Citi Cards

Robert Alexander's Avatar

Robert Alexander

08 Sep, 2019 01:15 PM


I am still getting a 2000 error message when trying to set up online banking for Citi Cards.

Any ideas or new resolutions?

Bob Alexander

Showing page 4 out of 4. View the first page

  1. 91 Posted by R Wong on 15 Nov, 2019 10:37 PM

    R Wong's Avatar

    Hi Sean,

    1:30pm PT tomorrow (11/16) works for me.  What software is needed for a
    screen sharing session?  And how do we avoid any privacy issues...will
    we create a brand new MD file?


  2. Support Staff 92 Posted by Sean Reilly on 16 Nov, 2019 04:51 PM

    Sean Reilly's Avatar

    Hi Randy,
    1:30pm Pacific will be great. To run the session can you run the app that downloads from the following link at the meeting time?
    We can try it with a fresh new data file if you like, but if that works then we should also make sure it works with your main data file as well.


  3. 93 Posted by Calbear85 on 16 Nov, 2019 05:46 PM

    Calbear85's Avatar

    Hi Sean, Can we move up the meeting to 1:00-1:15 PT? I don’t want to cut it short if it should take longer than expected.

    Thanks. Randy

  4. Support Staff 94 Posted by Sean Reilly on 16 Nov, 2019 08:53 PM

    Sean Reilly's Avatar

    Hi Randy,
    I'm sorry I can't make it until 1:30. We can always continue later if it ends up taking longer than expected.

  5. 95 Posted by Calbear85 on 16 Nov, 2019 08:54 PM

    Calbear85's Avatar

    No worries.

  6. 96 Posted by Andrew on 22 Nov, 2019 12:01 PM

    Andrew's Avatar

    I'm still stuck. Still getting the message to wait 24 to 36 hours :-(

  7. Support Staff 97 Posted by Sean Reilly on 22 Nov, 2019 01:56 PM

    Sean Reilly's Avatar

    Hi Andrew,

    Could you start a new thread with a screenshot (or copy and paste of the text) showing that error messagea?


    Sean Reilly
    Developer, The Infinite Kind

  8. 98 Posted by lordpixel on 23 Nov, 2019 01:52 PM

    lordpixel's Avatar
  9. 99 Posted by Chris on 24 Nov, 2019 09:00 PM

    Chris's Avatar

    After struggling with my Costco Citi VISA all year, I finally nailed the issue. Sadly, it really appears like an issue that IK should have found. I wasn't getting 2000 errors but rather cryptic 13504 errors (with no useful information). I followed hleofxquotes's brilliant debugging steps using the curl and the desktop and it was completely obvious: At some point 1Password had generated a sweet, long, random password for Citibank and it contained a '<' character. IK was sending that character through as part of the password without escaping it and Citi was choking on it. Switching my password to a still very long, but special character-less password fixed everything.

    And Infinite Kind, you really need to properly escape the data you are passing. It seems like it could have the potential to allow some code injection.

  10. 100 Posted by Monty Wiseman on 24 Nov, 2019 10:13 PM

    Monty Wiseman's Avatar

    >>> And Infinite Kind, you really need to properly escape the data you
    are passing. It seems like it could have the potential to allow some
    code injection

    Not escaping the special character and sending an invalid byte array
    would be an IK _bug_. If it resulted in a _code injection attack_ that
    would be the fault of Citi bank but sounds like Citi bank did proper
    bounds checking of the input string and rejected the invalid character
    as they should have.

    BTW: Thanks for all the diligence and effort chasing this down.


  11. Support Staff 101 Posted by Sean Reilly on 25 Nov, 2019 09:40 AM

    Sean Reilly's Avatar

    We do escape all data, including passwords, sent in OFX messages. If you have any evidence that we haven't please contact me directly at [email blocked].

    As for code injection, that's also not possible because nothing downloaded as part of OFX files is ever executed.

    I've just double-checked the code and we are properly encoding and decoding all data.


  12. 102 Posted by Chris Guthrie on 25 Nov, 2019 01:07 PM

    Chris Guthrie's Avatar

    In fairness, you are correct. I don't have enough data to support my claims.
    While I could possibly push things further by experimenting more with curl,
    I've fixed it and I'm happy.

    The information I will share with you is my former Citi password and account

    This definitely didn't work and left me stranded for months. Changing the
    password to more than 40 alpha/numeric (no special) values fixed my issues
    with Citi.

  13. 103 Posted by Chris on 25 Nov, 2019 01:14 PM

    Chris's Avatar

    Apologies to IK, but I obviously didn't have enough information to make my claims as to whose fault it was. It could be a problem with the data sent by IK, or it could be a problem with the way Citi handles the incoming data. Either way, the error message "Failure" doesn't really lend itself to correction on my side and after six months of struggling, I was just relieved to have things working again.

    In any event, I was able to resolve the problem by switching to a password with no special characters. My old password had a '<' which may have been the culprit. Fortunately, Citi accepts passwords of up to 50 characters, so I can still trust my random password to be secure.

  14. 104 Posted by Roger Rice on 26 Nov, 2019 02:46 PM

    Roger Rice's Avatar

    Probably the 75th time I tried it, it just worked.... couldn't tell you what I did differently.

  15. 105 Posted by Griselda Hermos... on 27 Nov, 2019 03:02 AM

    Griselda Hermosillo's Avatar


  16. 106 Posted by hgggghh603 on 10 Dec, 2019 12:04 AM

    hgggghh603's Avatar

    Okay thanks

  17. 107 Posted by lordpixel on 14 Dec, 2019 02:41 PM

    lordpixel's Avatar

    I'm still stuck with 2000 errors, weeks later. I opened another thread with a screenshot as requested but no one ever replies there :-(

  18. 108 Posted by lordpixel on 14 Dec, 2019 04:01 PM

    lordpixel's Avatar

    I worked through the whole process of deleting everything (covered many times above) and setting it up again. This time it worked.

    I did one new thing. There was a closed card sitting in my account. I unlinked it.

    So that's one more thing for folks reading this thread to check. See if you have any closed cards and try unlinking them.

  19. System closed this discussion on 14 Mar, 2020 04:10 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac