Statistics tell the story in numbers.
Digital Trading and Security Statistics IO Active conducted an analysis of the most-used trading platforms and devices.
They found that 64 percent of desktop apps and 6 percent of mobile apps transferred data without using any form of encryption; the rise of mobile use versus traditional means of accessing the internet will surely see that second number rise.
Without encryption, HTML can be viewed as plain text, and there were quite a few cases of apps and devices using outdated or obsolete protocols.
Another encryption-related issue was investors using unsecured networks and unsupported apps to access their accounts and conduct trades.
The company also discovered that 21 percent of users had unencrypted or weak password protection.
This information was either found stored in configuration files or sent to log files.
Another 25 percent of users weren’t using two-factor authentication to access their accounts.
More than $76 billion dollars in illegal activity is conducted using Bitcoin or other cryptocurrency.
This also affects trading and money markets.
The average price for personal data on the Dark Web is about $0.
20 per individual file.
Multiply that by billions, and you’ll see how lucrative cybercrime can be.
Platform-Specific Investment Security Concerns A report conducted by cybersecurity expert, Alejandro Hernandez found that all 40 major digital trading platforms he investigated had vulnerabilities to some extent.
This included big names, like Schwab and Fidelity, and little players or startups, like Robinhood and Poloniex.
No one is immune.
In addition to encryption issues, including a complete lack of encryption (and end-access points in some cases), there was an issue with lack of session timeouts.
Even on Schwab’s website, users aren’t automatically logged off when they close their browser.
This lapse in basic security allows hackers to enter active sessions and hijack them or insert malicious code.
Outside threats aren’t the only problem.
Many apps and trading platforms include security vulnerabilities as a feature, allowing users to create their own bots and plugins, which are then released and re-circulated to the wider investing community.
These third-party apps and utilities are often insecure and unsupported.
Using the open source coding also means that software can be hijacked and the code altered.
Traditional stock and bond purchases aren’t the only sector with security lapses.
Commodities speculation and strategic FX trading also saw a surge in activity after we began to recover from the global financial crisis in 2010.
Since this fast-paced type of investing is often a solo pursuit conducted by individuals rather than initiated by brokers or financial advisors, it often leaves participants vulnerable to exploitation.
If you’re going to dabble in day trading, make sure to use a reputable platform that offers security and privacy for traders.
This will help ensure compliance with regulations from agencies like the European Securities and Markets Authority (ESMA) and US digital trade regulations, as well as ensuring compliance with data procurement, storage, and usage laws like the GDPR.
Many of the companies cited in the Hernandez report claim they have since fixed vulnerability issues, but traders and online brokerages should put their own security measures in place to fill the gaps.
You can take matters into your own hands by: Reading the fine print regarding data storage and use by trading platforms.
How much data do they need, why do they need it, and what do they do with the data they collect?.GDPR should be mentioned in there somewhere.
Using only secured, encrypted networks and devices while trading, and only go online when using a VPN.
Creating a unique password for each individual loginUsing two-factor authentication for access Trading platforms can improve digital security by: Choosing hosting platforms and apps that put security firstConfiguring sessions to timeout after a shorter inactive timeSetting logins to automatically lock and send an alert after two failed attemptsAcquiring only necessary user information and storing it offlineContinuous, automated network monitoring for resource usage and suspicious activityEstablishing an online knowledge base for users that includes security best practices Final Thoughts For some, financial freedom could be just a few mouse clicks away.
However, your investment strategy shouldn’t be limited to fattening your bank account.
Spending money on the security side of things offers a solid return as well.
Our goal isn’t to make you a more successful investor, but to help you protect yourself and your money.
Nothing can substitute for industry oversight and regulations.
However, knowing what the threats are and how to guard against them will go a long way toward keeping your personal and financial information in your hands.
About the Author Gary Stevens is a front end developer.
He’s a full time blockchain geek and a volunteer working for the Ethereum foundation as well as an active Github contributor.
Sign up for the free insideBIGDATA newsletter.
.