Would you care to explain WHY you are making this claim? So far Hound Dog and Local Crusher have made statements that go unexplained. Perhaps you have something to say that is a little more substantial. Still waiting. OldTrader
I agree, but I'd also like to leave my home computer running to trade my ATS. That won't be possible with the Security Device. I only trade a few of the most liquid instruments in the world (ES, ZN, ZB). If I had the security device to log into account admin and make withdrawals (but not for TWS) and was able to restrict my account to those instruments, I'd be 100% safe.
Already did, just flip back a few pages in the the thread. I made several posts about this on pages 8, 9, 13, and 14.
I think this expanded security device program is a great thing, but I agree with HoundDogOne that it should not be mistaken for a substitue for "complete fraud protection". The security device won't protect against viruses or other malware taking control of the customer's computer, or perhaps hacking IB's own systems. I also wonder if it is even realistically possible for any online brokerage to provide "complete fraud protection." How can a broker protect a customer from the customer's own negligence in failing to secure his own machine? If a theft occurs, how can a broker determine who was at fault for failed security, the customer or the broker? Where should the line be drawn? I will note that even though E-trade claims to provide "complete fraud protection", another thread seems to allege that E-trade does not actually honor this promise in reality. See http://elitetrader.com/vb/showthread.php?threadid=90860.
I think local_crusher provided already the explanation by writing: API access implements a lot of exotic features. The problem is that it seams to leave the backdoor open. Having saying that, I fully support any effort IB does to improve security.
so far it sounds like a great idea if IB allows opt-in/out of limiting add/change trading instruments with the security device. Let's see what the response is from IB Salvatore, and maybe we should submit a feature poll. I'd imagine this should not be very hard for IB to implement, as 'trading access' is already a account management functionality. all they need to do is to enhance it to the instrument level with the security device.
Nick: Yes, I read that explanation. But how exactly can IB ever control a trojan on an individual computer? And where is the customer's responsibility? How does a trojan "take over" your computer when your computer has routers, firewalls, antiviral software, spyware software? That combined with the security device seems to be considerable protection. If I understand this correctly, you and others seem to be pointing at security issues that may be the responsibility of the user, and trying to make them the responsibility of IB via a "Fraud insurance" provision that would be extended by IB. OldTrader
No âcomplete fraud protectionâ but âcomplete fraud protection guaranteeâ to covers customerâs damage. I agree it would have an additional cost for the brokerage firm. However, internet fraud is nowadays a sever problem for secure transactions. And if internet brokerage firms want to survive and expand they have to provide viable solutions.
OldTrader, I also feel more confident by using routers, hardware and software firewalls, antivirus and anti-spyware software and whatever is needed to REDUCE the risk. But, because of my profession, I know (and of course many others on this forum) that the risk of having your computer hijacked can NEVER been totally eliminated. Thatâs why I think that the backdoor that API access leaves open is severe. And after all, why non-API traders have the option to download a version of TWS without API capabilities included?
With the security device, if the only vulnerability left is with the API, then is it safe to assume that the webtrader is bullet-proof?