The best online brokerages make cybersecurity a shared responsibility. It starts with an online broker's own website security. But that's just half the battle. The other half is providing clients with tools that keep their stock trading accounts safe from hackers.
X
In an IBD survey,Interactive Brokers (IBKR), Fidelity brokerage and Charles Schwab (SCHW) ranked as the Best Online Brokers in Website Security, based on the brokers' own customers' ratings. They've stayed ahead of hackers in website security. And, they've helped clients step up their cybersecurity game with advanced technology.
One reason Interactive Brokers and Charles Schwab ranked high is that clients liked their use of fingerprint recognition technology in mobile trading apps. Fidelity, meanwhile, offers voice recognition technology in phone-based identity authentication.
- View The Full Best Online Brokers Special Report
- See Lists Of The Best Online Brokers Overall And In Every Category
Investors participating in IBD's Best Online Brokers Survey ranked Website Security as the third most important broker attribute, right behind Low Commissions & Fees and Trade Reliability.This is the first year that Website Security was included in the survey.
Data breaches at Yahoo, Equifax and Marriott International have put investors on alert. Brokers have employed technology to speed identity verification and authentication and reduce client frustrations in signing on to their accounts.
Website Security: Encryption, Secure Servers, Access Control
"There needs to be a good balance of security requirements vs. ease of use," said Scott Schenkelberg, a client of Schwab, in an email.
Based on the IBD survey, clients of Interactive Brokers, Fidelity and Schwab have confidence that they're doing the right things in website security.
"I rated Schwab high on security because of my use of their services in a variety of applications," added Schenkelberg. "On desktop, I'm prompted to reverify my browser if I am on a new computer. Additionally, I use their mobile app, which allows for fingerprint sign-in."
As with banks, credit card networks and other financial services companies, there's a lot at work behind the scenes in website security and deterring fraudsters.
There's computer network security software and data encryption technology. There are tight controls on employees, managers, contractors and consultants with access to computer systems and trading accounts. Hackers often aim to compromise networks by targeting management with administrative accessto computer systems.
Audits, Best Practices Add to Website Security
Interactive Brokers, at its website, says its internet-facing computerserversare protected by "firewall" software technology that detects unauthorized traffic. It says the most important computer servers reside on isolated networks that have no direct internet access.
A big part of fraud detection is assessing vulnerabilities with the help of third-party audits. Interactive Brokers, Schwab and Fidelity also work with the Financial Industry Regulatory Authority (FINRA) and other groups to maintain best practices in security.
IBD Newsletters
Get exclusive IBD analysis and actionable news daily.
IBD Newsletters
Get exclusive IBD analysis and actionable news daily.
Please enter a valid email address
Please select a newsletter
Get these newsletters delivered to your inbox & more info about our products & services. Privacy Policy & Terms of Use
Thank You!
You will now receive IBD Newsletters
Something Went Wrong!
Please contact customer service
Fidelity, for example, is compliant with ISO 27001 security standards published by the International Standardization Organization. ISO 27001 aims to find out where the risks are and systematically address them. Both Schwab and Interactive Brokers say their practices are consistent with guidance contained in ISO 27001, FINRA and/or the National Institute of Standards and Technology Cybersecurity Framework.
Online brokers have a solid record in website security. Hackers broke into customer accounts at E-Trade (ETFC) in 2006 and atScottrade in 2015. Those have been the only well-publicized data breaches.
Broker Reimbursem*nt For Fraud-Related Losses
Many online brokers will reimburse clients for losses from unauthorized activity in accounts. That's important because brokerage accounts are not protected by the Federal Deposit Insurance Corp. But, to be reimbursed, customers can't engage in reckless online behavior that makes accounts vulnerable to hackers.
"Both parties share equal responsibility in terms of security," added Schenkelberg. "The broker needs to ensure data provided by customers is secure from any threats. The customer also needs to be vigilant in who they provide their information to and where they're accessing their information from." At its website, Schwab makes clear in its security guarantee on reimbursem*nt that clients have responsibilities in safeguarding information.
One big concern for online brokers and clients is the increase in phishing scams. Hackers send fake emails that appear to come from the broker. The fake emails are designed to trick investors into clicking on a link that sends them to a bogus webpage. There, hackers aim to obtain pass codes and other personal data.
Phishing Scams On The Rise
In addition to warning about phishing attacks, Schwab uses validation certificates to let clients know they're on its official website. Clients need to look for a green bar and padlock icon in front of the web address at the top of web browsers.
The online brokers, of course, require clients to create strong passwords. But, often resetting passwords actually creates a security risk. For extra login security, the brokers rely on random security codes sent to clients via text or phone.
Soomodh Abraham, for example, does most of his trading at Interactive Brokers from a desktop. But Interactive Broker's mobile trading app is also an option.
When Abraham uses his iPhone to access his account, he's glad the online broker's mobile app makes himuse the device's fingerprint recognition technology.
He notes that the Interactive Brokers mobile app doesn't rely on fingerprint recognition alone. The mobile app also uses a verification code to verify a user's identity. That's done by texting a verification code to a client's smartphone.
Hey Alexa, How's My Stock Doing?
The 43-year-old Abraham says having multiple layers of authentication in mobile trading is one reason he gave Interactive Brokers high marks in cybersecurity in the IBD survey.
"There's additional comfort that no one is going to hack into your account," he said.
Interactive Brokers' app also makes use of facial recognition technology in the most advanced smartphones.
Many U.S. households now have voice-activated, smart home speakers such as Amazon.com's (AMZN) Echo-branded devices. Interactive Brokers and TD Ameritrade (AMTD) have apps that enable clients to get stock quotes and market data from Amazon's digital assistant, called Alexa.
However, website security remains a concern. Interactive Brokers doesn't yet offer the ability to trade on Alexa. But, it hasn't ruled it out, says Kalen Holliday, a company spokesperson.
Fidelity, meanwhile, offers a voice recognition service for account access. "When you call Fidelity, you'll no longer have to enter PINs or passwords because MyVoice helps you interact with us securely and more conveniently," the company says at its website. Fidelity says its technology creates a unique, digitally encrypted voiceprint.
YOU MAY ALSO LIKE:
IBD's ETF Market Strategy:A Way To Stay In Sync With The Stock Market Trend
Track Daily Stock Market Action With The Big Picture
Best Growth Stocks To Buy And Watch: See Updates To IBD Stock Lists
Find Out Which Company Is The IBD Stock Of The Day
