site to the user with visual images, offering
both parties assurances that they are taking part in a legitimate transaction. To begin a session with
Citizens eBanking the user is required to enter their 12 digit login ID and password, choose an image, and
answer 3 questions upon your initial login. You determine the image and answers to the questions; the
identity of your MFA Security is not communicated to us. You accept responsibility for the
confidentiality and security of your image, questions and answers. Upon three unsuccessful attempts, your
access will be revoked. To re-establish your authorization to use Citizens eBanking, you must contact us
to have your MFA Security reset.
Account Number Masking and Account Aliases
For security reasons complete account number(s) will not appear in
your online banking. Account "Aliases" may be defined for the account(s) (i.e., "My Checking")
and are used when displaying account information on the screen.
Secure Data Transfer
Once the server session is established, the user and the server are in a secured environment. Because the server has a 128-bit encryption, data traveling between the
user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels
between the Bank and user is encrypted and can only be decrypted with the public and private key pair. In
short, the online banking server issues a public key to the end user's browser and creates a temporary
private key. These two keys are the only combination possible for that session. When the session is
complete, the keys expire and the whole process starts over when a new user opens a server session. SSL
encryption is the industry standard and is commonly used in Internet applications that require security
and privacy for sensitive data.
Router and Firewall
All requests must filter through a router and firewall before they
are permitted to reach the server. A router, a piece of hardware, works in conjunction with the
firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by
disallowing ALL traffic and then opens pathways only when necessary to process acceptable data requests,
such as retrieving web pages or sending customer requests to the Bank. Using the above
technologies, your online banking transactions meet or exceed all industry standards for security.
back to top
Children's Online Policy
The online financial services offered through Citizens Bank's Web
site are not designed for or directed toward children under age
13. We do not knowingly solicit or collect data from children, and
we do not knowingly market to children online without express
parental consent or notification. If we receive online information
from any child, we will only use the information to respond
directly to a child's request. We recognize that protecting
children's identities and online privacy is important and that
responsibility rests with us and with parents.
If you believe your child has provided personally identifiable
information to us,
Please call us at (541) 752-5161
or toll free outside of the Corvallis area at (844) 770-7100,
Contact us by email. (Please
do not send sensitive information via e-mail.)
back to top
If you feel your information has been compromised
If you feel that your sensitive information has been compromised
on-line, Citizens Bank customers are advised to call us
immediately at (541) 752-5161 (Corvallis local calling area) or
(844) 770-7100. Notify your local law enforcement agency to
report the fraud or identity theft. Notify the major credit
reporting agencies to request a "fraud alert" on your file. This
will require creditors to contact you before any accounts are
opened in your name. Below is a list of contacts for the major
credit reporting agencies:
- Equifax: (800) 525-6285
- Experian: (888) 397-3742
- TransUnion: (800) 860-7289
back to top