TradeKing is a member of the Securities Investor Protection Corporation (SIPC), which provides protection for accounts up to $500,000 (including $100,000 for claims of cash) per client as defined by SIPC rules. An explanatory brochure is available upon request or at www.sipc.org or via telephone at (202) 371-8300. Through its clearing firm, TradeKing provides an additional $25 million of coverage per client (including $900,000 for claims of cash) through a third-party insurance company with an aggregate clearing firm limit of $100 million to pay amounts in addition to those returned in a SIPC liquidation. This brings the total protection per client to $25.5 million with a limitation of $1 million on claims for cash balances for each client (as defined by SIPC rules). This coverage does not include transactions or trading losses or declines in the value of securities.

Computer hackers recently infiltrated brokerage accounts at our competitors in one of the biggest cases of identity theft to date in our industry. Although TradeKing has not experienced the problem to the extent that some of its competitors have, we are taking this issue very seriously. We already use one of the web's highest-grade security and encryption technologies to protect your account. Be sure to visit or Online Security center to better understand how to maximize this protection.
 

The security and privacy of your personal and account information are important to TradeKing. Our approach to protect it encompasses technology, processes and procedures.
 

Firewalls and Secure Socket Layering (SSL) Technology

TradeKing has security measures in place to protect the loss, misuse and alteration of the information under our control. The secure site area uses SSL (Secure Socket Layer) technology to provide a secure environment for all transactions. When you submit sensitive information via the website, your information is encrypted online (look for the padlock icon on your browser to verify security). We maintain electronic (such as firewalls) safeguards to maintain the confidentiality of your information.
 

Username and password security

TradeKing will never request your username or password or your personal information. To protect the security of your account, TradeKing will not provide or confirm your password. No one from TradeKing will ever request your password. If you forget your password, you will be able to reset it online at any time. We also offer two levels of security by letting clients set up two passwords: one to access account information, one to enter orders and execute other sensitive transactions, such as fund transfers. By setting up two different passwords, and not entering your "trading password" when you log in, risk of unauthorized access to your account is greatly reduced.
 

Failed Login Attempts

To protect your account from unauthorized users, TradeKing blocks access to your account after a set number of unsuccessful login attempts. To restore access to your account you must contact Customer Service. Once we determine that no unauthorized activity has occurred, your access will be restored.
 

Customized Automatic Logoff

To help ensure that you never leave your personal information unattended, our system automatically logs you off after a period of inactivity. The system allows you to set the time of your automated logoff (min. 30 mins. - max 180 mins.).
 

Policies and Procedures

We believe that your privacy should never be compromised. At the same time, we want to offer you the array of products and services you need to accomplish your goals. TradeKing provides investment brokerage services by means of its own internal operation and those of its clearing firm and other unaffiliated third party providers such as mutual funds and variable product sponsors. TradeKing acts as an introducing broker to its clearing firm, which in turn processes the transactions and acts as the account custodian. Your information is segregated in our offices and servers. Only employees and third-party service providers who need the information to perform a specific service are granted access to your information. Furthermore, all employees are kept up-to-date on our security and privacy practices and our service providers are contractually obligated to keep information confidential. The standards we adhere to are covered in our Privacy and Security Policy.

We are not trying to make access more difficult - we are trying to make access more secure. These new measures are intended to provide an added level of security to help prevent hackers or other online criminals from stealing your information from your computer and thereby gaining access to your account. We subscribe to "an ounce of prevention is worth a pound of cure" philosophy, which is why TradeKing is going beyond the standard line of defense you see at other brokerages to give you that added level of protection and peace of mind.
 

For the past few years the efforts of sophisticated criminals to break into online financial accounts have been reported in the popular press and are known to all of us. Last year the Federal Reserve required banks to implement some form of "two-factor authentication" to combat criminal activity; brokerages have, historically, been more nimble and "self-policing." And while some of our competitors have had scores of accounts compromised and lost millions of dollars, that hasn't happened at TradeKing and we want to keep it that way.

No, but we recognize it as a potential threat to our clients and we'd rather stay ahead of the issue than wait for it to become a problem.

Setting up the new, more secure login will only take a few minutes of your time and, we believe, will provide a great deal of added protection for your account.

You will go to the TradeKing home page:

1. On the home page, you will enter your user name then select Login.
2. On the next page, you will be shown a keyboard and will enter your password using your mouse to select keys on the keyboard. Then, you'll hit Login again on the button to the right of the keyboard.
3. On the third page you will be given the opportunity to tag, or "name" your computer (an important step), choose and answer three security questions and select a security ID image (picture or image that will be visual proof that you are on TradeKing's site in future logins).
4. You are in your account. If you are a new user, you will also have to complete a real-time quote agreement, and then you will be in your account.

There are five key elements or factors in our new security setup:

1. An On-Screen Keyboard: This anti-phishing measure thwarts "keyloggers", which are malware programs that spread like viruses and are used by criminals to steal a record of what keys an individual types in order to steal access to their information and their money. By avoiding the use of the keyboard altogether for password entry, such keylogging devices which capture keystrokes are stopped from recording your password.
2. A Secure Image/Watermark/Site ID: These are names for the same thing; an image selected by the user and placed next to the onscreen keypad. If a user does not see or does not recognize the image they should not enter their password. This security measure specifically protects you against a type of criminal activity known as "phishing".
3. Three Secret Questions: You will be required to choose three questions from a pool of twelve. Once the question is selected you will then type in the answer to the question. The questions will be displayed as images to prevent illegal screen-scraping tactics.
4. Account-based Questions: These questions are generated automatically by TradeKing when a user is attempting to login from an unknown computer. The answers to the questions will be known by the customer as they are questions about the customer's account. Only one question is presented.
5. Device Authentication: This feature is used to "tag" or name customers' preferred computers/devices. This allows for the possibility of simple authentication on known devices. The customer's primary device can be "cookied" so that they can access their account without using multi-factor authentication.

If you need additional help, we encourage you to contact one of our customer service representatives through our TradeKing chat, email or toll free number: (877-495-KING)

This anti-phishing measure thwarts "keyloggers" by avoiding the use of the keyboard altogether for password entry. Thus, keylogging devices which capture keystrokes will not be able to record the password.

No. We do have a version of the on-screen keyboard that utilizes Flash 9.0. The presence of Flash 9.0 is preferred because it helps us hide the keyboard logic and functionality. In addition to preventing key logging, hiding the functionality helps thwart "phishing" attacks by creating obstacles to re-creating the keyboard for use on a spoofed site. In addition, "screen recording" (tracking mouse movements and clicks to note the keys chosen), is still technically possible so we have encrypted the keyboard image to make this far more difficult. Only Flash 9.0 can encrypt the image and make this much more difficult.

Yes, there will be a javascript version of the keyboard available as well.

You will be asked a security question, an account-based question, and to tag your computer whenever you are accessing your account from an unknown computer. An unknown computer is one that hasn't been previously identified by you via naming or by a "cookie." This will help prevent people other than yourself from accessing your account from unknown computers.

This image, selected by the user and placed next to the onscreen keyboard, identifies the site as the official TradeKing web site and not a "spoof" or "phishing" site. If a user does not see or does not recognize the image they should not enter their password.

Yes, others can log in to their account from your computer. A computer may be used by many individuals to enter their accounts as long as it has been "tagged" as an authorized computer for their account.

A keylogger is a type of surveillance software (considered to be either software or spyware, also known sometimes as "malware") that has the capability to record every keystroke you make to a log file, usually encrypted. A keylogger recorder can record instant messages, e-mail, and any information you type at any time using your keyboard. The log file created by the keylogger can then be sent to a specified receiver. Some keylogger programs will also record any e-mail addresses you use and Web site URLs you visit. The organized key logger is the threat and we are using the onscreen keyboard to combat it. This technique is known to be used in an organized effort by penny stock scammers and market manipulators around the globe out to attack your assets. Keylogging has been the primary means by which online brokerage accounts at some of our larger competitors are known to have been compromised.

Malware is an abbreviated term used to describe a "malicious software" program. Malware includes things like spyware or adware programs, such as tracking cookies, which are used to monitor your surfing habits. It also includes more sinister items, such as keyloggers, Trojan horses, worms, and viruses.

Yes, you can choose another security ID image at any time by going to Preferences/Authentication Preferences/Security Image and selecting the "Select a Security Image" button. You may then choose a new image from one of the fifteen presented.

Well, it could mean that you aren't on the TradeKing site but a "spoofed" site or a "phishing" site. Spoofing and phishing are attempts by online thieves to represent themselves as a legitimate website and gather private information, such as your password, by doing so. If you do not see your image please contact us immediately at 877.495.5464 (Available 8am - 6pm ET, Monday - Friday).

This is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a website where they are asked to update personal information, such as passwords and credit card, Social Security, and bank account numbers that the legitimate organization already has. This site often appears valid by using brand logos and other familiar images but the Web site is bogus and set up only to steal the user's information.

When you authenticate by choosing the secret questions, security image and name your computer, we will "tag" your computer with a secure, encrypted "cookie." This allows you to enter only your User ID and password on known computers. A total of three computers may be identified as authenticated.

This is the purpose of the secret questions and computer identification with the encrypted, secure "cookie." Should your password be stolen and used to access your account from another computer, a secret question, an account-based question and the computer name would be asked. All of these would need to be answered correctly in order to access your account.

Tagging your computer(s) allows us to identify that computer as an authenticated device. If you login from a tagged computer we will not require information other then your password and user name. It is always good practice to limit access to computers that are known to you, free of viruses and physically located in a secure location; preferably your home or office. We ask that you only tag computers that are accessed only by you or those you trust. We believe 3 computers covers legitimate access for most individuals.

No. You will still be able to access your TradeKing account. Login attempts from other computers will not be impossible, but you will be required to answer your security questions to prevent unauthorized access. We encourage you NOT to tag a computer that does not belong to you. This will compromise the security of your account.

The additional security questions allow us to identify you as the user when you are on the road or away from your "tagged" computers. If you have not tagged your computer or you are away you will be presented with these questions to identify yourself to us. Please remember the questions and answers that you have selected.

The threats that we are protecting you against do not come from the casual observer. There are a number of steps that the casual observer would need to take if and when they did retrieve your password in this fashion. They would also need to sit down at your tagged computer to access your account. You also have additional security settings such as a trading password that will further prevent any trading or funds movement by anyone but you. Any changes to personal information will also notify you via email. We ask that you remain vigilant in protecting the physical access to your account and let us take care of the technical access.

No. Your primary use computer(s) are tagged locally using a cookie with criteria unique to that computer. The dynamic IP will not impact your login.

We understand that some of you have a great deal of technical ability and that you may take extreme measures in safeguarding your accounts and your computers and we applaud you. We do want you to realize that the organized efforts of penny stock operators and money laundering specialists are as proficient. These security measures are the additional steps that we have identified as most useful in preventing unauthorized access by criminals, and most specifically the types of criminals that have targeted online brokerage client accounts and the specific strategies that are known to be used by those criminals.

The site is not currently designed, optimized or intended for use with cell phones and PDAs, so short term, you may experience some access issues. We do intend to build a mobile-friendly site in the future.

You aren't required to have Flash 9.0 in order to access your account, or sign up for the new enhanced security. A keyboard that doesn't require Flash 9.0 will be made available to you automatically if you don't have Flash 9.0.

You may change the duration of your login timeout under the Services menu item choose Settings. On the Settings page choose Login Settings and set the "Automatically Log Out After..." selection to your preferred log out duration and then Save the changes.

Yes it does. Flash 9.0 is available for Linux users. We are not asking you to change your Operating System to log into TradeKing. We have Linux users at TradeKing and they are using the new security access. Flash Player 9 for Linux shipped on January 16, 2007. Most of the supporting content for these releases can be found on the Adobe.com website.

As for what's next - we can only assure you that we will continue to hold Secure Account Access as one of our top priorities. We will always look for ways to keep your assets safe while at the same time keeping the customer experience as smooth as possible.