How to Start?

Experience banking on-the-go, anywhere and anytime with Citi Online and the Citi Mobile® UK App. Enjoy viewing your accounts in the currency of your choice, quicker money transfers, accessing your investments, statements and more at the click of a button.

Download Citi Mobile > Register on Citi Online >
How to Start?

Register on Citi Online

Access your account securely, from anywhere and at any time, by registering on Citi Online. It’s easy, safe and secure.

If you would like further information on how to register on Citi Online? Go to our Help Centre.

Get Started View Demo

How to Start?

Download the Citi Mobile® UK App

The Citi Mobile® UK App gives you a convenient way to manage your everyday banking needs on-the-go and from the palm of your hand. Enjoy the ease of digital banking at the swipe of your finger.

Scan the QR code

Click here for notices and important information.

Citi Online

Citi Online allows you to view your balances, transactions and manage your payments and investments anytime, anywhere. It’s fast, secure, easy to use

Send Money > Manage your Investments > Manage Your Card > Update Your Profile >
Citi Online

Send Money

Manage your payees and send money using Faster Payments, SEPA or SWIFT. You can also send up to £50,000 per day instantly to other Citi accounts worldwide, using Citi Global Transfers, it’s simple, fast and secure.

View Demo Help Centre >
Citi Online

Manage your Investments

Buy and sell Mutual Funds, Equities and Bonds from global markets and keep track of your portfolio from anywhere in the world.

View Demo Help Centre >
Citi Online

Manage Your Card

Activate and link your Citi Debit Card instantly to any eligible currency accounts through the Citi Mobile® UK App.

View Demo Help Centre >
Citi Online

Update Your Profile

Customise your profile by updating your address, email, and your Citi Online dashboard preferences.

View Demo Help Centre >

Citi Mobile® UK App

The Citi Mobile® UK App gives you quick and easy access to your accounts on the go, anytime, anywhere. It enables you to monitor your multiple accounts, investments, activate your cards and transfer money, faster and more secure.

Scan the QR code

Citi Mobile® UK App

Send Money

Send money to new payees and to anyone on your payee list using Faster Payments, SEPA or SWIFT. You can also send up to £50,000 per day instantly to other Citi accounts worldwide, using Citi Global Transfers.

View Demo Help Centre >
Citi Mobile® UK App

Manage Your Card

Activate and link your Citi Debit Card instantly to any eligible currency accounts through the Citi Mobile® UK App.

View DemoHelp Centre >

Citi Mobile® UK App

View Account Balance

Instantly view your account balances anywhere, anytime without hassle.

View DemoHelp Centre >

Citi Mobile® UK App

View FX Rates

Access live FX rates on the go through the Citi Mobile® UK App at your fingertips.

View Demo

Security

At Citi, we are committed to providing a secured banking experience to all our clients. You can also play a major role in helping us protect your valuable information by understanding the following:

How Citi protects you? > How to protect yourself? > Need help regarding fraud? >

Golden rules for secure banking

Never give out your telephone banking PIN, One Time Passwords or debit card PIN to anyone, even if you believe you are being asked by the Police, a reputable organisation or someone who works at Citi.

Keep your online devices secure at all times. Ensure your PC, tablets and mobile phones have trusted security software installed and ensure you run scans regularly to identify and remove any malware/viruses.

Never click on any links included in SMS text messages or call any numbers that are stated on the message.

Protect yourself against debit card fraud

Shield your PIN when authorising a purchase or withdrawing cash from an ATM.

Don't let anyone else know your PIN or use your card.

If an ATM swallows your debit card, call Citi to report it as lost/stolen whilst you are still at the ATM machine.

Keep a close watch on your transactions. Regularly review transactions on your bank statements to make sure they only reflect the purchases you've made.

Protect Your Personal Information

  • Vishing

    More and more people have been falling for a persuasive phone scam known as 'vishing'. Be alert so you can protect yourself against it.

    Fraudsters have been calling people and posing as someone from a bank's fraud team. They might also say they’re from the police, a telephone or internet service provider, or some other trusted party. The scammers then try to obtain debit card details, internet banking login credentials, bank account details, Telephone PINs, One Time Passwords or other personal information.

    Remember that banks and other legitimate organisations will never ask for your sensitive information. Never give out your telephone banking, online banking or card PIN to anyone who contacts you.

  • SMiShing

    Named for SMS (Short Message Service), the technology used for mobile phone text messaging, SMiShing messages appear to be from a legitimate company and typically contain a link that takes you to a fake website or asks you to call a phone number.

    Even if you don't enter any information, selecting the link can lead to other problems, such as installing key logging software or dangerous viruses on your phone.

    Watch Video

  • Phishing

    Phishing emails, also known as hoax or spoof emails are fraudulent emails that appear to come from a trusted source but are in fact designed to trick you into revealing valuable data. If you click on any of the links, they may take you to a fraudulent website where you'll be asked to "update" or "confirm" sensitive information that could leave your accounts at risk.

    Phishing emails may also contain links or attachments that could infect your computer with viruses and malware.

    If we interact or ask for an action from you via email, this will only be to an email to an email you have registered with us. It would be a secured email from DocuSign and we will always authenticate you before seeking information.

    Watch Video

Common Threats and Scams

  • Invoice and mandate scams

    In these types of scams, you may receive an email or an invoice from a company or person, that you are expecting and do have to pay, however the scammer has managed to intervene and change the bank details on the bill, invoice or mandate.

    This means you will pay what you think is a legitimate payment however the money will go to the fraudsters account.

    To avoid falling victim to this type of scam always call the company and speak to the company or person you are intending to pay, rather than just reply on the email, bill, invoice or mandate that you receive. Check the amount and the bank details of the person match what is detailed on the invoice, remembering to always call the number that is advertised on the secure website.

  • Remote Access Scam

    A remote access scam occurs when a victim believes that they are speaking to a legitimate business, most commonly their mobile or internet service provider and is convinced to download software which allows a fraudster access to their PC or device. The Victim is then coerced into logging into their bank accounts online, subsequently then giving the fraudster access to their finances.

    Never give remote access to an unsolicited caller and subsequently log into your Citibank online account.

  • Investment/Boiler room fraud

    Share scams are predominately run from boiler rooms; in which fraudster’s cold call their victims with the sole intention to sell non-existent shares. They can be very persuasive and at times forceful in delivering their scam. They will assure high returns on the shares which will never materialise. If it sounds too good to be true it probably is...

  • Romance scams

    Romance fraud is a scam employed by fraudsters into developing an online romance built on lies and deception with the intention to request money from their victim. Fraudsters will build up a relationship and once they have their victims trust they will fabricate elaborate stories to gain money. Eventually they will cease contact with their victims once they have been successful in extracting savings/money from them. This type of scam is on the increase.

Golden rules for secure banking

Never give out your telephone banking PIN, One Time Passwords or debit card PIN to anyone, even if you believe you are being asked by the Police, a reputable organisation or someone who works at Citi.

Keep your online devices secure at all times. Ensure your PC, tablets and mobile phones have trusted security software installed and ensure you run scans regularly to identify and remove any malware/viruses.

Never click on any links included in SMS text messages or call any numbers that are stated on the message.

Protect yourself against debit card fraud

Shield your PIN when authorising a purchase or withdrawing cash from an ATM.

Don't let anyone else know your PIN or use your card.

If an ATM swallows your debit card, call Citi to report it as lost/stolen whilst you are still at the ATM machine.

Keep a close watch on your transactions. Regularly review transactions on your bank statements to make sure they only reflect the purchases you've made.

Protect Your Personal Information

  • Vishing

    More and more people have been falling for a persuasive phone scam known as 'vishing'. Be alert so you can protect yourself against it.

    Fraudsters have been calling people and posing as someone from a bank's fraud team. They might also say they’re from the police, a telephone or internet service provider, or some other trusted party. The scammers then try to obtain debit card details, internet banking login credentials, bank account details, Telephone PINs, One Time Passwords or other personal information.

    Remember that banks and other legitimate organisations will never ask for your sensitive information. Never give out your telephone banking, online banking or card PIN to anyone who contacts you.

  • SMiShing

    Named for SMS (Short Message Service), the technology used for mobile phone text messaging, SMiShing messages appear to be from a legitimate company and typically contain a link that takes you to a fake website or asks you to call a phone number.

    Even if you don't enter any information, selecting the link can lead to other problems, such as installing key logging software or dangerous viruses on your phone.

  • Phishing

    Phishing emails, also known as hoax or spoof emails are fraudulent emails that appear to come from a trusted source but are in fact designed to trick you into revealing valuable data. If you click on any of the links, they may take you to a fraudulent website where you'll be asked to "update" or "confirm" sensitive information that could leave your accounts at risk.

    Phishing emails may also contain links or attachments that could infect your computer with viruses and malware.

    If we interact or ask for an action from you via email, this will only be to an email to an email you have registered with us. It would be a secured email from DocuSign and we will always authenticate you before seeking information.

Common Threats and Scams

  • Invoice and mandate scams

    In these types of scams, you may receive an email or an invoice from a company or person, that you are expecting and do have to pay, however the scammer has managed to intervene and change the bank details on the bill, invoice or mandate.

    This means you will pay what you think is a legitimate payment however the money will go to the fraudsters account.

    To avoid falling victim to this type of scam always call the company and speak to the company or person you are intending to pay, rather than just reply on the email, bill, invoice or mandate that you receive. Check the amount and the bank details of the person match what is detailed on the invoice, remembering to always call the number that is advertised on the secure website.

  • Remote Access Scam

    A remote access scam occurs when a victim believes that they are speaking to a legitimate business, most commonly their mobile or internet service provider and is convinced to download software which allows a fraudster access to their PC or device. The Victim is then coerced into logging into their bank accounts online, subsequently then giving the fraudster access to their finances.

    Never give remote access to an unsolicited caller and subsequently log into your Citibank online account.

  • Investment/Boiler room fraud

    Share scams are predominately run from boiler rooms; in which fraudster’s cold call their victims with the sole intention to sell non-existent shares. They can be very persuasive and at times forceful in delivering their scam. They will assure high returns on the shares which will never materialise. If it sounds too good to be true it probably is...

  • Romance scams

    Romance fraud is a scam employed by fraudsters into developing an online romance built on lies and deception with the intention to request money from their victim. Fraudsters will build up a relationship and once they have their victims trust they will fabricate elaborate stories to gain money. Eventually they will cease contact with their victims once they have been successful in extracting savings/money from them. This type of scam is on the increase.

  • Citi Mobile® Token

    New feature on Citi Mobile® UK App to authenticate your online transactions.

    Secure:
    Protected by your chosen 6-digit Unlock Code and restricted to one mobile device.

    Instant:
    Authenticate yourself without the need to wait for an SMS anymore.

    Convenient:
    Generate Citi Mobile® Token to authenticate yourself anywhere, anytime.

    Click here to learn more about Citi Mobile token

  • Dedicated security team

    Our dedicated Security Team is there to investigate new technologies, monitor activity and respond promptly to any security issues.

    Whether you call us or we call you, we always verify who you are before giving any account information over the phone. We will never ask you to divulge your ATM PIN, any One Time Passwords that we send you or your Citibank Online credentials.

    Our Fraud team works 24*7, monitoring transactions to ensure you're protected against debit card fraud and any attempt to take over your account.

  • Verification security

    We provide a 2 Way SMS service that allows us to alert you of any suspicious transaction on your account. If you receive such an SMS from us, you should inform us if the transaction is authorised by you or not by following the relevant instructions in the SMS. It is important that we have your updated mobile number so that you can receive these alerts relating to your accounts.

    All Citi Debit Cards are eligible for Mastercard® SecurecodeTM, which protects your card against unauthorised use and gives peace of mind when shopping online.

    The Citi Alerting Service can notify you by email or text message when a significant change or transaction takes place on your account.

  • Web security

    Our 128-bit SSL (Secure Sockets Layer) encryption engine provides industry standard levels of security, ensuring your information can't be read by anyone else.

    The green address bar on Citi websites is an Extended Validation SSL Certificate, indicating clearly that the site has undergone extensive vetting by our security teams.

    Every time you sign in to Citi Online, we display the date and time of your last visit. If you didn't sign in then, you'll know there has been unauthorised account access.

  • Golden rules for secure banking

    Protect yourself against debit card fraud

  • Protect Your Personal Information

    Common Threats and Scams

    • Lost/stolen card

      Contact CitiPhone on: 0800 00 55 00 or +44 20 7500 1445 if calling from outside the UK

    • Fraudulent spend on your account

      Contact CitiPhone on: 0800 00 55 00 or +44 20 7500 1445 if calling from outside the UK

    • Reporting a suspicious email

      If you receive a suspicious email please forward it to suspicious.email@citi.com and delete the mail from your inbox.