FXCM lacking security

Hyper · January 27, 2016, 6:16am

Hi Jason. As you may know I’ve been using FXCM for the last month and love it, it’s such a nice platform to use but I have severe doubts about the security of the platform.

To login requires simply an account number and a password. An FXCM live account is effectively a bank account… Some users may have thousands or even hundreds of thousands deposited on the platform. If an account is compromised and trades are placed. What guarantees do the account holders have?

I would very much like to see 2 or even 3 factor authentication implemented. Whenever a user logs in, even from a trusted IP, they get a 6 digit code sent to their email or mobile via an app. The user then has 3 tries at the security code before the account is locked out.

At first I didn’t give it much thought but an entire account can be lost if it’s compromised. Please Jason, pass this idea on. I would really feel safer with 2 factor authentication.

Thanks for reading.

Jason_Rogers · January 28, 2016, 6:40pm

Hyper:

Hi Jason. As you may know I’ve been using FXCM for the last month and love it, it’s such a nice platform to use but I have severe doubts about the security of the platform.

To login requires simply an account number and a password. An FXCM live account is effectively a bank account… Some users may have thousands or even hundreds of thousands deposited on the platform. If an account is compromised and trades are placed. What guarantees do the account holders have?

I would very much like to see 2 or even 3 factor authentication implemented. Whenever a user logs in, even from a trusted IP, they get a 6 digit code sent to their email or mobile via an app. The user then has 3 tries at the security code before the account is locked out.

At first I didn’t give it much thought but an entire account can be lost if it’s compromised. Please Jason, pass this idea on. I would really feel safer with 2 factor authentication.

Thanks for reading.

It’s my pleasure, Hyper

I’m glad you’re a fan of our Trading Station platform and happy to share your suggestion with our developers.

anon46398846 · January 28, 2016, 6:46pm

that problem is easily solved. just make sure that the payout is made the same way as pay in.

upload oney from account xyz and the only vald account to withdraw that money is the same account from which it came in first place.

really no need for people to have to remember 50 alphanumerical passwords by heard or carry lists arround.

Jason_Rogers · January 28, 2016, 7:02pm

Thanks TURBONero, I will share your suggestion with our Operations department. At this time, we do allow clients with withdraw funds to a different account than the one they originally used to deposit, but the names on the bank accounts must match the name on the trading account for all transfers.

Hyper · January 29, 2016, 9:55am

My concern is that of burning the account, there are some sick people out there and should the request to withdraw money be rejected, they may decide to trash the account but places stupid trades and burning the account.

anon46398846 · January 29, 2016, 2:46pm

use advantage of that lack of security. when you burn your account just try to point out that someone hacked it and you want refund. -think like a wolf.

its higly unlikely that someone hacks your account just to burn your money and have no gain out of the work to chack it and the potential problems law enforcements would put on him because he hacked your account and burned your money. - where theres nothing to steal, theres no crime. only your ex wife could do that but against ex wifes with access to your writte down passwords no broker can protect you.

Jason_Rogers · February 1, 2016, 11:35am

Thank you for telling your concerns. I have shared your comments with my colleagues in the relevant departments including software development, compliance and operations.