IB Knowledge Base

Regulators expect brokerage firms to maintain controls designed to prevent the firm from submitting orders to market centers that create a risk of disruptive trading (e.g., the risk of sudden, transient price moves).

To comply with these expectations, Interactive Brokers implements various price filters on customer orders. Those price filters may, in certain circumstances, price cap customer orders in order to avoid market disruption, and those Price Caps will generally be in a % range from a reference price range calculated by IB. (The range of the Price Cap varies depending on the type of instrument and the current price.)

Although the price caps are intended to balance the objectives of trade certainty and minimized price risk, a trade may be delayed or may not take place as a result of price capping. More information is available in Interactive Broker’s Order Routing and Payment for Order Flow Disclosure.

If a customer’s order(s) are price capped by IB’s systems, that customer will either receive (i) real-time notification of those price cap(s) in Trader Workstation or via the API or FIX tag 58 (for FIX users); and/or (ii) a daily FYI message containing a digest of the first 10 order(s) that were price capped the prior day, the initial price cap(s) for those order(s) (if applicable), and the Price Cap Range(s) for further Price Cap(s) of those order(s).

Customers may opt out from receiving future FYI Messages by clicking the relevant opt-out link within an FYI Message. By opting out from receiving these future FYI Messages, a customer:

Agrees to waive any further notifications from Interactive Brokers about the application of the firm’s Price Caps to that customer’s order(s); and
Acknowledges that he or she understands that his or her orders may be price-capped in the future, but that the customer does not wish to be notified again about the application of any Price Caps to any of his or her orders.

Possible Alerts during the TWS installation or update

Overview:

IBKR's Trader Workstation (TWS) is a global trading system enabling clients to use a suite of online trading tools. The TWS can be installed on Windows, Mac OS X and Linux, and it requires the presence of a Java Runtime Environment (JRE). Therefore, when you install the TWS, it also downloads the necessary Java files in order to run using a Java Virtual Machine (JVM).

Sometimes, during the installation or update process of the TWS, software such as Antivirus applications will show an alert and prevent the process to complete. The warning and other messages in this case can safely be ignored, and you can complete the installation of the trading platform.

Table of content

Downloading the TWS installer and update patches
Why do I receive a warning when I install the TWS or when the TWS automatic update runs?
What should I do when I receive a warning?
How can I signal an Alert as false positive?
What else can I do if I have doubts or if my system behaves abnormally?
Technical Background

Downloading the TWS installer and update patches

The TWS installers available in the download areas of ibkr.com or IBKR regional web sites are sealed and digitally signed using all the safety procedures required by the industry standards and do not contain any malicious code or process. The same industry standard practices have been used for the TWS update patches, which are automatically downloaded and installed when launching the TWS (if and only if there is an update available). Nevertheless, if you have received an alert, we recommend you to be cautious. Should you intend to keep the TWS installation file on your machine for future use, you should make sure that the same precautions for the protection of data from viruses and malware are applied to it.

Why do I receive a warning when I install the TWS or when the TWS automatic update runs?

You might see an alert (similar to Figure 1 but not limited to) and your security system would wait for your input on how to process the suspicious file. You usually have the option to quarantine the file, delete it, ignore it once or create a permanent exception for it.

Please note that your antivirus might autonomously quarantine or delete the TWS installer file or some of his components without asking for your confirmation and without showing you any warning. Nevertheless, this should only happen if you have preset your antivirus to specifically react in this way.

Figure 1.

What should I do when I receive a warning?

In case you receive a warning during the TWS installation or update, we recommend the following steps:

1. Delete the TWS installer and download it again from the IBKR main or regional web site

a) Delete the TWS installer file already present on your computer and then delete it as well from your Trash (empty your Trash)

b) From the table below, click on the TWS download area correspondent to your location

Location	TWS download area
US	https://www.ibkr.com
Asia / Oceania	https://www.interactivebrokers.com.hk
India	https://www.interactivebrokers.co.in
Europe	https://www.interactivebrokers.co.uk https://www.interactivebrokers.eu

c) Check the website certificate. Most Internet browsers will immediately alert you in case the site certificate is invalid, compromised or expired. Nevertheless, if you want to check manually the validity of the site certificate, click on the padlock close to the address (URL) and make sure the Connection is reported as secure and no security warning are present (see Figure 2 below).

Figure 2.

d) Click on the button labeled with the TWS version you wish to use and download again the TWS installer

2. Check the digital signature of the TWS installer file you have downloaded

Normally you will immediately receive a security warning in case the digital signature of a file is compromised. Nevertheless, if you wish to perform a manual check, proceed as follows, according to your Operating System:

For Windows

a) From the Windows file explorer, access your Downloads folder or the folder where you placed the TWS installer

b) Right click on the TWS installer file, select Properties and then click on the tab "Digital Signatures"

c) Click on "Details" and on "View Certificate" to check the certificate status and signer. The legitimate signer is "IB Exchange Corp." (See Figure 3 below)

Figure 3.

For Mac OS X

a) Click on the magnifier glass (Spotlight Search) on the top right of your screen and type Terminal. From the search results, launch the Terminal app

b) Type cd Downloads and press Enter

c) Type codesign -dv --verbose=4 tws-latest-macosx-x64.dmg and press Enter. Please notice that the name of the file (tws-latest-macosx-x64.dmg) may differ according to the TWS version you decided to download. If needed, replace the file name in the command with the appropriate one

d) Check the command output and make sure the "Developer ID Application" is "IB Exchange Corp." (see Figure 4 below)

Figure 4.

3. Run the TWS installer file you have downloaded

Once you have downloaded again the TWS installer and after you made sure the file is original (points 1. and 2. above), you can proceed with the installation. Should you still receive a warning from your antivirus, you can reasonably consider it as a false positive and ignore it. Should you need guidance on this step, please proceed directly to the next section.

How can I signal an Alert as false positive?

All modern security systems allow the creation of exceptions, precisely in order to address false positive cases. An exception is a rule forcing the antivirus engine not to scan a specific file or process. That specific file or process will hence be deemed safe and no further alerts will be raised for it.

The procedure for creating an exception may vary, according to the security software you are using. You may be able to create a temporary or permanent exception directly from the alert pop-up or you may have to create one manually from a specific section in the main configuration panel.

If you are unsure of the procedure, we recommend you to consult your antivirus documentation.

Once you have set an exception for the TWS installer file or for the TWS updater process, those will be no longer blocked and will be able to complete their respective tasks successfully.

What else can I do if I have doubts or if my system behaves abnormally?

If you have reasons to believe your machine may be compromised or infected, we recommend performing a full system scan. Usually you can right click on the antivirus icon present on the bottom taskbar (for Windows) or on the upper menu bar (for MacOS) and you will find the option to launch a full system scan. Alternatively, you may start that task from the main antivirus window. If you are unsure of the procedure, we recommend you to consult your antivirus documentation.

Technical Background

How does my security system scan the files I download from the Internet?

Modern antivirus and anti-malware engines base their threats recognition on:

Signature-based scanning: the antivirus scanner searches for a specific pattern of bytes that was previously catalogued as malicious or at least suspicious. The antivirus may check as well file signatures (called hash) against a database of known threats (called virus definitions).

Analysis of behavior: the antivirus engine detects specific actions which individually may not represent a threat but, when correlated together, resemble the usual activity of a malicious software (e.g. the ability of a code to replicate or hide itself, download additional files from the Internet, contact external hosts over the Internet, modify the Operating System registry) This type of scan is designed to detect previously unknown computer threats.

Heuristic detection: the scanner de-compiles the code or runs it within a virtual, restricted environment. It then classifies and weights the actions performed by the code against a predefined, behavior based, rule set.

Cloud-based protection and machine learning: those are relatively new techniques. The file that needs to be analyzed is sent to the antivirus / security system vendor cloud where sophisticated algorithms perform a deep analysis of the code authenticity and behavior.

Are those scan methods infallible?

Modern threats are very sophisticated and, like biological viruses, can mutate their code and their signatures. Moreover, new malwares and exploits are created every day and spread rapidly over the Internet. The threat recognition methods mentioned above are therefore not infallible but can guarantee a high percentage of malware recognition when combined together.

While signature based techniques are very successful in recognizing known threats and less prone to false positives, they are not so efficient in recognizing unknown malware or mutations of existing ones. In this area, the behavioral and heuristic methods perform much better although they are more prone to false positives since their detection is not based on bare code matching but on a certain degree of interpretation and hence uncertainty.

The term "false positive" is used when a security system classifies an innocuous file or process as malware.

Reference:

Click here to find out more about Security Best Practices at IBKR

Alternative Streaming Quotes for US Equities

Overview:

The SEC Vendor Display Rule requires that brokers give clients access to the NBBO at the point of order entry. In order to provide users with free live streaming market data, we cannot display this free stream when entering an order without the client subscribing to the paid NBBO.

Background:

Under the Rule 603(c) of Regulation NMS (Vendor Display Rule), when a broker is providing quotation information to clients that can be used to assess the current market or the quality of trade execution, reliance on non-consolidated market information as the source of that quotation would not be consistent with the Vendor Display Rule.

Therefore and according to FINRA's enforcement of the SEC rule, any client of a broker that is purchasing real-time quotes must buy the NBBO real-time services when making trading decisions.

All clients have access to streaming US equity quotes from the four CBOE exchanges and IEX at no charge. Since this data does not include all markets, we cannot show this quote when entering parameters for a US stock quote. Order routing will not change based on what is shown on the screen. If one is subscribed to NBBO quotes or not, by default the trade will still take place with the assistance of the SMART order router designed to provide the best price for the order.

Please see the sample screenshots below from TWS Classic and TWS Mosaic for what occurs when placing an order without the NBBO streaming subscription for US equities.

TWS Classic:

1. Screenshot of quotes showing without order entry line item

2. Screenshot of quote going blank when putting in the order entry line item

TWS Mosaic:

1. Screenshot of quotes showing without order entry line item

2. Screenshot of quote going blank when putting in the order entry line item

IB TWS和IB Key整合為移動IBKR

概況

如何遷移賬戶使用者取決於您當前使用何種應用程序：

1. 您的智能手機僅用於交易（安裝了IB TWS）- 點擊此處
2. 您的智能手機僅用於驗證（安裝了IB Key） - 點擊此處
3. 您的智能手機既用於交易，也用於驗證（安裝了IB TWS和IB Key） - 點擊此處
4. 您的智能手機用於進行借記卡交易（安裝了IB Key） - 點擊此處

您是IB TWS用戶

您使用手機上的IB TWS交易，但您未使用IB Key。
1. 在首次打開應用程序時，您將看到以下新的主頁面。
圖1是iOS設備上的移動IBKR主頁面。圖2是安卓設備的版本。

圖 1 圖 2

2. 點擊“交易”按鈕。
3. 應用程序的其它方面與您之前使用的一樣。

通過“交易”頁面訪問其它功能

如您希望使用移動IBKR的其它功能，比如驗證模塊或借記卡功能：

對於iOS設備（圖3）
1. 打開菜單上的“更多”（頁面右下角）。
2. 滾動到頁面底部。
對於安卓設備（圖4）
1. 打開“應用”菜單
2. 滾動到底部的App設置

圖3 圖 4

您是IB Key使用者

激活

1. 打開移動IBKR并點擊“驗證”。
2. 應用程序會檢測設備上是否安裝了IB Key并提示您下一步如何操作 - 要么自動遷移（圖5），要么先更新、然后再自動遷移。
您也可選擇之后再手動遷移。

圖5 圖6 圖7

遷移完成后，如您嘗試運行獨立的IB Key應用 - 即您之前驗證過的IB Key - 您將看到以下界面（圖8）。

圖8

日常操作

A. 如您有網絡連接，則日常登錄沒有任何變化 - 系統會使用無縫驗證：
1. 在（TWS、賬戶管理、網頁交易者或移動IBKR）的相應區域內輸入您的登錄信息。點擊“登錄”。
2. 系統會向您的手機發送一條通知 - 點擊該通知。
3. 取決於您的設備，（在iOS設備上）將面部置於攝像頭前或在指紋傳感器上按壓指紋，或（在安卓設備上）輸入您的PIN碼。系統會自動登錄。

B. 如您沒有互聯網連接，您可通過驗證-響應的模式使用移動IBKR：
1. 在（TWS、賬戶管理、網頁交易者或移動IBKR）的相應區域內輸入您的登錄信息。點擊“登錄”。
2. 點擊“我沒有收到通知”。
3. 打開移動IBKR并點擊“驗證”。
4. 在您手機的“驗證碼”區域輸入登錄界面上顯示的值。點擊“生成”按鈕。
5. 在登錄界面的“響應字符串”區域輸入您智能手機應用顯示的值。點擊“登錄”。

您既是IB TWS的使用者，也是IB Key的使用者

1. 請先激活移動IBKR程序的“驗證”模塊（點擊此處）。
2. 點擊您新的移動IBKR應用主頁面上的“交易”按鈕登錄交易界面（點擊此處）。

您使用IB借記卡

1. 請先激活移動IBKR程序的“驗證”模塊（點擊此處）。
2. 在移動IBKR應用的主頁面上點擊“借記卡”按鈕。其它功能的使用和過去一樣。

How to overcome the "Downloading settings from server failed" error

Background:

Store settings on server allows clients the ability to store their Trader Workstation (TWS) settings/configuration on the cloud and retrieve them at anytime from another computer. This feature allows you to use the layout of a specific user on two or more machines.

In some specific circumstances, the operation which stores/downloads the settings to/from the cloud may fail and the following error message may appear shortly after the TWS has loaded on the screen:

How to overcome this error message?

The underlying causes of this message are usually the following:

ACCESS TO THE LOCAL MACHINE IS BLOCKED: A security setup, such as a firewall or antivirus, prevents the access of this computer to the cloud storage. This prevents TWS from accessing the remote server, thus disallowing the settings file upload or download. Recommended workaround: set up an exception on the firewall or antivirus in order to exclude the TWS executable file (c:\Jts\tws.exe) or the entire TWS folder (C:\Jts) from the real time security scan. The procedure to set an exclusion may vary, according to the software you are using, therefore we recommend consulting the user guide or the on-line documentation of your specific security program.
ACCESS TO THE REMOTE SERVER IS BLOCKED: A firewall or proxy service blocks the communication with the cloud storage through the network on which this computer is. In this scenario, you (or your IT / Networking departments, in case you do not have the rights for such an operation) can modify the firewall or proxy settings to allow the computer to communicate with the cloud server s3.amazonaws.com on the TCP port 443. For additional details about the hosts/ports which needs to be allowed for the proper TWS operation, please see as well the section "DESKTOP TWS" of KB2816. Please refer to the documentation of your specific software in order to create specific rules for your firewall or proxy system.

See KB2323 for instructions on how to restore TWS settings from external storage

See KB2320 for instructions on transferring settings from one user to another

IB TWS and IB Key Merger into IBKR Mobile

OVERVIEW

The migration for your user depends upon your current use of the apps as follows:

1. Your Smartphone is solely used for trading (IB TWS installed) - Click Here
2. Your Smartphone is solely used for authentication (IB Key installed) - Click Here
3. Your Smartphone is used for both trading and authentication (IB TWS and IB Key installed) - Click Here
4. Your Smartphone is used for Debit Card transactions (IB Key installed) - Click Here

You are a user of IB TWS

You have been trading on your smartphone with IB TWS and you have not used IB Key.
1. Upon first launch of the application you will see the following new Home Screen.
Figure 1 is the Home Screen of IBKR Mobile for iOS devices. Figure 2 is the Android device version.

Figure 1 Figure 2

2. Tap on the Trade button.
3. The rest of the application experience is identical to what you have already used in the past.

Access to the other functions from the Trading Screen

If you wish to access the other functions of the IBKR Mobile, such as the Authentication module or the
Debit Card functions:

For iOS (Figure 3)
1. Open the menu ‘More’ (lower right-hand corner of your screen).
2. Scroll to the very bottom of this page
For Android (Figure 4)
1. Open the Application menu
2. Scroll to the bottom section - App Settings

Figure 3

Figure 4

You are an IB Key user

Activation

1. Launch the IBKR Mobile and tap on Authentication.
2. The app will detect the installation of the IB Key and will suggest a course of action - either an
automated migration (Figure 5) on an update and then automated migration.
You can as well choose to manually migrate at a later point.

Figure 5 Figure 6 Figure 7

After the migration is completed, should you run the IB Key standalone application - the one you have
authenticated with in the past - you will see the following screen (Figure 8).

Figure 8

Daily Operation

A. Nothing changes in the daily login experience if you have an Internet connection - the Seamless
Authentication process will be used:
1. Enter your credentials in the corresponding fields (in the TWS, Account Management, WebTrader or
IBKR Mobile). Click on Login.
2. The system will send you a notification on your smartphone’s screen - tap on it.
3. Depending on your device, present your face to the camera or fingerprint on the sensor (iOS) or
enter your PIN code (Android). The system will the automatically proceed with the login.

B. If you have no Internet connection, you will use the IBKR Mobile in Challenge-Response mode:
1. Enter your credentials in the corresponding fields (in the TWS, Account Management, WebTrader or
IBKR Mobile). Click on ‘Login'.
2. Click on the link saying “I did not receive a notification”.
3. Launch the IBKR Mobile and tap on ‘Authentication’.
4. In the field Challenge of your smartphone application enter the values displayed on the Login
Screen. Tap the ‘Generate’ button.
5. Enter the values displayed by your smartphone app into the field Response string on the Login
Screen. Click ‘Login’.

You are a user of both IB TWS and IB Key

1. Please complete first the procedure for the activation of the Authentication module of the IBKR
Mobile app (Click Here).
2. Login to the trading screen by taping on the Trade button of the Home Screen in your new IBKR
Mobile app (Click Here).

You use an IB Debit Card

1. Please complete first the procedure for the activation of the Authentication module of the IBKR
Mobile app (Click Here).
2. On the Home Screen of the IBKR Mobile app tap on the Debit Card button. The rest of the experience
is identical to what you have already used in the past.

How to adjust font size in TWS

Background:

By default, Trader Workstation (TWS) is designed to display in a font size and style which can be read comfortably for the average user across various screen sizes and resolutions. With the advent of new technologies, there has been an exponential push to make monitors with higher display sizes and your layout may need to be further adjusted manually. This document serves to explain how to manually adjust the font size for TWS.

Procedure

To adjust font size throughout TWS:

From the Anchor window, click the Font Size Adjustment icon.
Check the button Adjust window & column widths to ensure all windows will resize automatically to keep the same font:window ratio. (If unchecked, only font size will change but window size will remain the same).
Click the button Smaller or Larger until the font size is correct.
Notice that the font size will change immediately as you click the button.
Click the Font Size Adjustment icon when done.

Note: It is possible that currently not all windows will be adjusted in the same way.

參考

參考鏈接

Table of content

Technical Background

您是IB TWS用戶

通過“交易”頁面訪問其它功能

您是IB Key使用者

日常操作

您既是IB TWS的使用者，也是IB Key的使用者

您使用IB借記卡

You are a user of IB TWS

Access to the other functions from the Trading Screen

You are an IB Key user

Daily Operation

You are a user of both IB TWS and IB Key

You use an IB Debit Card

Procedure

Top Tags