By Bob Eckel, CEO of Aware, Inc.
As with all web-based accounts, investors must take precautions to ensure their online investment accounts remain secure, including vetting of the trading platforms to ensure their security measures are adequate. Online investment accounts can be at risk from hacking or fraud, and investors must evaluate each platform they may trade on to ensure that this risk is as low as possible.
As part of the due diligence process, investors should consider several key factors when deciding which trading platforms to use and which to avoid. In this article, we’ll examine three important platform elements that should be present for investors to feel secure and confident when entrusting their investments and trades.
Platform Security
At a bare minimum, online investment platforms should offer one-time password (OTP), which requires the user to enter a password generated by an algorithm that is valid only for one login session or transaction; or multi-factor authentication (MFA), a method of authentication that requires the user to provide two or more pieces of evidence (or factors) that prove their identity.
These factors are usually offered in two categories: something the user knows (e.g., a password or a PIN) or something the user has (e.g., a smartphone or a token). The idea behind MFA is that combining different factors makes the authentication process more secure and resistant to attacks, such as phishing, brute force, or credential theft.
However, these common methods of authentication – both OTP and MFA - are not foolproof, as username and password sequences can be stolen, and codes sent to devices and email addresses can be intercepted.
That’s where biometrics can step in to fill those security gaps. Many online investment platforms now offer biometric safeguards for online investment accounts, especially for those who access accounts on mobile devices.
Biometric authentication methods such as fingerprint scanning, facial recognition, voice recognition or iris scan can be used alone or to supplement traditional login credentials like passwords or PINs as part of a more sophisticated multi-factor authentication approach.
This ensures that only authorized individuals can access online trading platforms and execute transactions, reducing the risk of unauthorized access, fraud, and identity theft.
Platform Responses to Malicious Actors
Fraudsters have an uncanny ability to evolve their tactics in lockstep with authentication methods. As biometric security measures have become increasingly common, fraudsters are becoming more resourceful. For example, if an online investment platform requires facial recognition via mobile device to grant account access, bad actors have taken to grabbing or scraping images off of social media and using them to circumvent that security measure.
Investors should ensure their online accounts are protected in tandem with these rising and evolving threats. Liveness detection, an accompanying technology to biometrics, is one such way many online investment accounts protect their investors' identities. By using algorithms to detect indicators of a non-live image or voice —thus ensuring that a presented image or voice is, in fact, a real, living person - liveness detection adds an extra layer of security.
Platform Speed and Convenience
Speed matters in stock trading. It sounds simple, but when you consider that billions of dollars have been spent on devising systems to maximize speed with powerful computers and servers to power connective technologies, it becomes apparent that a more involved authentication process like certain forms of two-factor authentication may not be ideal for the lightning-fast pace of the markets.
Biometrics, on the other hand, can streamline while also strengthening and securing the login process, making this approach an ideal security measure on multiple fronts. Biometrics reduces friction by eliminating the need to remember multiple complex passwords or go back and forth to get a login code.
This enhances the user experience and overall productivity, as investors can quickly and securely access their accounts using biometric features on their devices. Biometrics take a fraction of a second.
Investors evaluating which platforms are worthy of their trust can safeguard their hard-earned investments and ongoing stock trades through convenient, swift security measures that enable them to access their accounts without bogging them down with extra codes or complex passwords.
Similarly, the platforms hosting these accounts can stay ahead of fraudsters by investing in sophisticated security measures – such as biometrics augmented by liveness detection – thus ensuring their security approaches evolve in lockstep with bad actors.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.
Bob Eckel
Robert Eckel has been Aware’s Chief Executive Officer and President since September 2019. Mr. Eckel also serves on the board of directors for the International Biometrics + Identity Association (IBIA), and as a strategic advisory board member of Evolv Technology.
Read Bob's Bio