How We Protect Your Account - Strength and Security
How We Protect Your Account
From the moment you log in, our account protection features are there to ensure that your account remains secure.
Two-Factor Authentication
Factor One: Each account requires a unique username/password combination for access.
Factor Two: Secure Login System. Participants receive a personal security device which provides a randomly-generated security code. This code is used in conjunction with the username and password to access secure areas. Click here for additional details on the Secure Login System.
Secure Socket Layer
- IBKR deploys 2048-bit EV Certificates, TLS 128-bit or higher encryption to establish a secure connection and ensure the confidentiality and integrity of information passed between your computer and IBKR. Activate SSL by checking the "Use SSL" box on the TWS login dialog. Using SSL may impact the performance of your PC depending on its capabilities.
- Automated monitoring systems to ensure only strong encryption algorithms are used.
- IBKR enforces all website traffic to use encryption.
EV (Extended Validation) technology verifies that you are on a protected website.
Limit Login via IP Restrictions
Restrict access to TWS to a specific list of IP addresses. In cases where multiple traders have access to an account, these restrictions can be set at the individual trader level.
Failed Login Attempts
IBKR restricts account access following a specified number of failed login attempts.
Automatic Logoff
We have built in an auto-logoff feature that logs you out of the application after a specified period of inactivity.
Statements
All statements are accessed through secure login to Client Portal.
Security Monitoring
We employ state-of-the-art transaction monitoring systems and maintain a dedicated security team that is responsible for detecting suspicious activity. If an unusual or suspicious transaction is noted, a member of this team may contact you to confirm the validity of the transaction. If contacted, you will never be asked to provide your password and we encourage that you call back and request to speak to the security team employee via our toll free number 1–877-442-2757 in order to first confirm their identity. If you believe that your account has been compromised, you should notify IBKR immediately via our toll free number 1–(877)-442-2757.
Know the Threats
Spyware
This refers to software inadvertently downloaded from the Internet when you visit certain websites. Spyware covertly gathers information from your computer without your knowledge. Once installed, spyware monitors user activity on the Internet and transmits that information (including usernames and passwords) to an unauthorized recipient. You should install anti-spyware software on your computer to detect and remove spyware.
Phishing
Thieves use phishing to obtain sensitive information by masquerading as a trustworthy institution. Phishing is typically carried out via an email that contains a link to what appears to be an authentic website. These counterfeit sites prompt you to enter your personal information, which the thieves then use to access your accounts. Note that IBKR will never send an email requesting sensitive information such as your password or social security number. If you receive a suspicious email which identifies itself as originating from IBKR do not respond, and immediately notify our security team by calling toll-free in the US at (877) 442-2757 or direct at (312) 542-6901.
Viruses, Worms & Trojan Horses
These malicious programs can cause severe and irreparable damage to your hardware, software or files, and in some cases can open your system to unauthorized access and possibly allow confidential information to be compromised. These programs, which differ on how they spread and replicate, are best controlled by first ensuring that your operating system is up-to-date and then installing anti-virus software, making sure that you frequently download updates to obtain the latest fixes.