Firms bolster efforts to combat identity theft

Schwab, TD implement new technology plans to foil the bad guys

Apr 14, 2008 @ 12:01 am

By Brooke Southall

As identity theft continues to wreak havoc on the American public, including those in the financial services industry, firms are rushing to patch up holes in their online defenses with the newest software and processes.

Last year, there were 8.1 million reported victims of identity theft in the United States and their losses totaled about $45 billion, according to Javelin Strategy & Research Inc. of Pleasanton, Calif.

In its latest effort to foil hackers, Schwab Institutional offered new security cards April 4 to financial advisers in two of its 12 regions. The credit-card-like passkeys issued by the San Francisco-based asset custodian constantly update access numbers when advisers touch a finger to them. The advisers then match those numbers to their set pass codes in order to gain access to accounts.

Schwab's move comes as TD Ameritrade Holding Corp. of Omaha, Neb. — still smarting from a rash of bad publicity last year over a massive cyber attack on its client database and, separately, access to client accounts — is starting to launch its own security program.

TD Ameritrade Institutional's new security measures are not reactive, according to Brian Stimpfl, managing director of the Jersey City, N.J.-based firm.

"The spam issue last year has no impact on what we're doing now," said Mr. Stimpfl, who oversees technology for the firm.

Under the new program, a custody client answers four personal questions to augment their conventional pass code. The program is not available to financial advisers until TD revamps its Veo trading platform this summer.

TD is already preparing to send all custody clients free security software from TrendMicro Inc. of Cupertino, Calif., and Sana Security Inc. of San Mateo, Calif., in coming weeks.

Meanwhile, Fidelity Investments of Boston and Pershing LLC of Jersey City are also stepping up efforts to stop hackers and prevent ID theft. Officials at both firms declined to give details.

It's no mystery why these online-dependent companies with hundreds of billions in client assets are hastening to seal their defenses, said Matt Sarrel executive director of Sarrel Group, a New York consultant that specializes in network security.

"More and more studies show consumers are losing faith in doing transactions over the Internet, and these [programs] are being [implemented] in response to that," he said.

One such study, the Internet and American Life Project Survey, was published in February by The Pew Research Center in Washington, Mr. Sarrel said.

The study revealed that 75% of Internet users either agreed (39%) or strongly agreed (36%) that they did not like giving out their credit card or personal data online.

It is understandable that investors would share these fears, said Boston-based Bill Dwyer, president of the independent-adviser-services group of Boston- and San Diego-based LPL Financial.

"It's the modern-day pirates," he said. "It's a huge risk in the industry."

Though Mr. Dwyer declined to give specific details, he asserted that web security is on the front burner at LPL.

"We've been very active in stepping it up," Mr. Dwyer said. "Whether you have problems or not, it's one of the guaranteed risks going forward — keeping data safe."

But not all cyber defenses are created equal, Mr. Sarrel said.

"[Schwab's code cards] add a second layer of authentication," he said. "The [TD] Ameritrade thing is a little more contrived."

Mr. Sarrel added that he personally uses a TD account and that he had difficulty picking four questions out of the choices offered by TD.

"My problem was that a lot of the questions were unanswerable," he said. "Is my favorite book 'War and Peace' or 'Kafka on the Shore,' [which] I read last week?"

But the issuance of cards or tokens also has drawbacks, TD's Mr. Stimpfl said.

"Typically, it's had low adoption rates," he said.

TD's strategy of combining new software with personal questions will also be a solid defense, Mr. Stimpfl said.

"This is layering," he said. "It's more than the sum of its parts."

But TD's e-mail asking for answers to personal questions had an ironic effect on Mr. Sarrel as a customer.

"[Getting the questions by e-mail] was a big warning sign," he said. "My reaction was, 'Now, this is fake.'"

Meanwhile, Schwab says its custody clients have been receptive to the new credit card security measure, according to Schwab spokeswoman Lindsay Tiles.

Schwab sent 800 e-mails to all its advisers in the states of Oregon and Washington, and in Northern California, April 4. During the first four business days, Schwab received requests for 500 cards.

Adopting the security cards companywide was a "no-brainer," said Chris Braudis, vice president of operations for The Mutual Fund Store LLC of Overland Park, Kan., which has a combined $4 billion in assets under management.

His firm rolled out the cards to its 100 financial advisers — both franchisees and staff advisers — during Schwab's pilot program, and there was no resistance, he said.

"You're always looking for objections, and we haven't heard anything," Mr. Braudis said. "It went very well."

While firms continue to find ways to foil web attacks, they are not bulletproof, Mr. Sarrel said.

"This will perhaps prevent casual attacks, but it won't stop a determined, targeted attack."

E-mail Brooke Southall at


What do you think?

View comments

Recommended for you

Sponsored financial news

Upcoming Event

Mar 13



InvestmentNews is honoring female financial advisers and industry executives who are distinguished leaders at their firms. These women have advanced the business of providing advice through their passion, creativity, inclusive approach and... Learn more

Featured video


The power of data

Your clients have financial news and data at their fingertips, but don’t know how to interpret it. Katy Gibson of Envestnet|Yodlee and Blake Kannady of Envestnet discuss the power of leveraging aggregated data.

Recommended Video

Path to growth

Latest news & opinion

Morgan Stanley reports a loss of advisers after exiting the protocol for broker recruiting

The firm said it lost 47 brokers in the fourth quarter, the most in any quarter of 2017.

Morgan Stanley's wealth management fees climb to all-time high

Improvement reflect firm's shift of more clients into fee-based accounts priced on asset levels, which boosts results as markets rise.

Legislation would make it harder for investors to sue mutual funds over high fees

A plaintiff would have to state in their initial complaint why fiduciary duty was breached, and then prove the violation with 'clear and convincing evidence.'

Relying on trainees, Merrill Lynch boosts adviser headcount in 2017

Questions remain about long-term effectiveness of wirehouse's move away from recruiting experienced brokers.

Supreme Court review of SEC judges could roil pending cases

But long-term, the agency may get around questions of constitutionality by changing the way it brings on administrative law judges.


Hi! Glad you're here and we hope you like all the great work we do here at InvestmentNews. But what we do is expensive and is funded in part by our sponsors. So won't you show our sponsors a little love by whitelisting It'll help us continue to serve you.

Yes, show me how to whitelist

Ad blocker detected. Please whitelist us or give premium a try.


Subscribe and Save 60%

Premium Access
Print + Digital

Learn more
Subscribe to Print