HEARTBLEED漏洞是指開源應用項目SSL(保安接層加密技術)和TLS(安全傳輸協議)協議的安全漏洞,它能讓攻擊者從服務器內存中讀取密碼和密鑰。
SSL(保安接層加密技術)是一種安全協議,用於指令機器對網絡通信中的數據進行加密和解密。
盈透未受該漏洞的影響。在發現漏洞並有補丁發布之時,我們已經更新並修復了少數幾個使用受影響的OpenSSL的盈透服務器。
安全登錄系統(SLS)為您在通過主要的登錄憑證(用戶名和密碼)訪問賬戶之外增添了另一層保護。用戶名和密碼並不是阻止未經授權而訪問賬戶的唯一防線。使用SLS設備可確保只有您才能訪問您的賬戶。
盈透採取了其他安全措施,因此您的密碼不會受到此漏洞的影響。
定期更換密碼是防止賬戶被他人攻擊的好方法,但是您不必在看到有關Heartbleed的報導時專門去更改密碼。
Customer Assets
Interactive Brokers (U.K.) Limited (“IBUK)’’ is authorised and regulated by the Financial Conduct Authority (“FCA“), register no. 208159. IBUK is a wholly owned subsidiary of Interactive Brokers Group (IBG LLC). IBUK provides client money and client asset services in accordance with FCA Client Assets regulations “CASS”.
Client money is protected as follows:
Client money rules apply to all regulated firms that receive money from a client, or hold money for a client in the course of carrying out MiFID business and/or designated investment business.
Client money is entirely segregated from IBUK’s own money. In the event of a failure of an authorised firm, clients’ monies held in the segregated accounts will be returned to the clients rather than being treated as a recoverable asset by general creditors. If there was a shortfall, the client may be eligible to claim for compensation from the Financial Services Compensation Scheme (“FSCS”).
Client money is ring-fenced in separate bank accounts which are held in trust on behalf of the clients. These accounts are distributed across a number of banks with investment grade ratings to avoid a concentration risk with any single institution. When IBUK makes the selection and appointment of a bank to hold client money, it takes into account the expertise and market reputation of the bank, its financial standing and any legal requirements or market practices related to the holding of client money that could adversely affect clients' rights.
IBUK will allow client money to be held in a client transaction account by an exchange, a clearing house or an intermediate broker but only if the money is transferred to them for the purpose of a transaction or to meet a client’s obligation to provide collateral for a transaction.
Each day, IBUK performs a detailed reconciliation of client money held in client money bank accounts and client transaction accounts and its liabilities to its clients to ensure that client monies are properly segregated and sufficient to meet all liabilities in accordance with the FCA’s CASS rules. All monies credited to such bank accounts are held by the firm as trustee (or if relevant, as agent).
FCA regulations also require IBUK to maintain a CASS Resolution Pack to ensure that in the unlikely event of the firm's liquidation, the Insolvency Practitioner is able to retrieve information with a view to returning client money and assets to the firm's clients on a timely basis.
Financial Services Compensation scheme
Interactive Brokers (U.K.) Limited (“IBUK”) is authorised and regulated by the Financial Conduct Authority (“FCA”) as an investment firm and a participant in the Financial Services Compensation scheme (“FSCS”). Certain eligible clients qualify for
compensation under the FCA Compensation rules.
The main points relating to eligibility are:
Investments
FSCS provides protection if an authorised investment firm is unable to pay claims against it e.g. when an authorised investment firm goes out of business and cannot return assets to its clients. Assets classified as investments for authorised investment firms under the FSCS include stocks and shares, futures, options, cfds, other regulated instruments and money deposited by clients.
Compensation Limits
The actual level of compensation you receive will depend on the basis of your claim. The FSCS only pays compensation for financial loss. Compensation limits are per person per authorised firm. Compensation levels are subject to change and for current details please refer to the FSCS website at http://www.fscs.org.uk / .
Customer Assets
Customer money is segregated in special bank or custody accounts, which are designated for the exclusive benefit of customers of IBLLC. This protection (the SEC term is “reserve” and the CFTC term is “segregation”) is a core principle of securities and commodities brokerage. By properly segregating the customer's assets, if no money or stock is borrowed and no futures positions are held by the customer, then the customer's assets are available to be returned to the customer in the event of a default by or bankruptcy of the broker.
Securities accounts with no borrowing of cash or securities
Securities customer money is protected as follows:
Customer-owned, fully-paid securities are protected in accounts at depositories and custodians that are specifically identified for the exclusive benefit of customers. IBLLC reconciles positions in securities owned by customers daily to ensure that these securities have been received at the depositories and custodians
Commodities accounts
Commodities customer money is protected as follows:
Securities accounts with margin loans
For customers who borrow money from IBLLC to purchase securities, IBLLC is permitted by securities regulations to pledge or borrow stock valued at up to 140% of the value of the loan. Typically, IBLLC lends out a small portion of the total stock it is permitted to lend out.
Account Protection
Customer securities accounts at IBLLC are protected by the Securities Investor Protection Corporation (“SIPC”) for a maximum coverage of $500,000 (with a cash sublimit of $250,000) and under IBLLC's excess SIPC policy with certain underwriters at Lloyd's of London for up to an additional $30 million (with a cash sublimit of $900,000) subject to an aggregate limit of $150 million. Futures, and options on futures are not covered. As with all securities firms, this coverage provides protection against failure of a broker-dealer, not against loss of market value of securities.
For the purpose of determining a customer account, accounts with like names and titles (e.g. John and Jane Smith and Jane and John Smith) are combined, but accounts with different titles are not (e.g. Individual/John Smith and IRA/John Smith).
SIPC is a non-profit, membership corporation funded by broker-dealers that are members of SIPC. For more information about SIPC and answers to frequently asked questions (such as how SIPC works, what is protected, how to file a claim, etc.), please refer to the following websites:
http://www.finra.org/InvestorInformation/InvestorProtection/SIPCProtecti...
or contact SIPC at:
Securities Investor Protection Corporation
805 15th Street, N.W. - Suite 800
Washington, D.C. 20005-2215
Telephone: (202) 371-8300
Facsimile: (202) 371-6728
Interactive Brokers allows you to send us a copy of a document even if you do not currently have access to a scanner. You can take a picture of the requested document with your smartphone.
Below you will find the instructions on how to take a picture and send it to IB per email with the fllowing smartphone operating systems:
Android (i.e. Samsung Galaxy, HTC One X, Sony Xperia, Motorola Droid)
Windows Phone (i.e. Nokia Lumia, HTC Titan, Samsung Focus)
If you already know how to do so, please consult the instructions about the information you will need to send us aside from the document picture. Click HERE - Where to send the email to and what to include in the subject.
iOS
1. Press the power button to turn your iPhone screen on. Tap, hold and slide upwards the
Camera icon on the bottom right of your screen then drag it upwards to access the Camera.
- If you do not have the Camera icon, you may access the Camera app from the home screen
of your iPhone.
2. Place your iPhone above the document and take the desired portion or page of the document
and tap on the Camera button (designated with 1 on the below illustration - Fig. 3) to take a
photo. Then you need to access the picture - tap the image in the lower left-hand corner (number 2 in the
illustration)
3. Exit to the home screen by pressing the round Home button on the face of the iPhone.
4. Open the Photos app
5. Next, tap the album ‘Camera Roll’. Make sure that the picture is clear and the document
is well legible, if it isn’t, please repeat the previous two steps.
6. Touch once the picture to make the menus appear and tap the share icon
designated with 1 in the illustration below.
5. Select the first option - Email Photo. Please consult the following instructions for the next step - what address you should send the picture to and what else to include aside from the document, HERE.
Note: to send emails your phone has to be configured for that. Please contact your email
provider if you are not familiar with this procedure.
Android
1. Open your applications list and start the camera app. Depending on your phone model, make or setup it might be called differently.
2. Place your phone over the document and take the desired portion or page of the document and
tap the icon for the camera. (The generic button will look like the one shown below.)
3. Press the Home key to go back to the idle screen. Go back to the apps list and start the Gallery
application. On some phones it may be called Pictures or Photos.
4. Open the album called Camera or All pictures. The last image in either of those should be the
document you just took a picture of. Tap the screen once to bring up the buttons and tap the share
icon, which generically should look as shown below.
5. In the sharing menu that will be displayed now tap on Email. Please consult the following instructions for the next step - what address you should send the picture to and what else to include aside from the document, HERE.
Note: to send emails your phone has to be configured for that. Please contact your email
provider if you are not familiar with this procedure.
Windows Phone
1. Press the camera button in the Desktop menu of Windows phone. (If you do
not see the camera in the desktop menu, please scroll to the right and choose
camera in the listed applications)
2. Take a picture by pressing the trigger button on the side of the phone.
3. Open the picture by scrolling to the left and press the ‘...’ menu item
at the bottom task bar to see the available options.
4. Please choose send and the configured Email account you would like to use.
5. In the upcoming email, please add the destination email address, the
subject and the text you would like to send and press the ‘Send email’ button in
the bottom menu. Please consult the following instructions for the next step - what address you should send the picture to and what else to include aside from the document, HERE.
Note: to send emails your phone has to be configured for that. Please contact your email
provider if you are not familiar with this procedure.
WHERE TO SEND THE EMAIL AND WHAT TO INCLUDE IN THE SUBJECT
The email has to be created observing the below instructions:
1. In the ‘To:’ field type...
a. newaccounts@interactivebrokers.com if your you are a resident of a non-European country
b. newaccounts.uk@interactivebrokers.co.uk if you are a European resident
2. The subject field must contain all of the below:
a. Your account number (it usually has the format Uxxxxxxx, where x are numbers) or your
username
b. The purpose of sending the document. Please use the below convention:
i. PoRes for a proof of residential address
ii. PID for a proof of identity
進行下方操作需遵循以下步驟:
1. 通知IBKR客戶服務- 聯繫IBKR客戶服務獲取臨時賬戶訪問。此服務只可通過電話提供,並且需要核實賬戶持有人的身份,詳情請見KB70。
2. 獲取在線安全代碼卡 - 激活在線安全代碼卡,此卡可供您在21天內安全地訪問客戶端全部功能。如需相關指南,請參見KB1873。
3. 申請替換DSC+ - 完成在線安全代碼卡激活後,請前往客戶端的安全登錄系統界面,申請替換DSC。
1. 點擊請求實物設備按鈕。
3. 為您的DSC+輸入四位Soft PIN碼1。請牢記輸入的PIN碼,之後激活和操作設備需要用到。如需要,您可更改將暫扣20美元設備預備金的賬戶2。點擊繼續完成此步。
4. 系統將顯示概覽信息。請確保顯示的信息均準確無誤。如果需要修改,請點擊頁面底部的返回按鈕(不是瀏覽器的返回按鈕);如無需修改,請點擊繼續提交申請。
5. 您會看到最終的確認信息,其中會給出預估的寄件日期3。點擊確定完成程序。
注意
1. PIN碼相關指南請參見KB2269。
2. 安全設備和設備郵寄均為免費。但是,在您申請設備時,我們會凍結您的一小筆資金(20美元)。如果設備遺失、故意損壞、被盜或者如果您關閉賬戶時未能將設備退回IBKR,我們將扣除該筆資金以補償硬件損失。任何其它情況下,在您將設備退回IBKR後,該筆資金便會解除凍結。更多 信息請參見KB1861。
3. 出於安全考慮,替換設備會在寄出之日起三周內自動激活。臨近自動激活時,IBKR會通知您。
如果您要向盈透證券歸還*您的安全登錄設備(因損壞、破損、賬戶整合或關閉),請按下列說明操作:
因為您要對設備的歸還負責,為保護您的利益,我們強烈建議您在歸還時使用加保護墊的信封和提供追蹤號碼的運輸服務(如UPS、FedEx、DHL或USPS的特快專遞)。在寄出包裹后請等待3-5個工作日,以便盈透在您的賬戶中反映已收到歸還的設備。請注意,時間可能因運輸服務的延遲而不同。
*目前須歸還的設備只有帶有IB3000xxx字樣序列碼的數碼安全卡+。
寄回并更換設備的額外要求
如果歸還是為了替換設備而不是關閉賬戶,請撥打以下電話聯系我們的技朮支持部門,通知我們您的設備無法使用,我們會向您提供臨時碼供您進入賬戶,直到您收到新的安全登錄設備。盈透提供多種設備類型,與每種類型相關的替換說明如下:
對於數碼安全卡+(DSC+)用戶:
如您想歸還數碼安全卡+(圖1所示)并需要更換設備,則您需登錄客戶端并請求全新的DSC+(點此查看說明。)
圖1
對於安全代碼卡用戶:
此類設備(圖4)不需要歸還給IBKR,您可撕碎后丟棄。如您需要更換設備,我們建議您通過移動IBKR(點此查看說明)激活IB Key驗證。
圖4
美國 / 加拿大 |
歐洲 |
郵寄地址: Interactive Brokers, LLC. Attn: Token Return Department 3 Pickwick Plaza Greenwich, CT 06830 USA 美國聯系方式: 1 (877) 442-2757(免費) 1 (312) 542-6901(直撥) 加拿大聯系方式: 1 (877) 745-4222(免費) 1 (514) 847-3499(直撥) |
郵寄地址: Interactive Brokers(U.K.)LTD. Attn: Token Return Department Gotthardstrasse 3 CH-6301 Zug Switzerland 歐洲聯系方式: 00800-42-276537(免費) +41-41-726-9500(直撥) 俄羅斯聯系方式: 8-800-100-8556(免費) +41-41-726-9506 (Pyсский) |
亞洲 |
澳大利亞 |
郵寄地址: Interactive Brokers, LLC. Attn: Token Return Department Suite 1512, Two Pacific Place 88 Queensway Admiralty Hong Kong 聯系方式: +852-2156-7907 (廣東話) +86 (21) 6086 8586 (普通話) |
郵寄地址: Interactive Brokers, LLC. Attn: Token Return Department PO Box R229 Royal Exchange, NSW, 1225 Australia 聯系方式: +61 (2) 8093-7300 |
日本 | |
郵寄地址: Interactive Brokers Securities Japan, Inc. Attn: Token Return Department Kasumigaseki Building 25F, 2-5 Kasumigaskei 3 Chome, Chiyoda Ku, Tokyo 100-6025 Japan 聯系方式: +81 (3) 4588 9710 直撥(英語) |
送り先: インタラクティブ‧ブローカーズ証券株式會社 〒100-6025 東京都千代田區霞ヶ関3-2-5 霞ヶ関ビルディング25階 セキュリティデバイス部 接觸: +81 (3) 4588 9700 直通 (日本語) |
關閉賬戶
在您歸還設備并關閉了賬戶后,仍可以進入客戶端查看并/或打印活動報表和稅表。關戶后,您不需要安全設備,只需要輸入用戶名和密碼便能登錄。
在線安全代碼卡可供您在21天內臨時訪問賬戶和交易平臺。這是一種臨時解決方案,通常用於以下情形:
A. 設備暫時不在身邊。
B. 丟失了永久安全設備,要申請替換設備並需要在收到設備之前繼續訪問賬戶。
1. 打开浏览器,前往ibkr.com
2. 点击登录
6. 界面将显示您的在线安全卡。点击打印2
7. 确保卡片已完整打印并且内容清晰可辨。然后点击继续
8. 激活界面将会显示两个索引号码。请在在线安全卡上找到第一个索引号码,将其对应的三位代码输入卡值框内。然后用第二个索引号码进行相同操作,代码之间不要留空格。然后点击继续
9. 您将会看到一条确认信息,其中会注明此在线安全卡的到期日期。点击确认完成此程序
1. 如果使用的是旧版账户管理,请点击管理账户 > 安全 > 安全登录系统 > 安全设备
The below steps are required in order to:
1. Notify IBKR Client Services- Contact IBKR Client Services to obtain a temporary account access. This service can only be provided via telephone and requires the identity of the account holder to be verified, as detailed in KB70.
2. Obtain an Online Security Code Card - Activate an Online Security Code Card, which offers enhanced protection and full Client Portal functionality for an extended period of 21 days. Please consult KB1873 should you need guidance for this specific step.
3. Request the DSC+ replacement - Once you have completed the Online Security Code Card activation, please remain in the Secure Login System section of the Client Portal and order your replacement DSC.
1. Click on the button Request Physical Device.
3. Enter a four-digit Soft PIN1 for your DSC+. Please make sure to remember the PIN you are typing since it will be necessary to activate and to operate your device. When applicable and desired, you may change the account on which the 20 USD deposit will be kept on hold2. Complete this step by clicking on Continue.
4. The system will show you a summary of your selection. Please make sure the information displayed is correct. Should you need to perform changes, click on the white Back button under the information field (not your browser back button), otherwise submit the request by clicking on Continue.
5. You will receive a final confirmation containing the estimated shipment date3. Click on Ok to finalize the procedure.
1. For PIN guidelines, please consult KB2269.
2. The Security token and the shipment are both free of charge. Nevertheless, when you order your device, we will freeze a small amount of your funds (20 USD). If your device is lost, intentionally damaged, stolen or if you close your account without returning it to IBKR, we will use that amount as a compensation for the loss of the hardware. In any other case, the hold will be released once your device has been returned to IBKR. More details on KB1861.
3. For security reasons, the replacement device is set to auto-activate within three weeks from the shipment date. IBKR will notify you when the auto-activation is approaching and when it is imminent.
Account holders logging into their account via IBKR's Secure Login System are issued a security device, which provides an additional layer of protection to that afforded by the user name and password, and which is intended to prevent online hackers and other unauthorized individuals from accessing their account. While IBKR does not charge any fee for the use of the device, certain versions require that the account holder return the device upon account closing or incur a replacement fee. Existing account holders are also subject to this replacement fee in the event their device is lost, stolen or damaged (note that there is no fee to replace a device returned as a result of battery failure).
In addition, while IBKR does not assess a replacement fee unless a determination has been made that the device has been lost, stolen, damaged or not returned, a reserve equal to the fee will placed upon the account upon issuance of the device to secure its return. This reserve will have no effect upon the equity of the account available for trading, but will act as limit to full withdrawals or transfers until such time the device is returned (i.e., cannot withdraw the reserve balance).
Outlined below are the replacement fee associated with each device.
SECURITY DEVICE | REPLACEMENT FEE |
Security Code Card1 | $0.001 |
Digital Security Card + | $20.00 |
For instructions regarding the return of security devices, please see KB975
1 The Security Code Card is not required to be returned upon account closing and may be destroyed and discarded once remaining funds have been returned and the account has been fully closed. Access to Client Portal after closure for purposes of viewing and retrieving activity statements and tax documents is maintained using solely the existing user name and password combination. This type of two-factor security is no longer being issued.
Customer accounts domiciled under Interactive Brokers India Pvt. Limited,(IBI) are awarded different account protection services than our IB-LLC and IB-UK clients. There are two major exchanges, the National Stock Exchange of India (NSE) and the Bombay Stock Exchange (BSE), each one has established their own guidelines for investor grievances against exchange members and/or sub –brokers.
National Stock Exchange of India (NSE)
The NSE has established an Investor Protection Fund with the objective of compensating investors in the event of defaulters' assets not being sufficient to meet the admitted claims of investors, promoting investor education, awareness and research. The Investor Protection Fund is administered by way of registered Trust created for the purpose. The Investor Protection Fund Trust is managed by Trustees comprising of Public representative, investor association representative, Board Members and Senior officials of the Exchange.
The Investor Protection Fund Trust, based on the recommendations of the Defaulters' Committee, compensates the investors to the extent of funds found insufficient in Defaulters' account to meet the admitted value of claim, subject to a maximum limit of Rs. 11 lakhs (1.1 million USD) per investor per defaulter/expelled member.
Bombay Stock Exchange (BSE)
Currently trading is not offered on the BSE by Interactive Brokers.
Account holders who have elected to opt out of IBKR's Secure Login System (SLS) effectively relinquish the protections afforded by Two-Factor Authentication. They are strongly encouraged to utilize alternative security measures, with one of those being the IP Restrictions. By selecting this setting through Client Portal, you're telling Interactive Brokers that you only want access to your trading platforms from a specified IP address. In addition, should you have multiple authorized traders for a given account, these restrictions can be set at the individual trader level by the master user of the account.
Before setting up the IP Restrictions, you will need to:
Please take note that the technical ability to misrepresent one's IP address exists, and full account protection is only ensured by using SLS Two-Factor Authentication (ibkr.com/sls).
If you have any questions on the topic, please feel free to contact IBKR's Technical Assistance Center.
Clients who have elected to perform an opt-out, thus using the Two-Factor Authentication only for the Client Portal, must activate the IP Restrictions in order to be able to activate Penny Stocks Trading Permissions.