Overview of Secure Login System

Table of contents

 

The security of your assets and personal information is of utmost concern to us and we are committed to taking the steps necessary to ensure you are protected from the moment you open your account.  

To provide you with the highest level of security, Interactive Brokers has implemented a Secure Login System (SLS) through which access to your account is subject to Two-Factor Authentication.
 
Two-Factor Authentication serves to confirm your identity at the point of login using two security elements: 1) Something you know (your username and password combination); and 2) Something you have (an IBKR issued security device which generates a random, single-use security code). As both knowledge of your username/password and physical possession of the security device are required to login to your account, participation in the Secure Login System virtually eliminates the possibility of anyone other than you accessing your account.
 
 

Benefits of Enrollment

The principal benefit of SLS enrollment is to protect your account from unauthorized access. There is no fee associated with enrollment and participants have the added benefits of:
  1. Higher withdrawals thresholds over both single and five day rolling periods.
  2. Ability to change your banking instructions and email address without contact from a member of our Security Team.
  3. Ability to effect ACH & EFT funding transactions beyond an initial USD 20,000 account funding transaction.
  4. The ability to share a single device among multiple usernames registered to the same individual.
 
 

How to Enroll

Enrollment is easy. In the case of new applicants, you will be provided with an email link with instructions for printing and activating an on-line security card during the account configuration step of the online application. This on-line card is intended as a temporary device expiring 21 days after your account has been funded, during which time a permanent device will be shipped to you. Once you receive your permanent device and follow the instructions for its activation, your on-line card will be automatically deactivate and may be disposed. It’s important to note that the permanent devices are set to automatically activated after a set time frame if not manually activated by the account holder. If you choose to use the IBKR Mobile Authentication, (smartphone digital access key application) you will need to validate your phone number. You can do so directly in the smartphone app. Detailed instructions are available in KB2260.
 
If you are an existing user and haven’t already enrolled in SLS, you will need to log into Client Portal, select the Menu icon in the top-left corner and go to Settings User Settings > Security > Secure Login System menu options. You will be presented with a screen displaying the device that you will receive and through which you will confirm your address of record. You can alternatively activate the IBKR Mobile Authentication on your device immediately. How to activate the app, conditions and requirements can be found in KB2260.
 
 
 

Lost, Damaged or Temporarily Unavailable Device

In the case of a lost, damaged or temporarily unavailable security device, you will need to contact your regional Client Service Center via telephone to arrange for a replacement and/or to provide for interim access. Once your identity has been verified you will be provided a temporary passcode (i.e., a static alpha-numeric code which replaces the random code supplied by your security device) that will allow you to log into Client Portal and print the on-line security card. The on-line card will provide interim access for up to 21 days, sufficient time for a replacement device to be shipped or, should your device be temporarily unavailable, time to regain possession of it. See KB1943 for instructions on requesting a replacement device.
 
 
 

Types of Devices

IBKR provides a range of security devices, each tailored to meet the portability and security needs of your particular account. 
  1. SMS - A quick and easy way to complete the Two-Factor Authentication through text messages (SMS) sent to your mobile phone number.
  2. IBKR Mobile (IB Key) – An all-in-one mobile app offering a convenient digital solution for your Two-Factor Authentication needs.  The IB Key protocol found within the app supports both fingerprint and PIN configuration1 and is available for download on both Android phones and iPhones.
  3. Digital Security Card+ - For accounts with an equity of 500K USD or equivalent. It has the same size and shape of a credit card and it is electronic, requiring the user to enter a PIN code as an additional layer of protection.
Note:
For iPhone users you must have either Touch ID, Face ID, or Passcode enabled (refer to: Set up Touch ID or Set up Face ID for directions). Touch ID or Face ID is the recommended choice.  PIN/Passcode supports up to 12 hours of trading access while fingerprint/facial recognition allows for 30+ hours as long as your authenticate at least once during this time period. Please see further details mentioned in our User's guide for Extended Trading Access
 

 

Withdrawal Limits

Clients who participate in the Secure Login System enjoy enhanced withdrawal capabilities, while clients who do not participate are subject to daily and weekly withdrawal restrictions. The amount that a participating client may withdraw or transfer over a given one- or five-day period increases commensurate with the protective value of the device and is outlined in the table below.

Security Device Maximum Withdrawal per Day Maximum Withdrawal in 5 Business Days
None 50K USD 100K USD
SMS 200K USD 600K USD
IB Key 200K USD 600K USD
Security Code Card* 200K USD 600K USD
Digital Security Card* 1M USD 1.5M USD
Digital Security Card+ Unlimited Unlimited
Platinum*/Gold* Unlimited Unlimited
Note: * Represents a legacy device no longer being issued.
 

Back to top

 

Additional Information 

See KB2636 for information and procedures related to Security Devices.
See KB2277 for complete details on IBKR Mobile Authentication (IB Key) for Android.
See KB2278 for complete details on IBKR Mobile Authentication (IB Key) for iOS.
 
 
 

 

Use cases where assistance with system access is required

Overview: 

Please click on the use case below which best describes your login issue for guidance as to how to proceed:

I. No Access to Account Management or TWS

1. I forgot my User Name and/or password

2. I am temporarily without possession of my security device

3. My security device is lost or damaged

4. My temporary passcode has expired

5. My on-line security card has expired

 

II. Partial Access (Account Management only)

1. I am able to log into Account Management with my temporary passcode but not the trading platform

 

III. Full Access to both Account Management and TWS

1. I am in possession of my security device and wish to activate it.

 

 

 

 

 

 


  1. I forgot my User Name and/or password

For security purposes, all requests for assistance with a User Name and/or password must be initiated via telephone and require prior verification of the caller’s identity. Click here for a list of IB’s regional Customer Service center contact numbers.

 

  1. I am temporarily without possession of my security device

If you are temporarily without possession of your security device, interim access may be provided by contacting your regional Customer Service center via telephone where, once your identity has been verified, you will be provided with a temporary passcode.   

This temporary passcode is a static alpha-numeric code which replaces the random code supplied by your security device and which will provide full access to both Account Management and the trading platforms for 2 days.  Should a lengthier period of interim access be necessary and to obtain enhanced protection, it is recommended that you use the temporary passcode to log into Account Management and print out the on-line security card which will operate as a replacement to your security device for up to 3 weeks.   

After the expiration of the temporary passcode or on-line security card, or if you regain possession of your security device beforehand, you will need to log into Account Management and select the menu option to re-activate your security device.

 

  1. My security device is lost or damaged

In the case of a lost or damaged security device, you will need to contact our Customer Service center to arrange for a replacement and to provide for interim access. As the time frame for shipping a replacement device may range form 3 to 14 days depending upon your country of residence, interim access is provided via an on-line security card. The on-line security card may be retrieved for printing or saving as an image to your desktop once a temporary passcode has been provided for Account Management access.

 

  1. My temporary passcode has expired

The temporary passcode is intended to provide full access to both Account Management and the trading platforms for a period of 2 days.  After 2 days, the temporary passcode may no longer be used to access the trading platforms but may be used to access Account Management for an additional period of 10 days.  The Account Management access, however, is limited solely for the purpose of printing or saving the on-line security card.   

If your window of access to Account Management using the temporary passcode remains, you may print or save the on-line security card through which full access to both Account Management and the trading platforms is provided for a period of 21 days. If you are unable to log into Account Management, you will need to contact your regional Customer Service center for assistance.

 

  1. My on-line security card has expired

The on-line security card is intended to provide full access to both Account Management and the trading platforms for a period of 21 days. This time frame, while limited, is intended to provide sufficient opportunity for the account holder to either regain possession of a temporarily unavailable security device or request and receive a replacement device. 

If you are unable to log in using the on-line security card, you will need to contact your regional Customer Service center for assistance and to provide information as to the status of your permanent security device.

 


 

  1. I am able to log into Account Management with my temporary passcode but not the trading platform

If your window of access to Account Management using the temporary passcode remains, you may print or save the on-line security card through which full access to both Account Management and the trading platforms is provided for a period of 21 days. 

If you are unable to log into Account Management, you will need to contact your regional Customer Service center for assistance.

 


  1. I am in possession of my security device and wish to activate it.

To activate either a replacement device or one which was temporarily unavailable and which required issuance of a temporary passcode, you will need to log into Account Management and select the reactivate security device menu option.  Once reactivated, neither the temporary passcode nor on-line security card will remain operable.

 

How to change the PIN of your Secure Login Device

Background: 

Interactive Brokers recommends that you change your PIN regularly to add an extra layer of security.

NOTE: If you do not know your current PIN, you would need to call Interactive Brokers directly to have it reset. Please use any of the phone numbers listed under: ibkr.com/support

Below you will find the procedure for changing the PIN code of your Security Device, according to the device type you are currently using:

      Legacy Devices

 

 

Digital Security Card Plus (DSC+)

      

The PIN of the DSC+ has to be changed from the Client Portal page, following the steps below:

  1. Log into Client Portal using your security device and click the Menu icon in the top-left.
  2. Select the menu options Settings --> User Settings --> Secure Login System
  3. Click on the wheel (Configure)
  4. Click the i (Information) icon next to your active DSC+
  5. Click on Change PIN in the lower right of the pop up
  6. Enter the new PIN you would like to use and confirm it. A Challenge Code will be displayed. Operate your DSC+ with the Challenge Code and your new PIN in order to generate a Response code. Enter it into the Passcode field and click Continue
  1. If the new PIN has been accepted by the system, you will see to a confirmation page. Click OK on the bottom right to complete the procedure. 

Back to top

 

IBKR Mobile for Android Users

 

Open the IBKR Mobile App.

  1. Tap the Services button in te upper-left corner
    IB Key, tap Menu icon in top-right corner
  2. Tap the button Authenticate
    IB Key, tap Change PIN
  3. Tap Change PIN. Some phones may require you to scroll down to see the option.
    IB Key, enter Current PIN, New PIN and Repeat New PIN     IB Key, tap Submit
  4. Enter your username, password, current PIN, and your new PIN twice. Click Submit. Some phones may require you to scroll down to see all the items.
    IB Key, wait till you receive text message with SMS Code     IB Key, enter SMS Code and tap Submit Pin Change
  5. The PIN has been successfully changed. Tap on Done.
    IB Key, PIN change successfully processed, tap Go to start page

Once the PIN has been successfully changed, you can close the IBKR Mobile app and log in to Account Management or to your trading platform using the new PIN. 

Back to top

 

LEGACY DEVICES:

 

Digital Security Card (DSC)

     

Just like the DSC+, the PIN of the DSC is changed directly from Account Management/Client Portal page, following the steps below:

  1. Log into Account Management using your security device.
  2. Select the menu options Manage Account --> Security --> Secure Login System --> Security Device.
  1. Select the radio button "Change Pin of the current security device" and click "Continue".
  1. You will be prompted to enter the NEW PIN in the first field(marked here as A), and confirm it again on the second field(marked here as B). You will be as well requested to operate your device and generate a passcode using the NEW PIN you have chosen. That passcode has to be typed into the last field(marked here as C)
  1. A SUCCESS message will appear and the new PIN will be in effect.

Back to top

 

Platinum and Gold Devices

If you use a Platinum or a Gold device, you would only need to change the PIN directly on the device itself, following the instructions below:

1. Press the 'ON' button.

2. Enter your current PIN.

3. Once the CHALLNG? prompt is displayed, press the 'PIN' button.

4. Once the NEW PIN prompt is displayed, enter your NEW PIN.

5. Once the AGAIN prompt is displayed, re-enter the NEW PIN to confirm it.

6. If the new 4-digit PIN was re-entered successfully, a SUCCESS message will appear and the new PIN will be in effect immediately.

Back to top

 

 

How do I return my secure login device to Interactive Brokers ?

In the event you need to return your secure log in device to Interactive Brokers (due to damage, breakage, account consolidation or closing purposes), please follow the instructions below:

  1. Download and print the Secure Login Device Return Form
  2. Complete the form and package it with your device 
  3. Mail your package to the applicable address below

For your protection, we strongly recommend using a padded envelope for your return, and a carrier that provides a tracking number (e.g., UPS, FedEx, DHL, or USPS Express Mail only) since you will be held liable for the token's return. Please allow 3 - 5 business days after shipment for your account to reflect the receipt by IB of the returned device. Please note delivery time can vary due to carrier delays.

Additional Action For Replacement Returns
If this is a replacement return and not a closing of an account, please call our security support team, at the number below, to notify us of your defective device and we will provide you with a temporary security code allowing you to continue to access your account until you receive your new secure log in device. IB offers multiple device types, and the replacement considerations associated with each are outlined below:

For Digital Security Card+ (DSC+) Users:
If you are returning a Digital Security Card+ (Exhibit 1), and require a replacement device, you will need to log into Account Management and request a new DSC+ (see here for directions.)

Exhibit 1

 Digital Security Card+ 

For Platinum and Gold Device Users:
These types of devices (Exhibit 2) do not need to be returned to IB and can be discarded. Platinum and Gold devices have been discontinued and replacements are no longer available. If you require a replacement device, you will need to log into Account Management and request a new Digital Security Card+ as shown in Exhibit 1 (see here for directions.)

Exhibit 2

Platinum and Gold Device

 

For Digital Security Card (DSC) Users:
These types of devices (Exhibit 3) do not need to be returned to IB and can be discarded.  Digital Security Cards have been discontinued and replacements are no longer available. If you require a replacement device, we recommend activating the IB Key Authentication via IBKR Mobile (see here for directions.)

Exhibit 3

Digital Security Card

For Security Code Card Users:
These types of devices (Exhibit 4) do not need to be returned to IB and can be shredded and discarded. If you require a replacement device, we recommend activating the IB Key Authentication via IBKR Mobile (see here for directions.)

Exhibit 4

Security Code Card

 

Mailing Address and Contacts:

US / Canada
Europe
Mailing Address:
Interactive Brokers, LLC.
Attn: Token Return Department
8 Greenwich Office Park
2nd Floor
Greenwich, CT 06831
USA

US Contact:
1 (877) 442-2757 (Toll free)
1 (312) 542-6901 (Direct dial)

Canadian Contact: 
1 (877) 745-4222 (Toll free)
1 (514) 847-3499 (Direct dial)
Mailing Address:
Interactive Brokers(U.K.)LTD.
Attn: Token Return Department
Gotthardstrasse 3
CH-6301 Zug
Switzerland


EU Contact:   
00800-42-276537 (Toll free)
+41-41-726-9500 (Direct dial)

Russia Contact:
8-800-100-8556 (Toll free)
+41-41-726-9506 (Pyсский)
Asia
Australia
Mailing Address:
Interactive Brokers, LLC.
Attn: Token Return Department
Suite 1512,
Two Pacific Place
88 Queensway Admiralty 
Hong Kong

Contact:
+852-2156-7907 (廣東話)
+86 (21) 6086 8586 (普通话)
Mailing Address:
Interactive Brokers, LLC.
Attn: Token Return Department
PO Box R229
Royal Exchange, NSW, 1225
Australia


Contact:
+61 (2) 8093-7300
Japan
Mailing Address:
Interactive Brokers Securities Japan, Inc.
Attn: Token Return Department
4th Flr Tekko Kaikan,
3-2-10, Nihonbashi Kayabacho, 
Chuo-Ku, Tokyo 103-0025
Japan

Contact:
+81 (3) 4588 9710 Direct dial (English)
送り先:  
インタラクティブ・ブローカーズ証券株式会社
〒103-0025
東京都中央区日本橋茅場町3-2-10
鉄鋼会館4階
トークン戻る学科

接触:
+81 (3) 4588 9700 直通 (日本語)             

 

Account Closing
Access to Account Management for the purpose of reviewing and/or printing activity statements and any tax forms is provided following the return of your device and closing of your account.  Once closed, you will be able to log in without the security device and will only need your existing user name and password.

Question regarding security devices may be addressed to the security group at any number from above.
 
For information regarding replacement fees for security devices which are either lost, stolen, damaged or not returned upon account closing, please refer to KB1861.

 

Determining SIPC coverage where multiple accounts exist

Multiple accounts maintained in the same name and taxpayer ID number are grouped for purposes of applying the maximum per client protection limits of $500,000 by SIPC and $29.5 million under Lloyd’s supplementary protection. However, if you hold accounts with IBKR in separate capacities (for example, an account in your name, a trust account of which you are the trustee or a beneficiary, or a joint account), then each account would be protected by SIPC and the supplementary protection up to the stated limits.

Links:

Account Protection

SIPC

How can I request for a replacement secure login device or temporary security code?

IBKR is committed to protecting your account and your account assets from fraudulent practices. The Secure Login System provides an extra layer of security to your account. For security purposes, all replacement security device requests must be addressed via telephone and only after the identity of the named account holder or authorized user has been verbally verified. For assistance in accessing your account immediately and obtaining a replacement security device, please contact IBKR Client Services via telephone to restore login access.

 

References
  • See KB69 for information about Temporary passcode validity
  • See KB1131 for an overview of the Secure Login System
  • See KB2636 for information and procedures related to Security Devices
  • See KB2481 for instructions about sharing the Security Login Device between two or more users
  • See KB2545 for instructions on how to opt back in to the Secure Login System
  • See KB975 for instructions on how to return your security device to IB
  • See KB2260 for instructions on activating the IB Key authentication via IBKR Mobile
  • See KB2895 for information about Multiple 2Factor System (M2FS)
  • See KB1861 for information about charges or expenses associated with the security devices

 

How long does a temporary security code last?

IBKR will issue a temporary passcode to secure login system participants in the event their security device has been misplaced, lost or damaged.  The temporary passcode is intended to provide full access to both Client Portal and trading platforms for a period of 2 days. After 2 days, the temporary passcode may no longer be used to access the trading platforms but may be used to access Client Portal for an additional period of 10 days. Client Portal access, however, is limited solely for the purpose of printing or saving the online security card.

The online security card, in contrast, has a lifespan of 21 days, providing the account holder with an opportunity to locate the misplaced device or have the lost or damaged device replaced. Account holders who remain without their physical security device and are unable to log in using either the temporary passcode or on-line security card will need to contact Client Service in order access the account.  

IMPORTANT NOTICE

As a matter of policy, IBKR will not issue consecutive temporary passcodes to a given account, but rather will act to restore the account protection to the most secure level, which is that provided by the physical security device.

 

References
  • See KB70 for instruction for requesting a Temporary passcode
  • See KB1131 for an overview of the Secure Login System
  • See KB2636 for information and procedures related to Security Devices
  • See KB2481 for instructions about sharing the Security Login Device between two or more users
  • See KB2545 for instructions on how to opt back in to the Secure Login System
  • See KB975 for instructions on how to return your security device to IB
  • See KB2260 for instructions on activating the IB Key authentication via IBKR Mobile
  • See KB2895 for information about Multiple 2Factor System (M2FS)
  • See KB1861 for information about charges or expenses associated with the security devices

 

How do I change my email address?

Overview: 

To change your email address, you will first need to submit the request through Client Portal. From within Client Portal select Settings followed by User Settings and then click the gear icon next to Email Address in the Communication section. If you have access to your old email, we will send a secure confirmation number to your existing email address. You will then be prompted to enter the confirmation number and your new email. If you do not have access to your old email, you will be prompted to enter your current password along with your new email address. Click Submit to complete the request.

Glossary terms: 

Can I change my password online?

Overview: 

Account holders who are able to log in to Client Portal may change their password by selecting the Settings section followed by User Settings and clicking the gear icon next to the word "Password" in the Login section. Passwords must be between 6 and 40 characters in length and must contain at least one alpha and one numeric character.

Account holders who are unable to log into Client Portal may change their password through the Online Password Reset tool. The password rules stated above will still apply. You may either click HERE, use the "Forgot Password?" link at the bottom of the Client Portal login or click the link provided upon an invalid login to TWS to request a password reset.

  

IMPORTANT NOTE

Passwords greater than 8 characters in length are only supported on newer versions of IBKR's software. More details are provided on the password reset page within Client Portal. Account holders may also contact Client Service for assistance with password changes. For security purposes, all log in issues and password requests can only be addressed once the identity of the named account holder has been verified.

Syndicate content