If they're talking about what they previously called a "token," used to confirm withdrawals from the account, it would have been nice if they spelled that out in the email. It would also been nice if somebody ANSWERED THE PHONE this morning when I called to ask WTF their email was talking about. I guess most other IB users were calling for the same reason. Next time IB is going to make a major procedural change, how about giving customers a little more information and more than 2 days notice so we're not so confused and anxious.
They send it by Fedex to your "address of record"... but if you have both a residential address and a mailing address of record, it's anyone's guess where it actually will go. In my case, even as the IB guy on the telephone claimed that "we only deliver it to your mailing address", the mailroom at work (where my mailing address is) has seen no Fedex package coming. Sure enough, it was sitting on my home's (residential address) front porch instead! This was in the US - the practice in your country may vary.
1 month after I got mine, I got a $12 invoice from Fedex....there is no COD or duties, strange. Anyone else get an invoice? ah well Im not paying out of principle.
I am 100% with segv on this one. I operate both institutional and personal accounts and IB security policy is a complete joke. Now it turned into complete chaos: - some accounts need STP, some accounts do not, some accounts only for certain tasks but not for others etc. What's he logic? Who controls that? - when you change the wire instruction (with STP) then they still call you home and ask you questions like what is your FULL mother's maiden name (sic!) etc. - I can't imagine a weaker security than this (and less INTERACTIVE service). - and why are there still email tokens being sent? Does anybody have similar experience from any other financial institution? For instance when you set up a new recipient on your bank account is there several verification steps? It is very true that IB does NOT have a customer satisfaction in mind when doing all these changes - they do it only to get them off the hook. Everybody bar IB knows that good security is NOT equal to maximizing information traffic between customer and a service provider. They promised us to be able to opt out - so nobody really arranged to move to other brokers. Why the change of opinion at the last moment? Looks like no respect for a customer to me. IB has lots of positives but one day when other firms lower commissions we see what is the real customer loyalty to IB...
It does seem now that STP is in place, some rationalization of the rest of the processes w.r.t. security needs to be done. Like is a 2nd STP request really needed to request funds status? I'd hope this will happen shortly, though, while an inelegance, it doesn't seem like a serious sore point. And from the comments, perhaps STP could've been more gradually phased in over the 80k accounts. It feels like the the STP was added to the front door a tad rushed. Perhaps the scale/breadth of the rollout effort was underestimated? Maybe a good question to ask on the Q1 conf call -- has the roll out of increased security affected customer sat, churn, etc. (Alas, I will not be able to catch it live due to other commitments.)
The STP device they sent me is about the size of a Lexus keyless entry keychain. Maybe a little bigger. The ones that look like calculators are the older ones. FYI, I have an Adviser account and it's not actually making me authenticate to login to TWS. It only requests the passphrase when you deposit/withdraw. Traveler
I agree, their security measures seem like they were created randomly by 5 people working independently of each other. I just added wire instructions, which requires my password and security token and an email token -- that should be enough security already. Yet they require me to call in to confirm my DOB and mother's maiden name. duh, how does that add any additional security to the process? There are hundreds of people out there who know my dob and mother's name. very stupid policy.
Respect for a customer? Huh. They never respected customers. The problem isn't about STP. STP may be good or bad, it's just a symptom anyway. Lack of elementary business culture on all levels is the key. segv complained of 1 week Notice. We have institutional account also and last autumn they altered terms of service without prior notice at all!. We knew that just by chance post factum, several weeks later. That affected our business but they seemed didn't care. As a customer (both retail&pro) I know them for ~7 years and could tell a lot more just not going to waste time and space on these clowns, especially since we move to other brokers (at last!).
No, it is not a stupid policy. Yes, others have access to your dob and mother's maiden name, but adding that extra layer of security of requiring that information does greatly reduce your security risks. Try thinking about it a little.