CitiDirect Online Banking
Transcription
CitiDirect Online Banking
CitiDirect Online Banking Security, requirements and configuration CitiService CitiDirect Helpdesk Tel. 0 801-343-978, +48 (22) 690-15-21 Monday to Friday 8:00 a.m. – 5:00 p.m. [email protected] Table of Contents TABLE OF CONTEN TS .........................................................................................................................................................................................2 1. SECURITY .....................................................................................................................................................................................................3 2. TECHNICAL REQUIREMEN TS ...................................................................................................................................................................5 2.1 2.2 2.3 2.4 2.5 2.6 OPERATING SYSTEMS ............................................................................................................................................................................. 5 INTERNET BROWSERS .............................................................................................................................................................................. 5 JAVA SOFTWARE..................................................................................................................................................................................... 6 ADOBE READER ...................................................................................................................................................................................... 6 N ETWORK /INTERNET ACCESS ................................................................................................................................................................ 6 SYSTEM INSTALLATION AND UPDATES ..................................................................................................................................................... 6 3. CONFIGURATION ...........................................................................................................................................................................................7 3.1 INTERNET EXPLORER ..................................................................................................................................................................................... 7 3.2 JAVA SUN ..................................................................................................................................................................................................... 9 2 www.citihandlowy.pl Bank Handlowy w Warszawie S.A. 1. Security One of the most important goals in the CitiDirect development is to secure your information while connecting to the Bank. System uses the most recent security methods available, ensuring confidentiality in the process of creating, sending and browsing transactions. CitiDirect uses a following four-level security system: 1. User identification and verification. 2. Authorization levels. 3. Data encryption. 4. Monitoring and alarming. 1. User identification and verification Access to CitiDirect system is limited to strictly defined Users, who log in to the system using SafeWord card (so-called token). SafeWord card generates unique and one-use passwords, which eliminates the risk of getting access to the system by stealing or breaking the password. Additionally SafeWord card itself is protected by 4-digit PIN known only to the card holder. 2. Authorization levels User permissions are controlled by their access profiles, which define a specific authorization level to CitiDirect options. Profiles are created by system administrators or by Citi Handlowy on your written request and determine: access to specified accounts, types of transactions, the amount of a single payment, schemes and authorization limits, etc. 3. Data encryption Connection between the User and the Bank is encrypted in order to prevent intruders from getting access to data. The encryption protocol (TLS) ensures privacy and reliability. 128-bit encryption required from financial institution is enabled by a special digital certificate VeriSign. Thank to this CitiDirect system establishes a secure connection, granting access to encrypted data only to authorized Users. TLS also protects cohesion of the data sent in secure, encrypted connection thank to the Message Authentication Code (MAC) MAC detects if data was not changed in the process of transmission. 4. Monitoring and alarming Discrete and non-absorbing control and alarm mechanisms are a very important element in CitiDirect security structure. It allows quick detection and identification of unauthorized attempts to access the system. All events are reported to the 24-hour monitoring system which allows immediate investigation and problem solution. 3 www.citihandlowy.pl Bank Handlowy w Warszawie S.A. Irrespectively of implemented security measures User must be aware of dangers that may occur in the Internet and follow the rules listed below: 1. Before logging, make sure that you are on the proper safe program website. In the browser window, on the status bar, down on the right side there must be a closed lock indicating that the connection is encrypted. The website address should begin with “https”. 2. CitiDirect website uses certificate protection. Never ignore browser warnings about errors, particularly certificate errors. If you state a certificate error, report this fact to the Bank immediately. 3. SafeWord card – one-time password generator – makes CitiDirect resistant to attempts to steal password. Make sure to always carry it with you, memorize its PIN number and do not record it anywhere. All actions performed in CitiDirect are being registered. Each operation performed with your card will be treated as yours. If you decide to share PIN number and card with a third person, you do this on your own responsibility. If you lose your card, report to the Bank immediately. 4. System automatically blocks the access after 15 minutes of inactivity and forces to log back in. However, you should never leave the program opened longer than necessary. Log out right after finishing your work or when you are going away from the computer even for a short while. Do not create an opportunity for unauthorized persons to use – even for a few seconds – the session you opened. 5. Care about security of your computer. Install system updates as soon as they become available. Use antivirus programs and software that protects your computer from external attacks. Do not install programs of unknown origin. Any damages caused by not following the above rules are the sole responsibility of the USER. Not logging to CitiDirect for over a year will result in removing SafeWord card from the system permanently and its replacement will be necessary. 4 www.citihandlowy.pl Bank Handlowy w Warszawie S.A. 2. Technical Requirements 2.1 Operating Systems Windows® operating systems: CitiDirect Online Banking is certified to operate on the Microsoft Operating Systems listed below excluding versions indicated. • Windows® Vista Excluding: Arabic OS • Windows® 7 Excluding: Arabic OS • Windows® 8 Excluding: Arabic OS Apple® Mac operating systems • Version 10.5 up to 10.7.2 Note: Lion operating system does not provide a Java runtime by default. In order to download Java, please click here. • Version 10.7.3 and higher Note: In order to download Java, please click here. 2.2 Internet browsers Internet Explorer 8.0 (Windows Vista) Internet Explorer 8.0 (Windows 7) Internet Explorer 9.0 (Windows Vista) Internet Explorer 9.0 (Windows 7) Internet Explorer 10.0 (Windows 7) Internet Explorer 10.0 (Windows 8) Internet Explorer 11.0 (Windows 7) Internet Explorer 11.0 (Windows 8.1) Safari: version 4.0.5 and higher 5 www.citihandlowy.pl Bank Handlowy w Warszawie S.A. 2.3 Java software CitiDirect supports the following versions of Java: • • • Java 6 (27 through update 45). Java 7 (through update 60). Note that updates 21, 23 and 25 may alert the User that CitiDirect is not secure. CitiDirect is secure and Users can ignore this alert. Java 8 (through update 25). Note: We recommend that all Users still using Java 6 upgrade to Java 7. 2.4 Adobe Reader Adobe Reader is used to view reports generated in CitiDirect in PDF format. CitiDirect supports the following versions of Adobe Reader: • Version 9.0 or higher Note: Adobe ended support for Acrobat 8.x in November of 2011 and earlier versions are no longer supported by Adobe. 2.5 Network /Internet Access - Transfer to/from external network (for a single station) min. 128 kbs, we recommend 512 kbs Opened ports http (80) and https (443) No scanning, blocking, or caching Java and Active X applets from: https://portal.citidirect.com Enabled TLS protocol in browser and Java settings – Details >> 2.6 System installation and updates CitiDirect works on Java Sun platform and installs or updates itself when logging. On Windows User account, on which CitiDirect will run, the Java platform access and full access do java cache folders shall be ensured. 6 www.citihandlowy.pl Bank Handlowy w Warszawie S.A. 3. Configuration 3.1 Internet Explorer CitiDirect works correctly with internet options default settings. To optimize performance we recommend using the below settings: Run the web browser and go to Tools Internet options… Security tab In the zone select window click Trusted sites. Most likely security level for this zone will be set as custom. Reset settings by clicking Default level button and move the slide bar all the way down to set the lowest security level – Low. 7 www.citihandlowy.pl Bank Handlowy w Warszawie S.A. Open the trusted sites list by clicking the Sites button and add CitiDirect system site address: https://portal.citidirect.com Privacy tab: Settings section determines whether the web browser remembers the User created on the login page. Default level – Medium – or lower should be selected here. 8 www.citihandlowy.pl Bank Handlowy w Warszawie S.A. Advanced tab: We recommend using default settings. If you are not sure if settings are default, click Restore advanced settings button and Apply. 3.2 Java Sun From Windows START menu, select Control Panel and double-click the JAVA icon. General tab Settings affecting CitiDirect are located in Network Settings and Temporary Internet Files sections. 9 www.citihandlowy.pl Bank Handlowy w Warszawie S.A. Network Settings Chose the option Use browser settings. Temporary Internet Files Keep temporary files on my computer – this option has to be checked. Location – Windows User needs to have full access to the folder indicated here. The compression level has to be set as None. The amount of free space on hard drive should be at least 250 MB. Default setting – 1000 MB. 10 www.citihandlowy.pl Bank Handlowy w Warszawie S.A. Update tab: We recommend turning the automatic updates off. In order to do that, uncheck the Check for updates Automatically option. Niniejszy materiał został wydany jedynie w celach informacyjnych i nie stanow i oferty w rozumieniu art. 66 Kodeksu Cyw ilnego. Bank Handlowy w Warszawie S.A. z siedzibą w Warszawie, ul. Senatorska 16, 00-923 Warszawa, zarejestrowany w rejestrze przedsiębiorców Krajowego Rejestru Sądowego przez Sąd Rejonowy dla m.st. Warszawy w Warszawie, XII Wydział Gospodarczy Krajowego Rejestru Sądowego, pod nr. KRS 000 000 1538; NIP 526-030-02-91; wysokość kapitału zakładowego wynosi 522.638.400 złotych, kapitał został w pełni opłacony. Citi Handlowy, CitiDirect Online Banking oraz CitiDirect EB są zastrzeżonymi znakami towarowym należącym do podmiotów z grupy Citigroup Inc. 11 www.citihandlowy.pl Bank Handlowy w Warszawie S.A.
Similar documents
CitiDirect Online Banking
Settings within My Preferences allow to adjust CitiDirect to individual needs of the User – to select an appropriate format of date and amount, as well as to adjust the form of displaying messages....
More informationCitiDirect Online Banking Payments
3) The final status of the transfer should be known after up to two minutes. 4) To check the status of the transfer, please select View All from My Transactions and Services menu. 5) Only the “Proc...
More information