SSL 漏洞 ("Heartbleed 漏洞") 常見問題解答

這是一個什麼問題? “HEARTBLEED”是指什麼?

HEARTBLEED漏洞是指開源應用項目SSL(保安接層加密技術)和TLS(安全傳輸協議)協議的安全漏洞,它能讓攻擊者從服務器內存中讀取密碼和密鑰。

什麼是SSL?

SSL(保安接層加密技術)是一種安全協議,用於指令機器對網絡通信中的數據進行加密和解密。

盈透是否受到“HEARTBLEED”漏洞的影響?

盈透未受該漏洞的影響。在發現漏洞並有補丁發布之時,我們已經更新並修復了少數幾個使用受影響的OpenSSL的盈透服務器。

出現這種問題及相似問題時,SLS是否可以更好的保護賬戶?

安全登錄系統(SLS)為您在通過主要的登錄憑證(用戶名和密碼)訪問賬戶之外增添了另一層保護。用戶名和密碼並不是阻止未經授權而訪問賬戶的唯一防線。使用SLS設備可確保只有您才能訪問您的賬戶。

我是否需要更改密碼?

盈透採取了其他安全措施,因此您的密碼不會受到此漏洞的影響。
定期更換密碼是防止賬戶被他人攻擊的好方法,但是您不必在看到有關Heartbleed的報導時專門去更改密碼。
 

Information Relating to Customer Protection of Assets

The below information applies to trading of non-US index options, OTC CFDs and non-US index futures (when combined with non-US index options)

 

Interactive Brokers (U.K.) Limited


Customer Assets
Interactive Brokers (U.K.) Limited (“IBUK)’’ is authorised and regulated by the Financial Conduct Authority (“FCA“), register no. 208159. IBUK is a wholly owned subsidiary of Interactive Brokers Group (IBG LLC). IBUK provides client money and client asset services in accordance with FCA Client Assets regulations “CASS”.

Client money is protected as follows:
Client money rules apply to all regulated firms that receive money from a client, or hold money for a client in the course of carrying out MiFID business and/or designated investment business.

Client money is entirely segregated from IBUK’s own money. In the event of a failure of an authorised firm, clients’ monies held in the segregated accounts will be returned to the clients rather than being treated as a recoverable asset by general creditors. If there was a shortfall, the client may be eligible to claim for compensation from the Financial Services Compensation Scheme (“FSCS”).

Client money is ring-fenced in separate bank accounts which are held in trust on behalf of the clients. These accounts are distributed across a number of banks with investment grade ratings to avoid a concentration risk with any single institution. When IBUK makes the selection and appointment of a bank to hold client money, it takes into account the expertise and market reputation of the bank, its financial standing and any legal requirements or market practices related to the holding of client money that could adversely affect clients' rights.

IBUK will allow client money to be held in a client transaction account by an exchange, a clearing house or an intermediate broker but only if the money is transferred to them for the purpose of a transaction or to meet a client’s obligation to provide collateral for a transaction.

Each day, IBUK performs a detailed reconciliation of client money held in client money bank accounts and client transaction accounts and its liabilities to its clients to ensure that client monies are properly segregated and sufficient to meet all liabilities in accordance with the FCA’s CASS rules. All monies credited to such bank accounts are held by the firm as trustee (or if relevant, as agent).

FCA regulations also require IBUK to maintain a CASS Resolution Pack to ensure that in the unlikely event of the firm's liquidation, the Insolvency Practitioner is able to retrieve information with a view to returning client money and assets to the firm's clients on a timely basis.

Financial Services Compensation scheme

Interactive Brokers (U.K.) Limited (“IBUK”) is authorised and regulated by the Financial Conduct Authority (“FCA”) as an investment firm and a participant in the Financial Services Compensation scheme (“FSCS”). Certain eligible clients qualify for
compensation under the FCA Compensation rules.

The main points relating to eligibility are:

  • FSCS pays compensation only to eligible claimants when an authorised firm is in default and will carry out an investigation to establish whether or not this is the case.
  • FSCS pays compensation only for financial loss and the limits for U.K. Investment firms are covered below.
  • The FSCS was set up mainly to assist private individuals, although smaller businesses are also covered.
  • Larger businesses are generally excluded.

Investments

FSCS provides protection if an authorised investment firm is unable to pay claims against it e.g. when an authorised investment firm goes out of business and cannot return assets to its clients. Assets classified as investments for authorised investment firms under the FSCS include stocks and shares, futures, options, cfds, other regulated instruments and money deposited by clients.

Compensation Limits

The actual level of compensation you receive will depend on the basis of your claim. The FSCS only pays compensation for financial loss. Compensation limits are per person per authorised firm. Compensation levels are subject to change and for current details please refer to the FSCS website at http://www.fscs.org.uk / .
 

The below information applies to customers who were or are continuing to trade all products (except metals and OTC CFDs) through IB LLC.

 

Interactive Brokers LLC (“IBLLC”)


Customer Assets
Customer money is segregated in special bank or custody accounts, which are designated for the exclusive benefit of customers of IBLLC. This protection (the SEC term is “reserve” and the CFTC term is “segregation”) is a core principle of securities and commodities brokerage. By properly segregating the customer's assets, if no money or stock is borrowed and no futures positions are held by the customer, then the customer's assets are available to be returned to the customer in the event of a default by or bankruptcy of the broker.


Securities accounts with no borrowing of cash or securities
Securities customer money is protected as follows:

  • A portion is deposited at 14 large U.S. banks in special reserve accounts for the exclusive benefit of IBLLC's customers. These deposits are distributed across a number of banks with investment-grade ratings so that we can avoid a concentration risk with any single institution. No single bank holds more than 5% of total customer funds held by IBLLC.
  • A portion may be invested in U.S. Treasury securities, including direct investments in short-term Treasury bills and reverse repurchase agreements, where the collateral received is in the form of U.S. Treasury securities. These transactions are conducted with third parties and guaranteed through a central counterparty clearing house (Fixed Income Clearing Corp., or “FICC”). The collateral remains in the possession of IBLLC and held at a custody bank in a segregated Special Custody Account for the exclusive benefit of customers. U.S. Treasury securities may also be pledged to a clearing house to support customer margin requirements on securities options positions.
  • Customer cash is maintained on a net basis in the reserve accounts, which reflects the net credit balances of customers in excess of customer debit balances. To the extent any one customer maintains a margin loan with IBLLC, that loan will be fully secured by stock valued at up to 200% of the loan.
  • Current SEC regulations require broker-dealers to perform a detailed reconciliation of customer money and securities (known as the “reserve computation”) at least weekly to ensure that customer monies are properly segregated from the broker-dealer's own funds.

Customer-owned, fully-paid securities are protected in accounts at depositories and custodians that are specifically identified for the exclusive benefit of customers. IBLLC reconciles positions in securities owned by customers daily to ensure that these securities have been received at the depositories and custodians

Commodities accounts

Commodities customer money is protected as follows:

  • A portion is pledged to futures clearing houses to support customer margin requirements on futures and options on futures positions or held in custody accounts identified as segregated for the benefit of IB's customers.
  • A portion is held at commodities clearing banks/brokers in accounts identified as segregated for the benefit of IBLLC customers to support customer margin requirements.
  • Cash in commodities accounts is protected in accordance with US commodities regulations. CFTC rules prohibit an FCM from commingling customer funds with its own money, securities or property. Customer funds must be separately accounted for and segregated as belonging to commodity or option customers. The titles of accounts in which customer funds are deposited must clearly indicate this and show that the funds are segregated as required by the Commodity Exchange Act (“CEA”) and CFTC Rules. Customer funds may not be obligated to anyone except to purchase, margin, guarantee, secure, transfer, adjust or settle trades, contracts or commodity option transactions of commodity or option customers. These requirements also extend to U.S. customers trading on foreign exchanges.

Securities accounts with margin loans

For customers who borrow money from IBLLC to purchase securities, IBLLC is permitted by securities regulations to pledge or borrow stock valued at up to 140% of the value of the loan. Typically, IBLLC lends out a small portion of the total stock it is permitted to lend out.

  • As an example, at June 30, 2011, IBLLC lent $800 million value of customers' stock out of the $13.0 billion made available to it by margin customers.
  • When IBLLC lends customers' stock, it must put additional money into the special reserve accounts for the exclusive benefit of customers. In the example above, the full value of $800 million of customer stock that was lent was segregated in the special reserve accounts.

Account Protection

Customer securities accounts at IBLLC are protected by the Securities Investor Protection Corporation (“SIPC”) for a maximum coverage of $500,000 (with a cash sublimit of $250,000) and under IBLLC's excess SIPC policy with certain underwriters at Lloyd's of London for up to an additional $30 million (with a cash sublimit of $900,000) subject to an aggregate limit of $150 million. Futures, and options on futures are not covered. As with all securities firms, this coverage provides protection against failure of a broker-dealer, not against loss of market value of securities.

For the purpose of determining a customer account, accounts with like names and titles (e.g. John and Jane Smith and Jane and John Smith) are combined, but accounts with different titles are not (e.g. Individual/John Smith and IRA/John Smith).

SIPC is a non-profit, membership corporation funded by broker-dealers that are members of SIPC. For more information about SIPC and answers to frequently asked questions (such as how SIPC works, what is protected, how to file a claim, etc.), please refer to the following websites:


http://www.SIPC.org

http://www.finra.org/InvestorInformation/InvestorProtection/SIPCProtecti...

or contact SIPC at:

Securities Investor Protection Corporation
805 15th Street, N.W. - Suite 800
Washington, D.C. 20005-2215
Telephone: (202) 371-8300
Facsimile: (202) 371-6728

 

How to send documents to IB using your smartphone

Overview: 

Interactive Brokers allows you to send us a copy of a document even if you do not currently have access to a scanner. You can take a picture of the requested document with your smartphone.

Below you will find the instructions on how to take a picture and send it to IB per email with the fllowing smartphone operating systems:

iOS (iPhone)

Android (i.e. Samsung Galaxy, HTC One X, Sony Xperia, Motorola Droid)

Windows Phone (i.e. Nokia Lumia, HTC Titan, Samsung Focus)

 If you already know how to do so, please consult the instructions about the information you will need to send us aside from the document picture. Click HERE - Where to send the email to and what to include in the subject.

iOS
1. Press the power button to turn your iPhone screen on. Tap, hold and slide upwards the
Camera icon on the bottom right of your screen then drag it upwards to access the Camera.

slide up from the lock screen to take a picture

- If you do not have the Camera icon, you may access the Camera app from the home screen
of your iPhone.
2. Place your iPhone above the document and take the desired portion or page of the document
and tap on the Camera button (designated with 1 on the below illustration - Fig. 3) to take a
photo. Then you need to access the picture - tap the image in the lower left-hand corner (number 2 in the
illustration)

Tap here to take a picture

3. Exit to the home screen by pressing the round Home button on the face of the iPhone.
4. Open the Photos app
5. Next, tap the album ‘Camera Roll’. Make sure that the picture is clear and the document
is well legible, if it isn’t, please repeat the previous two steps.
6. Touch once the picture to make the menus appear and tap the share icon
designated with 1 in the illustration below.

Share button iOS

5. Select the first option - Email Photo. Please consult the following instructions for the next step - what address you should send the picture to and what else to include aside from the document, HERE.
Note: to send emails your phone has to be configured for that. Please contact your email
provider if you are not familiar with this procedure.


Android
1. Open your applications list and start the camera app. Depending on your phone model, make or setup it might be called differently.
2. Place your phone over the document and take the desired portion or page of the document and
tap the icon for the camera. (The generic button will look like the one shown below.)

Tap to take a picture
3. Press the Home key to go back to the idle screen. Go back to the apps list and start the Gallery
application. On some phones it may be called Pictures or Photos.
4. Open the album called Camera or All pictures. The last image in either of those should be the
document you just took a picture of. Tap the screen once to bring up the buttons and tap the share
icon, which generically should look as shown below.

Share on Android
5. In the sharing menu that will be displayed now tap on Email. Please consult the following instructions for the next step - what address you should send the picture to and what else to include aside from the document, HERE.
Note: to send emails your phone has to be configured for that. Please contact your email
provider if you are not familiar with this procedure.

Send per email

 

Windows Phone
1. Press the camera button in the Desktop menu of Windows phone. (If you do
not see the camera in the desktop menu, please scroll to the right and choose
camera in the listed applications)
2. Take a picture by pressing the trigger button on the side of the phone.
3. Open the picture by scrolling to the left and press the ‘...’ menu item
at the bottom task bar to see the available options.
4. Please choose send and the configured Email account you would like to use.
5. In the upcoming email, please add the destination email address, the
subject and the text you would like to send and press the ‘Send email’ button in
the bottom menu. Please consult the following instructions for the next step - what address you should send the picture to and what else to include aside from the document, HERE.
Note: to send emails your phone has to be configured for that. Please contact your email
provider if you are not familiar with this procedure.


WHERE TO SEND THE EMAIL AND WHAT TO INCLUDE IN THE SUBJECT
The email has to be created observing the below instructions:
1. In the ‘To:’ field type...
a. newaccounts@interactivebrokers.com if your you are a resident of a non-European country
b. newaccounts.uk@interactivebrokers.co.uk if you are a European resident
2. The subject field must contain all of the below:
a. Your account number (it usually has the format Uxxxxxxx, where x are numbers) or your
username
b. The purpose of sending the document. Please use the below convention:
i. PoRes for a proof of residential address
ii. PID for a proof of identity

如何申請替換數碼安全卡+(DSC+)

Overview: 

進行下方操作需遵循以下步驟:

  • 更換遺失、被盜或無法使用的數碼安全卡+
  • 持有當前安全設備的同時申請數碼安全卡+(賬戶資產不低於50萬美元)
Background: 

1. 通知IBKR客戶服務- 聯繫IBKR客戶服務獲取臨時賬戶訪問。此服務只可通過電話提供,並且需要核實賬戶持有人的身份,詳情請見KB70

2. 獲取在線安全代碼卡 - 激活在線安全代碼卡,此卡可供您在21天內安全地訪問客戶端全部功能。如需相關指南,請參見KB1873

3. 申請替換DSC+ - 完成在線安全代碼卡激活後,請前往客戶端的安全登錄系統界面,申請替換DSC。

 

申請DSC+

1. 點擊請求實物設備按鈕。

2. 設備信息界面將會顯示郵寄地址。如果地址已過期或失效,您可點擊更改地址然後按頁面說明操作進行修改。如果無需進行任何修改,請繼續第3步。

3. 為您的DSC+輸入四位Soft PIN碼1。請牢記輸入的PIN碼,之後激活和操作設備需要用到。如需要,您可更改將暫扣20美元設備預備金的賬戶2。點擊繼續完成此步。

4. 系統將顯示概覽信息。請確保顯示的信息均準確無誤。如果需要修改,請點擊頁面底部的返回按鈕(不是瀏覽器的返回按鈕);如無需修改,請點擊繼續提交申請。

5. 您會看到最終的確認信息,其中會給出預估的寄件日期3。點擊確定完成程序。

注意

1. PIN碼相關指南請參見KB2269

2. 安全設備和設備郵寄均為免費。但是,在您申請設備時,我們會凍結您的一小筆資金(20美元)。如果設備遺失、故意損壞、被盜或者如果您關閉賬戶時未能將設備退回IBKR,我們將扣除該筆資金以補償硬件損失。任何其它情況下,在您將設備退回IBKR後,該筆資金便會解除凍結。更多 信息請參見KB1861

3. 出於安全考慮,替換設備會在寄出之日起三周內自動激活。臨近自動激活時,IBKR會通知您。

 

參考 
  • KB1131:安全登錄系統概述
  • KB2636:安全設備相關信息與程序
  • KB2481:如何在多個使用者之間共享安全登錄設備的說明
  • KB2545:如何在退出後重新加入安全登錄系統的說明
  • KB975:如何將安全設備退回IBKR的說明
  • KB2260:通過移動IBKR激活IB Key驗證的說明
  • KB2895:多重雙因素系統(M2FS)
  • KB1861:安全設備費用信息
  • KB69:臨時密碼有效期的相關信息

 

如何將我的安全設備歸還給盈透證券?

如果您要向盈透證券歸還*您的安全登錄設備(因損壞、破損、賬戶整合或關閉),請按下列說明操作:

  1. 下載并打印安全登錄設備歸還表格
  2. 完成表格并與設備一起包裝好;
  3. 將包裹郵寄到下面適用的地址

因為您要對設備的歸還負責,為保護您的利益,我們強烈建議您在歸還時使用加保護墊的信封和提供追蹤號碼的運輸服務(如UPS、FedEx、DHL或USPS的特快專遞)。在寄出包裹后請等待3-5個工作日,以便盈透在您的賬戶中反映已收到歸還的設備。請注意,時間可能因運輸服務的延遲而不同。

*目前須歸還的設備只有帶有IB3000xxx字樣序列碼的數碼安全卡+

寄回并更換設備的額外要求
如果歸還是為了替換設備而不是關閉賬戶,請撥打以下電話聯系我們的技朮支持部門,通知我們您的設備無法使用,我們會向您提供臨時碼供您進入賬戶,直到您收到新的安全登錄設備。盈透提供多種設備類型,與每種類型相關的替換說明如下:

對於數碼安全卡+(DSC+)用戶:
如您想歸還數碼安全卡+(圖1所示)并需要更換設備,則您需登錄客戶端并請求全新的DSC+(點此查看說明。)

圖1

 Digital Security Card+ 

對於安全代碼卡用戶:

此類設備(圖4)不需要歸還給IBKR,您可撕碎后丟棄。如您需要更換設備,我們建議您通過移動IBKR(點此查看說明)激活IB Key驗證。

圖4

Security Code Card

 

郵寄地址和聯系方式:

美國 / 加拿大
歐洲
郵寄地址:
Interactive Brokers, LLC.
Attn: Token Return Department
3 Pickwick Plaza
Greenwich, CT 06830
USA

美國聯系方式:
1 (877) 442-2757(免費)
1 (312) 542-6901(直撥)

加拿大聯系方式:
1 (877) 745-4222(免費)
1 (514) 847-3499(直撥)
郵寄地址:
Interactive Brokers(U.K.)LTD.
Attn: Token Return Department
Gotthardstrasse 3
CH-6301 Zug
Switzerland


歐洲聯系方式: 
00800-42-276537(免費)
+41-41-726-9500(直撥)

俄羅斯聯系方式:
8-800-100-8556(免費)
+41-41-726-9506 (Pyсский)
亞洲
澳大利亞
郵寄地址:
Interactive Brokers, LLC.
Attn: Token Return Department
Suite 1512,
Two Pacific Place
88 Queensway Admiralty 
Hong Kong

聯系方式:
+852-2156-7907 (廣東話)
+86 (21) 6086 8586 (普通話)
郵寄地址:
Interactive Brokers, LLC.
Attn: Token Return Department
PO Box R229
Royal Exchange, NSW, 1225
Australia


聯系方式:
+61 (2) 8093-7300
日本
郵寄地址:
Interactive Brokers Securities Japan, Inc.
Attn: Token Return Department
Kasumigaseki Building 25F,
2-5 Kasumigaskei 3 Chome, 
Chiyoda Ku, Tokyo 100-6025
Japan

聯系方式:
+81 (3) 4588 9710 直撥(英語)
送り先:
インタラクティブ‧ブローカーズ証券株式會社  
〒100-6025
東京都千代田區霞ヶ関3-2-5
霞ヶ関ビルディング25階
セキュリティデバイス部 
接觸:
+81 (3) 4588 9700 直通 (日本語)

 

關閉賬戶
在您歸還設備并關閉了賬戶后,仍可以進入客戶端查看并/或打印活動報表和稅表。關戶后,您不需要安全設備,只需要輸入用戶名和密碼便能登錄。

如您對安全設備有任何疑問,可通過上方表格中列出的號碼聯系我們的賬戶安全部門。
 
安全設備丟失、失竊、損壞的替換費用、或關戶后不歸還的費用請見KB1861

 

如何獲得在線安全代碼卡

Overview: 

在線安全代碼卡可供您在21天內臨時訪問賬戶和交易平臺。這是一種臨時解決方案,通常用於以下情形:


A. 設備暫時不在身邊。

B. 丟失了永久安全設備,要申請替換設備並需要在收到設備之前繼續訪問賬戶。

Background: 

对于上述情况,我们均假设您已经通知了IBKR客户服务并获得了临时密码,如KB70中所述。现在,您可以通过以下方法延长账户临时访问:

激活程序

1. 打开浏览器,前往ibkr.com

2. 点击登录

3. 输入用户名和密码,点击登录。输入从IBKR客户服务处获得的临时密码完成验证,再次点击登录
 
4. 从菜单栏点击设置>使用者设置。然后在安全框内点击安全登录系统1 旁的齿轮(配置)图标
 
5. 系统将会列出您使用者当前启用的所有安全设备。在列表下方,点击请求在线(临时)安全代码卡

6. 界面将显示您的在线安全卡。点击打印2

7. 确保卡片已完整打印并且内容清晰可辨。然后点击继续 

8. 激活界面将会显示两个索引号码。请在在线安全卡上找到第一个索引号码,将其对应的三位代码输入卡值框内。然后用第二个索引号码进行相同操作,代码之间不要留空格。然后点击继续

9. 您将会看到一条确认信息,其中会注明此在线安全卡的到期日期。点击确认完成此程序

 

注意

1. 如果使用的是旧版账户管理,请点击理账户 > 安全 > 安全登录系统 > 安全设备

2. 如果设备没有连接打印机,您可以直接右键点击安全卡图片将其保存。如果是这种情况,在进入激活界面前,您会收到一条警告信息。
在点击继续确认前,请确保安全卡图片已成功保存到您的设备并且内容清晰可辨。

 

参考:
  • KB1131:安全登录系统概述
  • KB1943:请求替换数码安全卡+
  • KB2636:安全设备相关信息与程序
  • KB2481:如何在多个使用者之间共享安全登录设备
  • KB2545:退出安全登录系统后如何重新加入
  • KB975:如何将安全设备退回给IBKR
  • KB2260:如何通过移动IBKR激活IB Key验证
  • KB2895:多重双因素验证(M2FS)
  • KB1861:安全设备费用信息
  • KB69:临时密码有效期

 

How to request a Digital Security Card+ (DSC+) replacement

Overview: 

The below steps are required in order to:

  • Replace a Digital Security Card+ which has been lost, stolen or has become inoperable
  • Request a Digital Security Card+ alongside your current security device (if you are a new or existing Client with equity above $500,000, or equivalent)
Background: 

1. Notify IBKR Client Services- Contact IBKR Client Services to obtain a temporary account access. This service can only be provided via telephone and requires the identity of the account holder to be verified, as detailed in KB70.

2. Obtain an Online Security Code Card - Activate an Online Security Code Card, which offers enhanced protection and full Client Portal functionality for an extended period of 21 days. Please consult KB1873 should you need guidance for this specific step.

3. Request the DSC+ replacement - Once you have completed the Online Security Code Card activation, please remain in the Secure Login System section of the Client Portal and order your replacement DSC.

 

Request a DSC+

1. Click on the button Request Physical Device.

2. The shipping address will be shown in the device information screen. If your address is outdated or invalid, you can amend it by clicking on Change Address and following the on-screen instructions. If you do not need to update your address, please proceed to step 3.

3. Enter a four-digit Soft PIN1 for your DSC+. Please make sure to remember the PIN you are typing since it will be necessary to activate and to operate your device. When applicable and desired, you may change the account on which the 20 USD deposit will be kept on hold2.  Complete this step by clicking on Continue.

4. The system will show you a summary of your selection. Please make sure the information displayed is correct. Should you need to perform changes, click on the white Back button under the information field (not your browser back button), otherwise submit the request by clicking on Continue.

5. You will receive a final confirmation containing the estimated shipment date3. Click on Ok to finalize the procedure.

Notes

1. For PIN guidelines, please consult KB2269.

2. The Security token and the shipment are both free of charge. Nevertheless, when you order your device, we will freeze a small amount of your funds (20 USD).  If your device is lost, intentionally damaged, stolen or if you close your account without returning it to IBKR, we will use that amount as a compensation for the loss of the hardware. In any other case, the hold will be released once your device has been returned to IBKR. More details on KB1861.

3. For security reasons, the replacement device is set to auto-activate within three weeks from the shipment date. IBKR will notify you when the auto-activation is approaching and when it is imminent.

 

References
  • See KB1131 for an overview of the Secure Login System
  • See KB2636 for information and procedures related to Security Devices
  • See KB2481 for instructions about sharing the Security Login Device between two or more users
  • See KB2545 for instructions on how to opt back in to the Secure Login System
  • See KB975 for instructions on how to return your security device to IBKR
  • See KB2260 for instructions on activating the IB Key authentication via IBKR Mobile
  • See KB2895 for information about Multiple 2Factor System (M2FS)
  • See KB1861 for information about charges or expenses associated with the security devices
  • See KB69 for information about Temporary passcode validity

 

Security Device Replacement Charge

Account holders logging into their account via IBKR's Secure Login System are issued a security device, which provides an additional layer of protection to that afforded by the user name and password, and which is intended to prevent online hackers and other unauthorized individuals from accessing their account. While IBKR does not charge any fee for the use of the device, certain versions require that the account holder return the device upon account closing or incur a replacement fee.  Existing account holders are also subject to this replacement fee in the event their device is lost, stolen or damaged (note that there is no fee to replace a device returned as a result of battery failure). 

In addition, while IBKR does not assess a replacement fee unless a determination has been made that the device has been lost, stolen, damaged or not returned, a reserve equal to the fee will placed upon the account upon issuance of the device to secure its return.  This reserve will have no effect upon the equity of the account available for trading, but will act as limit to full withdrawals or transfers until such time the device is returned (i.e., cannot withdraw the reserve balance).

Outlined below are the replacement fee associated with each device.

SECURITY DEVICE REPLACEMENT FEE
Security Code Card1 $0.001
Digital Security Card + $20.00 

For instructions regarding the return of security devices, please see KB975

 

1 The Security Code Card is not required to be returned upon account closing and may be destroyed and discarded once remaining funds have been returned and the account has been fully closed. Access to Client Portal after closure for purposes of viewing and retrieving activity statements and tax documents is maintained using solely the existing user name and password combination. This type of two-factor security is no longer being issued.

Securities Account Protection for Interactive Brokers India Customers

Customer accounts domiciled under Interactive Brokers India Pvt. Limited,(IBI) are awarded different account protection services than our IB-LLC and IB-UK clients. There are two major exchanges, the National Stock Exchange of India (NSE) and the Bombay Stock Exchange (BSE), each one has established their own guidelines for investor grievances against exchange members and/or sub –brokers.

National Stock Exchange of India (NSE)

The NSE has established an Investor Protection Fund with the objective of compensating investors in the event of defaulters' assets not being sufficient to meet the admitted claims of investors, promoting investor education, awareness and research. The Investor Protection Fund is administered by way of registered Trust created for the purpose. The Investor Protection Fund Trust is managed by Trustees comprising of Public representative, investor association representative, Board Members and Senior officials of the Exchange.

The Investor Protection Fund Trust, based on the recommendations of the Defaulters' Committee, compensates the investors to the extent of funds found insufficient in Defaulters' account to meet the admitted value of claim, subject to a maximum limit of Rs. 11 lakhs (1.1 million USD) per investor per defaulter/expelled member.

Bombay Stock Exchange (BSE)

Currently trading is not offered on the BSE by Interactive Brokers.

Security considerations following SLS opt out

Overview: 

Account holders who have elected to opt out of IBKR's Secure Login System (SLS) effectively relinquish the protections afforded by Two-Factor Authentication. They are strongly encouraged to utilize alternative security measures, with one of those being the IP Restrictions. By selecting this setting through Client Portal, you're telling Interactive Brokers that you only want access to your trading platforms from a specified IP address. In addition, should you have multiple authorized traders for a given account, these restrictions can be set at the individual trader level by the master user of the account. 

 

Preliminary checklist:

Before setting up the IP Restrictions, you will need to:

  • Know your WAN IP Address. That is the IP address exposed on the external (Internet) side of your network and it is different from your local IP address (called as well LAN IP address). If you trade from a company office, you can ask your IT or Networking department for the WAN IP address of your computer. If you connect to the Internet through a private broadband/cable/satellite connection you can get this information from your ISP (Internet Service Provider).
  • Make sure that your IP address is static. This means your IP address will always remain the same, and will not change upon router/modem reboot or after a certain time period. The same entities which provided you with the WAN IP address, can as well clarify whether it is a static or dynamic one.
  • Be aware that IP Restrictions are not effective immediately. Our systems apply the filters during their daily overnight restart. It can take up to 24 hours until they are active, depending on the time you submit your IP Restrictions request. The same applies when you modify or remove existing IP Restrictions. Please be sure to consider this when you are planning your course of action.
  • The IP Restrictions will be applied to ALL Trading Platforms offered by IBKR. It will not affect Client Portal access, which will remain accessible from any IP address.

Note:

Please take note that the technical ability to misrepresent one's IP address exists, and full account protection is only ensured by using SLS Two-Factor Authentication (ibkr.com/sls).

If you have any questions on the topic, please feel free to contact IBKR's Technical Assistance Center.

How to set the IP Restrictions:

  1. Login to Client Portal and click the menu icon in the top-left corner.
  2. From the left side menu, click on Settings, then on User Settings. Then click on the wheel (configure) icon next to IP Restrictions.
  3. You will see a brief description of the effects of IP Restrictions. To set up a new IP Restriction, click on Add IP Restriction.
  4. Select the Trader from the drop-down list and enter the IP Address (in the format xxx.xxx.xxx.xxx) you want to allow for him. Then click on Continue.
  5. If you logged into Client Portal without using the Two-Factor Authentication, you will now receive an email1 containing a Confirmation Number. Enter it in the Confirmation Number field. Once done, click on Continue to submit the request. If you logged in to the Client Portal using a security device, please proceed directly to point 6.
  6. If the operation completed successfully, you will see a confirmation screen. Click OK.
  7. The system will now list your active IP Address restrictions. Should you want to create an additional one, click again on Add IP Restriction, otherwise navigate away from this section

 

Opt-out and IP Restrictions for Penny Stocks traders:

Clients who have elected to perform an opt-out, thus using the Two-Factor Authentication only for the Client Portal, must activate the IP Restrictions in order to be able to activate Penny Stocks Trading Permissions.


Additional best practices for securing your computer and your network

  • When logging into the TWS, activate the checkbox “Use SSL” on the login screen. SSL (Secure Socket Layer) guarantees that all the information exchanged between your computer and our servers is protected using 128-bit encryption.
  • Use a firewall to prevent unauthorized access to the services exposed by your network or/and computer. During the firewall set-up, please make sure you authorize the host/ports listed in section DESKTOP TWS of KB2816.
  • Use antivirus software to identify and eliminate viruses which might have infected your computer.  As new viruses are constantly being created, you need to update the threats database of your antivirus software regularly.
  • Use anti-malware software to detect and remove spyware/malware programs which can collect various types of personal information, monitor your browsing activity and interfere with the control of your computer. Nowadays many antivirus solutions include a built-in anti-malware protection.
  • Refrain from using wireless connections (Wi-fi) which are public, unsecured or not operated by you. If the use of a unsecured network (e.g. public Wi-Fi hotspot) becomes necessary, do not log into any financial institution account you may have, including your IBKR account.

 

Notes:
1. If you have not received the email, please make sure it did not land in the Spam/Junk folder of your mailbox and possibly add the email addresses donotreply@interactivebrokers.com and help@interactivebrokers.com to the trusted senders list. You can then request a new email to be sent to you with the button Resend Confirmation Number.

 

Syndicate content