"Fidelity and Vanguard Online Fraud Policies"

Discuss all general (i.e. non-personal) investing questions and issues, investing news, and theory.
Post Reply
User avatar
Taylor Larimore
Advisory Board
Posts: 25981
Joined: Tue Feb 27, 2007 8:09 pm
Location: Miami FL

"Fidelity and Vanguard Online Fraud Policies"

Post by Taylor Larimore » Sat Sep 23, 2017 8:07 pm

Bogleheads:

Many of us are concerned about the Equifax Security Breach. Consumer Reports discusses the problem which included the following excerpt:
The two biggest investment companies, Fidelity and Vanguard, have voluntary online fraud policies that promise to reimburse assets stolen in unauthorized online transactions.

To get protection, Vanguard requires (and Fidelity requests) that you follow certain safeguards, which you should be doing anyway, including regularly reviewing your account statements and promptly reporting any errors or suspected fraud; keeping up-to-date security on any computer or other device you use to access your account (firewall, antispyware, and antivirus software); not responding to, clicking a link in, or opening an attachment in an e-mail that you suspect might be fraudulent and that requests personal financial information; and using two-factor authentication.
https://www.consumerreports.org/equifax ... faxactives

Best wishes.
Taylor
"Simplicity is the master key to financial success." -- Jack Bogle

User avatar
TheTimeLord
Posts: 4512
Joined: Fri Jul 26, 2013 2:05 pm

Re: "Fidelity and Vanguard Online Fraud Policies"

Post by TheTimeLord » Sat Sep 23, 2017 8:39 pm

Taylor Larimore wrote:
Sat Sep 23, 2017 8:07 pm
Bogleheads:

Many of us are concerned about the Equifax Security Breach. Consumer Reports discusses the problem which included the following excerpt:
The two biggest investment companies, Fidelity and Vanguard, have voluntary online fraud policies that promise to reimburse assets stolen in unauthorized online transactions.

To get protection, Vanguard requires (and Fidelity requests) that you follow certain safeguards, which you should be doing anyway, including regularly reviewing your account statements and promptly reporting any errors or suspected fraud; keeping up-to-date security on any computer or other device you use to access your account (firewall, antispyware, and antivirus software); not responding to, clicking a link in, or opening an attachment in an e-mail that you suspect might be fraudulent and that requests personal financial information; and using two-factor authentication.
https://www.consumerreports.org/equifax ... faxactives

Best wishes.
Taylor
Vanguard requires you to use 2 factor authentication to be protected???? What? Why would they offer non-two factor access then?
Run, You Clever Boy!

Nate79
Posts: 1222
Joined: Thu Aug 11, 2016 6:24 pm
Location: Portland, OR

Re: "Fidelity and Vanguard Online Fraud Policies"

Post by Nate79 » Sat Sep 23, 2017 9:04 pm

I would check the actual terms and conditions on Vanguard's site, not some stupid consumer reports article.

pkcrafter
Posts: 12001
Joined: Sun Mar 04, 2007 12:19 pm
Location: CA
Contact:

Re: "Fidelity and Vanguard Online Fraud Policies"

Post by pkcrafter » Sat Sep 23, 2017 9:40 pm

When times are good, investors tend to forget about risk and focus on opportunity. When times are bad, investors tend to forget about opportunity and focus on risk.

AlwaysBeClimbing
Posts: 115
Joined: Fri Mar 31, 2017 10:39 am

Re: "Fidelity and Vanguard Online Fraud Policies"

Post by AlwaysBeClimbing » Sun Sep 24, 2017 12:27 am

Nate79 wrote:
Sat Sep 23, 2017 9:04 pm
I would check the actual terms and conditions on Vanguard's site, not some stupid consumer reports article.
+1

Checking VG's online fraud policy I can see no mention of "two factor authentication" being required. Perhaps it was in the past?

User avatar
randomizer
Posts: 562
Joined: Sun Jul 06, 2014 3:46 pm

Re: "Fidelity and Vanguard Online Fraud Policies"

Post by randomizer » Sun Sep 24, 2017 12:33 am

I miss the days when "being able to sleep well at night" referred to your asset allocation. Now, it's about whether your identity is going to get stolen or your retirement savings drained to nothing. Ugh.

User avatar
celia
Posts: 6946
Joined: Sun Mar 09, 2008 6:32 am
Location: SoCal

Re: "Fidelity and Vanguard Online Fraud Policies"

Post by celia » Sun Sep 24, 2017 10:44 am

For me, the most important thing that I can do to minimize fraud involves my password. Using pkcrafter's https://personal.vanguard.com/us/help/S ... ontent.jsp link, it says:
* Make sure your user name, password, and answers to your security questions are unique and strong.
* Never share your user name, password, or other account-related information with anyone.
* Never store your user name, password, or answers to security questions in your browser.
* Clear any temporarily stored copies of online information by closing your browser after signing off. Do not leave your computer unattended while logged on to Vanguard.com.
That includes spouses using each other's sign-ins. If you want your spouse to have the authority to make transactions of your account, fill out and send in the Full Agent Authorization form. If you want your spouse to view your holdings only, use the Limited Agent Authorization form.

How can we expect Vanguard to maintain security on our accounts, if we don't we do our simple part?

User avatar
tennisplyr
Posts: 1306
Joined: Tue Jan 28, 2014 1:53 pm
Location: Sarasota, FL

Re: "Fidelity and Vanguard Online Fraud Policies"

Post by tennisplyr » Sun Sep 24, 2017 10:49 am

Thanks, I've done this for both firms. Was a little surprised that Fidelity was a bit stronger. I chose an option where if someone tries to alter my personal info or make a transaction, a security code would be sent to my cell phone before that action could take place. VG doesn't have that process.
Those who move forward with a happy spirit will find that things always work out.

littlebird
Posts: 1253
Joined: Sat Apr 10, 2010 6:05 pm
Location: Valley of the Sun, AZ

Re: "Fidelity and Vanguard Online Fraud Policies"

Post by littlebird » Sun Sep 24, 2017 11:32 am

AlwaysBeClimbing wrote:
Sun Sep 24, 2017 12:27 am
Nate79 wrote:
Sat Sep 23, 2017 9:04 pm
I would check the actual terms and conditions on Vanguard's site, not some stupid consumer reports article.
+1

Checking VG's online fraud policy I can see no mention of "two factor authentication" being required. Perhaps it was in the past?
When Vanguard first went online, they required the user to agree to reimburse Vanguard for its losses due to your computer use.

AlwaysBeClimbing
Posts: 115
Joined: Fri Mar 31, 2017 10:39 am

Re: "Fidelity and Vanguard Online Fraud Policies"

Post by AlwaysBeClimbing » Sun Sep 24, 2017 5:05 pm

littlebird wrote:
Sun Sep 24, 2017 11:32 am
AlwaysBeClimbing wrote:
Sun Sep 24, 2017 12:27 am
Nate79 wrote:
Sat Sep 23, 2017 9:04 pm
I would check the actual terms and conditions on Vanguard's site, not some stupid consumer reports article.
+1

Checking VG's online fraud policy I can see no mention of "two factor authentication" being required. Perhaps it was in the past?
When Vanguard first went online, they required the user to agree to reimburse Vanguard for its losses due to your computer use.
ouch!

henrikk
Posts: 32
Joined: Sat Oct 06, 2007 9:23 am

Re: "Fidelity and Vanguard Online Fraud Policies"

Post by henrikk » Mon Sep 25, 2017 9:49 pm

Other brokerages may have similar protections. Schwab, for example, says they "will cover 100% of any losses in any of your Schwab accounts due to unauthorized activity."

http://www.schwab.com/public/schwab/nn/ ... ntee.html

- Henrik

Whakamole
Posts: 458
Joined: Wed Jan 13, 2016 9:59 pm

Re: "Fidelity and Vanguard Online Fraud Policies"

Post by Whakamole » Tue Sep 26, 2017 11:10 am

celia wrote:
Sun Sep 24, 2017 10:44 am
That includes spouses using each other's sign-ins. If you want your spouse to have the authority to make transactions of your account, fill out and send in the Full Agent Authorization form. If you want your spouse to view your holdings only, use the Limited Agent Authorization form.

How can we expect Vanguard to maintain security on our accounts, if we don't we do our simple part?
Currently, Mint (and other sites like Personal Capital) require that we give our username and password. Some banks are starting to give "read only accounts" that allow an aggregator to see account activity but not do anything else; meaning if someone hacked the bank, the only thing they could do is see our account balance.

Neither Vanguard nor Fidelity support this yet, but I've been thinking if we could use these "limited agent accounts" as a way to do it. Has anyone tried that?

Post Reply