How to enable and use SMS as Two-Factor Authentication method

Overview: 

SMS as Two-Factor method is a quick and easy way to carry out your authentication tasks. This article explains how to set up your mobile phone number to receive authentication codes via SMS.

 

How to Enroll into SMS authentication

To enroll into SMS Two-Factor Authentication, you would need to have a verified mobile phone number on record. If the verification of your phone number was not completed during the account application, you can complete it at any time by following these steps:

  • Log in to Client Portal.
  • From the side menu, click on Settings and then on User Settings. Click on the configuration gear correspondent to Mobile Number.

  • Click on VERIFY
  • Open your phone's text messages app and you will find the SMS with the Confirm Code we sent you.
    NOTE: message delivery time may vary and in some circumstances it can take few minutes. A new SMS may only be requested every 2 minutes.
     
  • Enter the Confirm Code you have received into the Confirmation Number field, then click CONTINUE.
     
  • If the code has been accepted, a green check mark will appear in the column SMS Verified. Click CONTINUE to finalize the procedure.
  • If your user does not have an active SLS device, it will be automatically enrolled in SMS for Two-Factor Authentication shortly afterwards.

    Back to top


 

How to login using SMS authentication

Once SMS has been enabled as 2-Factor Authentication method, you will be able to use it in the following way:

  • Launch the TWS or go to the Client Portal
  • Enter your username and password in the correspondent fields and click Login
      
  • You will then be prompted to enter the authentication code sent to you via SMS. Please open your phone's messages app and look for the message containing the code.

  • Enter the authentication code in the Security Code field present on the login screen, and then click on Login or OK
      


Back to top

 

Regulations Mandating Two-Factor Protection

Overview: 

Regulators in certain jurisdictions have imposed requirements that brokerage clients use Two-Factor Authentication when accessing their account. These requirements currently impact residents of Hong Kong and India with details provided below.

Hong Kong-based accounts

On 27 Oct 2017, the Securities & Futures Commission of Hong Kong (SFC) issued revised guidelines aimed at reducing the information security risks associated with internet trading.  All registered and licensed persons engaged in internet trading are required to comply. The Hong Kong Monteary Authority (HKMA) simultaneously issued a circular on the same day requiring all registered institutions to implement the requirements listed in the guidelines.

Per article 1.1 of the SFC guidelines, all clients are required to be enrolled in Two-Factor Authentication. As a result, we are no longer able to provide Hong Kong accounts with the ability to opt out of the Secure Login System.

 

India-based accounts

On March 25, 2014 the National Stock Exchange of India (NSEI) issued a circular with new requirements for stock brokers that operate in India. Per regulation 3b, all brokers must implement Two-Factor Authentication for Indian clients. As a result, we are no longer able to provide India accounts with the ability to opt out of the Secure Login System.

IB程序在安卓設備上的緩存維護

Background: 

因為能完全重置發生故障的IBKR應用程序,此操作已被證明能解決多項問題。

對於安卓6.0(Marshmallow)及以上的操作系統

1.  進入手機的設置菜單

2.  在手機下方選擇應用程序 MOVED TO... 應用管理
Select Applications  Application Manager
 

3.  向下滾動,選擇要重置的IB程序。

 

4.  點擊存儲

 

5.  點擊清除數據 MOVED TO... 確定
   
 

6.  確認數據已清除。

 

7.  重啟手機

8.  重新打開應用程序

 

 

對於安卓5.0(Lollipop)及之前版本的操作系統

  1. 進入手機的設置菜單
  2. 設備下方,選擇應用程序
    Select Apps
     
  3. 向下滾動,選擇要重置的IB程序。
      
     
  4. 點擊清除數據 MOVED TO... 確定
    Clear App data  Delete app data -> OK
     
  5. 確認數據已清除。
    Confirm Data cleared
     
  6. 重啟手機
  7. 重新打開應用程序


注意:如果清除緩存並手動調整許可在重啟安卓設備的情況下問題依然存在,則請聯繫IB客戶服務進一步排查故障。


相關文章:

  • KB2277安卓版IB Key概述
  • KB2748如何在安卓設備上恢復IB Key

 

PIN碼設置指南

某些用來登錄您IBKR賬戶的安全設備在申請或激活時需創建一個數字或字母與數字組合的PIN碼。

該PIN碼可提供額外的一層保護,有效防止意外拿到您的設備但又未被授權的個體操作設備。因此,選擇一個您容易記住且別人難以猜到的密碼尤為重要。

下方列出了一系列您創建PIN碼時應考慮的指導原則或最佳方案:

  • 請勿使用您的生日
  • 請勿使用您孩子或者任何直系親屬的生日
  • 請勿使用您個人或者辦公地址信息,如街道名稱、門牌號碼、郵政編碼
  • 請勿使用您身份證件信息(如社保號或者身份證號碼)
  • 請勿使用電話號碼


對於PIN碼的非數字部分,請避免使用:

  • 您本人或您的家庭成員或親屬的姓名首字母,或您所在城市的名稱或球隊的名稱
  • 您本人、您的家庭成員或親屬的姓和/或名

 

我們建議在PIN碼中包含大小寫字母和數字。

要滿足以上要求構造一個方便記憶的PIN碼,您可以想一個句子,然後將該句子的首字母組合起來。

如何重新激活或遷移移動IBKR驗證

Overview: 

本文詳細介紹了通過移動IBKR重新激活IB Key驗證的步驟。

重新安裝程序更換手機都會導致程序需要重新激活或安裝。

在下列情況下,您可以無需聯繫IBKR客服直接進行重新激活:

 

案例A) 在同一手機上重新激活

  • 您在同一個手機上卸載並重新安裝移動IBKR程序

請根據您手機的操作系統點擊下方對應鏈接。

  • 安卓移動IBKR的PIN碼+最初用來激活程序的手機號
  • Apple iOS手機PIN碼/指紋/FaceID+最初用來激活程序的手機號

 

案例B) 在另一手機上重新激活

  • 您更換了手機
  • 手機丟了,您現在換了一個新手機
  • 您在主要使用的手機上激活了移動IBKR驗證,但現在想遷移(臨時或永久)到備用手機上。

請根據您手機的操作系統點擊下方對應鏈接。

  • 安卓最初用來激活程序的手機號
  • Apple iOS手機PIN碼/指紋/FaceID+最初用來激活程序的手機號
 
注:如果您的使用者另外還有已激活的實物安全設備,那麼在上述情況下(A B)您隨時都可以重新激活/遷移移動IBKR驗證(IB Key)。這樣就不需要最初用來激活程序的手機號,因為系統會在重新激活/遷移過程中自動提示您使用實物安全設備,而不會向您發送短信。
 

    如果不屬￿上述情況,請撥打ibkr.com/support頁面列出的號碼聯繫IBKR客服(安全登錄部門)申請臨時賬戶訪問。

     

參考:

  • KB2879&KB2260:有關移動IBKR驗證(IB Key)的一般信息
  • KB2260:如何安裝/激活/操作移動IBKR程序
  • KB2278:如何在蘋果手機上操作IB Key
  • KB2277:如何在安卓手機上操作B Key 
  • KB3279:在另一手機上啟用了IB Key的情況下如何登錄移動IBKR

 

How to reactivate or transfer the IBKR Mobile authentication?

Overview: 

This article details the steps needed to reactivate the IB Key authentication via IBKR Mobile.

This state of the application or its installation might be due, but not limited to, reinstallation of the app or the purchase of a new phone.

 

You can perform the reactivation without the involvement of IBKR Client Services in the following cases:

 

Case A) Reactivation on the same smartphone

  • You uninstalled and reinstalled the IBKR Mobile app on the same smartphone

Please click on one of the links below according to your phone operating system.

  • Android: IBKR Mobile PIN + Access to the mobile phone number originally used for the app activation
  • Apple iOS: Smartphone PIN / Fingerprint / FaceID + Access to the mobile phone number originally used for the app activation

 

Case B) Reactivation on a different smartphone

  • You are replacing your smartphone with a new one
  • You have lost your smartphone and you are now in possession of a new one
  • You activated the IBKR Mobile authentication on your primary smartphone but you now want to transfer
    the activation (either temporarily or permanently) to the secondary one.

Please click on one of the links below according to your phone operating system.

  • Android: Access to the mobile phone number originally used for the app activation
  • Apple iOS: Smartphone PIN / Fingerprint / FaceID + Access to the mobile phone number originally used for the app activation
 
Note: In the above cases (A, B) you will always be able to reactivate / transfer the IBKR Mobile Authentication (IB Key) when you possess an additional physical security device currently active for your user. With this setup, you will not need to have access to the mobile phone number originally used for the app activation, since the system will automatically prompt you to operate your physical security device instead of sending you a text message (SMS) during the reactivation / transfer procedure.
 

    In any other case, we would kindly ask you to request a temporary account access by contacting IBKR Client Services (Secure Login department) on the phone number best suitable for your location, among the ones listed on ibkr.com/support

     

References:

  • See KB2879, KB2260 for General information about IBKR Mobile Authentication (IB Key)
  • See KB2260 for instructions on how to install/activate/operate the IBKR Mobile app
  • See KB2278 for instructions on how to operate your IB Key on an Apple iPhone
  • See KB2277 for instructions on how to operate your IB Key on an Android smartphone: 
  • See KB3279 for instructions on how to log in to IBKR Mobile when IB Key is enabled on another phone

 

Mobile Phone Verification during the account application

Introduction

IB requires that clients verify their mobile phone in order to receive account and trade related communication directly via SMS.  Clients who fail to verify their phone will be subject to trade restrictions pending completion of this process. Verification is performed online and the steps for doing so are outlined below.
In case your account has been already opened but your mobile number has not been yet verified, please jump directly to KB2552 to complete the verification process.

 

Phone Verification

When completing your Interactive Brokers Account Application, you will see a blue bar at the top of the page that says "CONFIRM MOBILE NUMBER."

You can click on that bar any time during steps 1-4.   Once you do, you will see this window:

Once you have entered your full number, it will be recognized and a confirmation message is sent immediately.  Validate your phone number by entering the SMS Code received in the Confirmation Code field and click Submit.

If you are unable to do this during the application process, you can always confirm it on the Application Status page

 

Please consider the following as certain restrictions may apply:

  • SMS messages may be blocked if you participate in your Countries NDNC (National Do Not Call) registry.
  • Due to fraud prevention measures, virtual number providers may be blocked.
  • Some carriers may restrict the Hours of delivery for SMS messages.

 

Multiple 2-Factor System (M2FS)

Overview

This page covers specific points on what the Multiple 2-Factor System (M2FS) is and how it functions. For general questions on the Secure Login System, please refer to KB1131.

 

Table of contents

 

What is M2FS?

M2FS allows any client to maintain more than one active security device at the same time. You no longer need to choose between a physical security device and the IBKR Mobile app as either can be used interchangeably. If you already possess an active security device, any further device activation will result in both devices remaining simultaneously active.

 

Back to top 

Activation

 

In case you currently use the Security Code Card / Digital Security Card+: if you use a physical security device, you may download and activate the IBKR Mobile app. Please refer to the directions for Android and iOS.

In case you currently use the IBKR Mobile app: If you use the IBKR Mobile app and have an account with a balance equal or greater than USD 500K, you qualify for the Digital Security Card+ . You may log in to Client Portal and request the DSC+ by following the instructions here.

 

Back to top  

Operation

Once you have both a physical device and the IBKR Mobile app enabled, M2FS is represented by a drop-down menu upon login. You can now choose the device you wish to authenticate with, following the below steps:

1. Enter your username and password into the trading platform or Client Portal login screen and click Login. If the credentials have been accepted, a drop down will appear, allowing you to Select Second Factor Device. If you log in to the TWS, please notice that the M2FS is supported from version 966.

TWS:

Client Portal:


 

2. Once you select a security device, you will now be presented with the corresponding screen for authentication. Refer to the directions for:

- IB Key via IBKR Mobile (iOS) 
- IB Key via IBKR Mobile (Android)
- Security Code Card
- Digital Security Card+
 

3. If the second factor authentication succeeds, the Log-in will now automatically proceed.

 

Back to top

Withdrawal limits

The device used to authenticate your withdrawal will define your withdrawal limits, according to the below table:

Security Device
used for Withdrawal

Maximum Withdrawal
Per Day

Maximum Withdrawal
in Five Business Days

Security Code Card1 USD 200,000 USD 600,000
IBKR Mobile app USD 200,000 USD 600,000
Digital Security Card1 USD 1,000,000 USD 1,500,000
Digital Security Card+ Unlimited Unlimited
Gold Device1 Unlimited Unlimited
Platinum Device1 Unlimited Unlimited

1: Represents a legacy device that is no longer issued.

Example: You have both the IBKR Mobile app and the Digital Security Card+ enabled and you need to withdrawal more than USD 200K. You can use either device to login to Client Portal but you will be required to use the Digital Security Card+ to confirm your withdrawal request.

 

Back to top

Benefits

M2FS provides even more flexibility to IBKR's Secure Login System by allowing you to choose what security device you want to authenticate with. In addition to the convenience of using a device which is trusted and routinely accessible, you can eliminate delays associated with authenticating at times a trade needs to be entered quickly.

 

Back to top 

IBKR Mobile Authentication as a Two-Factor Solution

Overview: 

At IBKR, we are committed to protecting your account through the use of 2-Factor log in protection. With 2-factor protection, account access is provided through use of "Something you Know" (i.e. entry of user name and password combination) along with "Something you Have" (i.e., a tool which generates a random code to be entered after the user name and password).  This 2-Factor protection is intended to mitigate the risk of online hackers (who've acquired your password via malware or social engineering) accessing your account.

While IBKR offers multiple 2-Factor options, IBKR Mobile Authentication is generally viewed as the most convenient to access and operate. Outlined below are some of the convenience factors offered by this app.

 

1. Always Available: 
Your smartphone is always with you, as well as your tool to grant you secure access to your IBKR account.

2. Convenient:
No additional devices to carry, track and watch out for. In the event of loss or change of phone, IBKR Client Services can assist you to get the app back up and running at a moment’s notice.

3. Quick Activation:
A couple of minutes within the download of the app, you can already use it to authenticate into your account.

4. No Shipping, Delivery or Return:
No delivery delays, no return of devices with depleted batteries. A quick download suffices.

5. Secure, but quick and No-Hassle Login with our Seamless Authentication:
When logging into the Trading Platforms or the Client Portal, you only need to enter your username and password - IBKR will send you a notification and you will use the IB Key protocol to complete the authentication, via your mobile biometrics or PIN, depending on your configuration.

6. Allows for multiple users to authenticate with the same app:
If you have one security device for your personal IBKR account, one for your joint account with your spouse and one for your business account you will be happy to know that you can activate the same app for all those users (and more).

7. Available for every smartphone, everywhere:
IBKR Mobile can be downloaded from the Apple App Store if you have an iPhone. Android phone users can get the app as usual from the Google Play store. Clients in China can obtain the application on both Baidu and the 360.cn stores.

8. Works even Offline:
Should your phone be offline (e.g. when on vacation or with a bad reception), you can still use IBKR Mobile Authentication. Even though Seamless Authentication won't be accessible, the application can generate the codes you need to access your account and trade.

9. Secure delivery for your Password Reset:
With IBKR Mobile installed and the IB Key authentication activated, you can have the IBKR Client Services send you a temporary password to your phone in a secure way without exposing it through text messages and other means of communication.

10. Small footprint:

IBKR Mobile can be downloaded even on the most restrictive data plans and be installed on your smartphone without hogging resources. The application size and its operational use of resources are limited to the absolute minimum, while not compromising on its security.

 

For a general overview of IBKR Mobile Authentication including installation, activation and operation, please see KB2260.

如何驗證您的手機號碼

Overview: 

本文將向您說明如何驗證您的手機號碼。

如您在申請賬戶時未驗證過您的手機號碼,您可隨時通過以下步驟完成驗證:

  • 登錄賬戶管理。
  • 在側邊欄菜單中,依次點擊設置 用戶設置。點擊手機號碼對應的配置齒輪圖標如您使用的是傳統賬戶管理,您可通過管理賬戶 -> 賬戶信息 -> 詳情 -> 個人信息菜單,點擊“修改”鏈接找到該板塊。

  • 點擊驗證
  • 打開您手機的短信應用,您將看到我們發送給您的帶有確認碼的短信。
    注意:短信發送的時間有長有短,在某些情況下可能需要几分鐘。
     
  • 確認號碼區域輸入您收到的確認碼 ,然后點擊繼續
     
  • 如該確認碼被接受,則“短信已驗證”欄目下會出現一個綠色的勾。點擊繼續完成操作。
  • 如您的用戶沒有活躍的SLS設備,該用戶將很快自動被納入短信雙因素驗證項目。有關如何通過短信完成登錄驗證的說明,請見KB3196
     

 

Syndicate content