弊社では二段階ログイン認証プロセスを使用して、お客様の資産と口座を不正なアクセスより保護するために努めております。二段階の認証保護を使用することにより、口座へのアクセスには「お客様のご存知のこと」(ユーザー名とパスワードの組合せです)、ならびに「お客様がお持ちのもの」(ユーザー名とパスワードに続いて入力するランダムなコードを作成するツールです)が必要になります。 この保護システムはオンラインハッカー(マルウェアやソーシャルエンジニアリングを利用して個人のパスワードを入手する人物)によるお客様の口座へのアクセスするリスクの軽減を目的としています。
弊社では幾つかの二段階認証のオプションをご用意しておりますが、IBKRモバイルは通常その中でもアクセスと操作にいて一番使いやすいものとしてご利用いただいています。以下はこちらのアプリの利用しやすい点をまとめたものになります。
1. いつでも使える:
いつでもお持ちのスマートフォンとツールで、IBKR口座に安全にアクセスできます
2. 便利に使える:
トラッキングや確認が必要なデバイスを別に持つ必要がありません。携帯電話の紛失や変更の際には弊社のクライアントサービスが、即座にアプリのバックアップのサポートを致します。
3. 素早く有効化:
アプリのダウンロードからほんの数分で口座認証に使えるようになります。
4. 郵送や返却の必要なし:
配達の遅れやバッテリーの劣化によるデバイスの返却はありません。ダウンロードするだけで使えます。
5. 弊社のシームレスな認証機能で、安全ながらも素早くログインができるようになります:
取引プラットフォームやクライアント・ポータルにログインする際に必要になるのはユーザー名とパスワードだけです - IBKRより通知を送信致しますので、ご自身で設定されている生体認証かPINで認証を完了させてください。
6. ひとつのアプリで複数ユーザーを認証:
お持ちの個人口座やビジネス口座、また配偶者の方とのジョイント口座すべてに同じセキュリティデバイスをご利用の方は、これらすべてに同じアプリを有効化して使うことができます。
7. すべてのスマートフォンに、どこからでもご利用いただけます:
iPhoneをご利用の場合には、Apple AppストアからIBKRモバイルのダウンロードができます。アンドロイドをご利用の場合には、Google Playストアよりダウンロードしてください。中国在住のお客様はBaiduおよび360.cnストアの両方からダウンロードできます。
8. オフラインでも利用可能:
IBKRモバイルは携帯電話がオフラインになっていても(休暇中や、シグナルを受信できない場合など)使うことができます。認証機能にアクセスができなくても、口座へのアクセスと取引に必要なコードをアプリが作成します。
9. 安全にパスワードをリセット:
IBKRモバイルをインストールの上、IB Key認証が有効化されますと、弊社クライアントサービスよりお客様の携帯電話に安全な方法で一時的なパスワードが送信されます。テキストメッセージなどの通信方法で情報がむき出しになることがありません。
10. フットプリントは小さく:
BKRモバイルはデータがどんなに少なくても容量を独り占めせずにご利用のスマートフォンにインストールしていただくことができます。アプリのサイズはセキュリティを妥協することなく、必要最低限にとどめられています。
インストールや有効化、また使用方法を含めるIBKRモバイル認証の概要はKB2260をご参照ください。
Once your mobile phone number has been verified in the Client Portal, you should immediately be able to receive text messages (SMS) from IBKR directly to your mobile phone. This article will provide you with basic troubleshooting steps in case you are unable to receive such messages.
1. Activate the IBKR Mobile Authentication (IB Key) as 2-Factor security device
In order to be independent of wireless/phone carrier-related issues and have a steady delivery of all IBKR messages we recommend to activate the IBKR Mobile Authentication (IB Key) on your smartphone.
The smartphone authentication with IB Key provided by our IBKR Mobile app serves as a 2-Factor security device, thereby eliminating the need to receive authentication codes via SMS when logging in to your IBKR account.
Our IBKR Mobile app is currently supported on smartphones running either Android or iOS operating system. The installation, activation, and operating instructions can be found here:
2. Restart your phone:
Power your device down completely and turn it back on. Usually this should be sufficient for text messages to start coming through.
Please note that in some cases, such as roaming outside of your carrier's coverage (when abroad) you might not receive all messages.
3. Use Voice callback
If you do not receive your login authentication code after restarting your phone, you may select 'Voice' instead. You will then receive your login authentication code via an automated callback. Further instructions on how to use Voice callback can be found in IBKB 3396.
4. Check whether your phone carrier is blocking the SMS from IBKR
Some phone carriers automatically block IBKR text messages, as they are wrongly recognized as spam or undesirable content. According to your region, those are the services you can contact to check if a SMS filter is in place for your phone number:
In the US:
In India:
In China:
References:
You may have the IBKR Mobile app installed simultaneously on multiple devices but the integrated authentication module IBKR Mobile Authentication (IB Key) can only be active on a single smartphone, on which you will complete the Two-Factor authentication tasks triggered from any other device.
Once you have reviewed the above requirements, please click one of the below links, according to the operating system of your secondary smartphone
References:
Authentication device: this is the smartphone on which you activated the IBKR Mobile Authentication (IB Key)
Trading device: this is where you want to use IBKR Mobile app for trading.
SMSを二段階ログイン認証プロセスに利用することにより、素早く簡単に認証作業を行うことができます。ここではSMSを利用して携帯電話で認証コードを受信するための携帯番号の設定方法をご説明します。
SMSを利用しての二段階ログイン認証プロセスへの登録には、承認済みの携帯電話の番号を登録しておく必要があります。口座開設の時点で携帯電話番号の承認を行っていない場合には、下記の手順に従っていつでも作業を行うことができます:
二段階ログイン認証プロセス用にSMSが有効化され次第、以下のようにご利用いただくことができるようになります:
Securely log in to any IBKR application, including TWS, Client Portal or WebTrader using IBKR Mobile
1. Enter your IBKR Account credentials into your trading platform or Client Portal login screen and click Login. If your credentials have been accepted, a notification will be sent to your phone.
2. On your phone, swipe down from the top and check your notification drawer. Tap on the IBKR Mobile notification. If you have not received the notification, please refer to KB3234.
3. The IBKR Mobile Authentication (IB Key) will open, prompting you for your fingerprint or your PIN, according to the hardware capabilities of your phone. Please provide the requested security element.
4. If the authentication has succeeded, the trading platform or Client Portal login process will automatically move ahead to the next phases.
What if I do not receive the notification?
If notifications are disabled, no internet access is available or if you have a poor, unstable connection, the notifications may not reach your phone. In these cases the seamless authentication may not be available but you can still use the manual Challenge/Response authentication method as described below:
1. On your trading platform or Client Portal login screen, click the link "Click here if you do not receive the notification".
2. A Challenge code will be displayed on the screen.
3. Launch the IBKR Mobile app on your Smartphone, select Authenticate (if necessary), enter your PIN and the Challenge code you obtained in the previous step. Tap Generate Passcode.
4. A Response String will be displayed.
5. Enter the Response String into your trading platform or Client Portal login screen. Then click OK.
6. If the authentication has succeeded, the trading platform or Client Portal login process will automatically move ahead to the next phases.
Operation with Touch ID
Once activated, operation of IBKR Mobile Authentication (IB Key) using Touch ID is as follows:
IMPORTANT NOTE: If you do not have Internet access while operating the IBKR Mobile app, please refer to the section "What if I don't receive the notification?"
1. Enter your username and password into the trading platform or Client Portal login screen and click Login. If correct, a notification will be sent to your iPhone.
2. On your iPhone, check your notifications panel and select the IBKR Mobile app notification
3. Selecting the notification will launch the IBKR Mobile Authentication (IB Key). On your iPhone, place your finger that was registered for Touch ID on the Home Button. If the Touch ID has not been activated, IB Key will prompt you to enter the Passcode.
4. If authentication succeeds, the log in will now automatically proceed.
Operation with Face ID
Once activated, operation of IBKR Mobile Authentication (IB Key) using Face ID is as follows:
IMPORTANT NOTE: If you do not have Internet access while operating the IBKR Mobile app, please refer to the section "What if I don't receive the notification?"
1. Enter your username and password into the trading platform or Client Portal login screen and click Login. If correct, a notification will be sent to your iPhone.
2. On your iPhone, check your notifications panel and select the IBKR Mobile app notification
3. Selecting the notification will launch the IBKR Mobile Authentication (IB Key). On your iPhone, look at the screen to authenticate via Face ID. If Face ID has not been activated, IB Key will prompt you to enter the Passcode.
4. If authentication succeeds, the log in will now automatically proceed.
What if I don't receive the notification?
If notifications are disabled, no internet access is available or if you have a poor, unstable connection it is possible the notification may not arrive. In these cases operation of the IBKR Mobile app is as follows:
1. Click the link Click here if you do not receive the notification.
2. This will generate challenge code and box to enter response.
3. Launch IBKR Mobile on your Smartphone, then select Authenticate. Type the Challenge number into the corresponding box.
4. If you use Touch ID, place your finger that was registered on the Home Button. If the Touch ID has not been activated, the IBKR Mobile Authentication (IB Key) will prompt you to enter the Passcode. A response string will be generated. If you use Face ID, skip this step and go to the next one.
5. If you use Face ID, look at the screen to authenticate via Face ID. If Face ID has not been activated, IB Key will prompt you to enter the Passcode. A response string will be generated.
6. Enter the response from your iPhone into the log in screen and click OK.
7. If authentication succeeds, the log in will now automatically proceed.
A push notification is a brief message which is sent ("pushed") from a back-end server to your device over the Internet. Apps developers use those attention-grabbing messages to quickly and effectively reach the recipients, even if they are not currently engaging with their application. Notifications can deliver information to users or advise them of a specific action they are invited or required to perform.
The IBKR Mobile application uses notifications for informational purposes, as well as two-factor authentication. In the latter case, the user is invited to tap on the notification, which will automatically open the IBKR Mobile app and begin the authentication process.
This procedure explains how to manually enable notifications for the IBKR Mobile app. Please click the link below that matches your smartphone's operating system.
Please note that menu items labels and positions may vary according to your device vendor and software version.
1. The Apps & notifications item may be called Sound & notification on certain devices
In this article, we explain what notifications are, how they are used within the IB Key authentication process and which troubleshooting actions you can perform if you do not receive them on your smartphone.
A push notification is a brief message sent ("pushed") from a back-end server to your device over the Internet. Apps developers use those messages to quickly and effectively attract the user's attention, even if they are currently not engaging with their application. Notifications can deliver information to users or advise them of a specific action they are invited or required to perform.
The IBKR Mobile application uses notifications:
In the second case, the user is invited to tap on the notification - this will automatically open the IBKR Mobile app, through which the authentication process needs to be completed.
To receive the IBKR Mobile notifications, the following requirements have to be met:
If you meet the prerequisites but are still not receiving IBKR Mobile push notifications, please check the instructions below.
Click here if you want to skip those instructions and jump directly to the next item - point 5.
Click here if you want to skip those instructions and jump directly to the next item - point 7.
Note: The position and name of the items may vary according to the Android device vendor and software version.
a. On ibkr.com click on LOG IN --> PORTAL LOGIN
b. Enter your credentials and click on Login
c. Should you have multiple SLS devices active, select "IB Key" from the device drop-down
d. If you see a note stating that a message has been sent to your phone, click the link "Click here if you did not receive the message" and the system will show you a six-digit Challenge number
e. On your mobile device, open the IBKR Mobile app, then tap Authenticate (should you not see the button Authenticate, tap first on the link Services on the top left of the screen)
f. Enter the Challenge number you obtained at point d. in the Challenge field and tap Generate Response. Once you have provided your security element (PIN, FaceID, Passcode), you will receive an 8 digits Response String
g. On the Client Portal login screen, enter now the Response String you obtained at point f.
h. If the code has been accepted, you will be logged in to the Client Portal.
i. Logout from the Client Portal and try to log in again. This time you should receive the notification on your mobile device.
In case your smartphone is unable to receive IB Key notifications, you can still complete the login process using the IB Key Challenge/Response method, described on the following pages (according to your device operating system):
SMS as Two-Factor method is a quick and easy way to carry out your authentication tasks. This article explains how to set up your mobile phone number to receive authentication codes via SMS.
To enroll into SMS Two-Factor Authentication, you would need to have a verified mobile phone number on record. If the verification of your phone number was not completed during the account application, you can complete it at any time by following these steps:
Once SMS has been enabled as 2-Factor Authentication method, you will be able to use it in the following way:
Regulators in certain jurisdictions have imposed requirements that brokerage clients use Two-Factor Authentication when accessing their account. These requirements currently impact residents of Hong Kong and India with details provided below.
On 27 Oct 2017, the Securities & Futures Commission of Hong Kong (SFC) issued revised guidelines aimed at reducing the information security risks associated with internet trading. All registered and licensed persons engaged in internet trading are required to comply. The Hong Kong Monteary Authority (HKMA) simultaneously issued a circular on the same day requiring all registered institutions to implement the requirements listed in the guidelines.
Per article 1.1 of the SFC guidelines, all clients are required to be enrolled in Two-Factor Authentication. As a result, we are no longer able to provide Hong Kong accounts with the ability to opt out of the Secure Login System.
On March 25, 2014 the National Stock Exchange of India (NSEI) issued a circular with new requirements for stock brokers that operate in India. Per regulation 3b, all brokers must implement Two-Factor Authentication for Indian clients. As a result, we are no longer able to provide India accounts with the ability to opt out of the Secure Login System.