IB Secure Device

nonam · Mar 30, 2007

This secure log on will make it much safer to check your positions from internet shops while travelling?At the moment this is a risky thing to do anywhere on the planet.Any thoughts on this?

LT701 · Mar 30, 2007

Quote from IB Salvatore:

Because of the increasing frequency of fraudulent activity targeting online financial services providers, Interactive Brokers will be requiring the use of a security device in the near future. This system will be required for both trading (TWS and WebTrader) as well as financial withdrawals.

There will several variations of the new technology with differing degrees of complexity and security. The existing button-controlled Security Device is the state of the art and has been available as part Interactive Brokers' Secure Transaction Program (STP) for several years.

With any one of the IB Security devices, you authenticate that the financial transactions made in your account are authorized by you. The password generated by the Security Device can only be used once, making attacks by hackers and snoopers virtually impossible.

The deployment of this new system will affect (and better protect) all our clients and we expect many questions particularly from professional traders who typically have more demanding requirements.

Enrollment will start with our Advisor master accounts. Sub (customer) accounts will not be contacted. Advisors should expect notification of their enrollment some time in the next few weeks, starting tomorrow.

Security is by its nature, inconvenient. Unfortunately, it appears on-line account theft and market manipulation represents the most lucrative fraudulent opportunities for organized crime. We expect this will get much worse, and a physical device is the only way to protect your assets. A lesson banks have already learned.

Feel free to post your questions here or contact us through chat or Inquiry ticket.
More...

I obtained one of these devices when I was going to be using WIFI in Mexico.

The device takes a little getting used to, but it *greatly* increased my confidence that someone couldnt stick a straw into my account and suck out all my assets. If someone tried a con on me, claiming that my wifi traffic had been intercepted and account jeopardized, i'd know they were lying, and I'd turn them in, rather than wondering if they were telling the truth.

Your info might still be exposed, and people might be able to tamper with your positions, but they *cant get the money OUT of your account*

Harry Lime · Mar 31, 2007

I'm running an ATS via the TWS API and, like others on this thread, need to to be able to start and restart TWS when I'm not around.

I'll opt out of this program. That said, I sure would like the IP lockdown capability that's currently offered for institutional accounts.

I'd also love the feature someone mentioned of being able to enable limits on tradeable instruments, time of day, maximum positions, maximum losses, etc. via account management.

NoWorries · Mar 31, 2007

Would it be possible to opt out just for the TWS logon, but not for withdrawals?

fhl · Mar 31, 2007

Quote from LT701:

I obtained one of these devices when I was going to be using WIFI in Mexico.

The device takes a little getting used to, but it *greatly* increased my confidence that someone couldnt stick a straw into my account and suck out all my assets. If someone tried a con on me, claiming that my wifi traffic had been intercepted and account jeopardized, i'd know they were lying, and I'd turn them in, rather than wondering if they were telling the truth.

Your info might still be exposed, and people might be able to tamper with your positions, but they *cant get the money OUT of your account*
More...

As has already been described, tampering with your positions CAN take your money out of your account.

local_crusher · Mar 31, 2007

TO IB REPRESENTATIVES:

I think you have a false assumption of a too strong security the device would give.

A hacker can without problems remote-control a logged-in TWS and send orders for executing a pump-and-dump scheme.

Modern Trojans contain not only functions to record mouse & keyboard events, but take full control if neccessary.

In this scenario, the device would be absolutely no help.

Please consider these thoughts.

siki13 · Mar 31, 2007

Quote from local_crusher:

TO IB REPRESENTATIVES:

I think you have a false assumption of a too strong security the device would give.

A hacker can without problems remote-control a logged-in TWS and send orders for executing a pump-and-dump scheme.

Modern Trojans contain not only functions to record mouse & keyboard events, but take full control if neccessary.

In this scenario, the device would be absolutely no help.

Please consider these thoughts.
More...

Maybe IB should restrict those penny stocks and some other trading instrument that is used for pump and dump.
I mean how many of us are trading those things.
Less than 1% of all customers?
For the rest of us that should be disabled by default.
So if you are among this 1% and wants to trade penny stocks you would have to sent some writing
signature document .
Of course enabling this feature over web page account management would
be meaningless because hackers would
then search for a way how to turn it on.

local_crusher · Mar 31, 2007

Siki, your idea offers no help.

I have an idea how an "advanced pump&dump" would work, but won't publish it here as hackers might get the idea.

With this advanced pump&dump, you could empty an account and get 75-90% of the money out of it effectively.
It is not limited to penny stocks.

libertad · Mar 31, 2007

Excellent Commentary.....
........................................................................................

It would seem that there would be a better solution than to carry around a physical object...

I would like to think that the solution would be in the software....
...................................................................................................

However...the physical device is a much simpler solution....and I would like to commend IB for again being the pioneer in the low cost and secure brokerage business...

I suppose that one can easily wire funds to the bank of their choice ...given that they have this safety item ?
...................................................................................................

local_crusher · Mar 31, 2007

While thinking about it today, I came to the conclusion that the IB security token offers no security at all.

Here are my thoughts:

- A trojan can modify TWS XML settings files, thus allowing local API access without the user gaining knowledge.
Next, the trojan will connect to TWS via localhost API or DDE connection.
VERY EASY TO IMPLEMENT.

All modern trojans are modular and an appropriate module would be loaded to the infiltrated victims host if someone wants to steal an IB account.

- WM_KEYDOWN / WM_KEYUP events.
As IB TWS is a Java program, there is no possibility to prevent it being remotely controlled with hostile WM_KEY** events.

For example, software firewalls & virus scanners will typically recognize if they are fed with key events from another software. They load their own drivers (*.sys) and operate in kernel mode.
This is only possible with access to low-level system functions!

By design, IB's JAVA TWS cannot be protected from such attacks as Java does not offer access to low-level system functions or driver access.

An attack with Windows key events would not take longer than 1-2 seconds and the TWS windows could even be minimized during this.
The user would have no chance to intercept this manually.