Citi Authenticator is a mobile app for select Citi workforce to enable simple and secure authentications to Citi services
Citibank needs to implement 2FA and MFA for customers
Citibank is in the dark ages when it comes to security for consumers. The only option for two factor authentication for browser access is text message (SMS) based 2FA, the least secure and most inconvenient option: The cell phone might be in another room or battery dead, phone accounts can be hijacked, text messages can be severely delayed, or users may be traveling internationally without a roaming plan. At a minimum, Citibank needs to implement support for industry-standard time-based OTP (e.g. Google Authenticator, Authy, 1Password). Ideally, Citibank would also add support for hardware MFA (e.g Yubikey) as well. Don’t wait for regulators to mandate it, so what’s right for your customers willingly please.
Customers left hanging
It’s available for select Citi employees but not for customers. So customers can only use less secure SMS messaging for 2FA. Hey, Citibank, have you ever heard so SIM card spoofing?
Make sure to update Citi Authenticator to the latest version. As we keep working on new improvements, features, and bug fixes.
Subscribe our newsletter and get useful information every week.