Privacy Policy
Protecting your privacy and the confidentiality of your personal information has always been fundamental within TD Ameritrade whether we do business with you through the Internet, over the phone or in our offices.

More and more of you are using the Internet to do business with us. This site contains the information you need to feel confident dealing with TD Ameritrade over the Internet. Working together, we can safely use the Internet to do business.

For the latest information on issues affecting Internet security visit the News and Tips section of this site.

If you have questions or require assistance, please call the following numbers:
For traditional TD Ameritrade accounts, please call TD Ameritrade Institutional at 1-800-431-3500 or visit your closest customer retail branch.

TD Ameritrade customers who require customer service or have technical questions, please call us at 1-800-431-3500. You can contact us 24 hours-a-day, 7 days-a-week. We're happy to help you.
Overview
TD Ameritrade, Inc. Commitment To Protect Your Information  
Information security is a fundamental policy within TD Ameritrade. All employees of TD Ameritrade are aware of the procedures that must be taken to safeguard customer information. And to us, protecting the confidentiality of your information is more than a procedure - it's part of our jobs. It is specified in our employment agreements and regularly confirmed in writing.
Our Information Systems Security Group
Specific responsibility for ensuring that we have thorough security standards to protect our systems and your information against unauthorized access and use rests with our special Information Systems Security group. This group keeps up-to-date with ever-evolving security issues, tools and methodologies. They consult with all areas of TD Ameritrade to ensure that appropriate security controls are built into TD Ameritrade's procedures, systems and software.
Your Role In Safeguarding Your Information
Our security standards are high. We test every electronic product to ensure that it meets our criteria. However, the software that you run on your own PC and the Internet itself can impact the "secure environment" necessary for Internet transactions with TD Ameritrade. You also play an important role in maintaining the security of your information while using the Internet. You should ensure that you are familiar and comfortable with the security level of your browser and watch for security alerts affecting the software on your PC or the browser you are using. For TD Ameritrade latest News and Tips, including other tips on how to protect your privacy and safeguard your information, click here. For general information on Internet security issues, please review the information included in this site.
  Back to Top
Browsers/Encryption/Firewalls
What is a browser and what does it do?
A browser is what enables you to visit Web sites and view Web pages on your computer screen. Just as a word processor is the software you use to write letters and papers with your computer, a browser is the software you use to surf the Web.
Once on a site, your browser translates HTML programming instructions sent over the Internet into the web pages you are accustomed to seeing. Some browsers are proprietary to an ISP (Internet Service Provider); others are not (Microsoft Internet Explorer).
Back to Browser/Encryption/Firewalls
What makes one browser more secure than another?
Browsers offer varying degrees of security, particularly in regard to encryption:

1. Some browsers allow you to encrypt information, so that the information is scrambled as it passes over the Internet.

2. Some browsers offer more secure forms of encryption than other browsers do.

3. Even the same version of a browser can come with different levels of encryption.

Back to Browser/Encryption/Firewalls
What is encryption?
When trading or viewing your account information online the information is encrypted. Once you have successfully logged on to our Veo services the information sent and retrieved is encrypted.
Encryption is the process of converting information into a more secure format for transmission. In other words, the plain text is converted to scrambled code while being transmitted, and then decrypted back to plain text at the receiving end of the transmission.
It is comparable to writing a letter, converting it to code, putting it in an envelope and mailing it with the recipient descrambling the code.
Currently, there are 2 levels of encryption generally available in web browsers: 40-bit encryption, and 128-bit encryption. Most commonly available browsers use 40-bit encryption. However, the 128-bit browser offers the highest level of encryption generally available in North America today and provides the best protection when transmitting confidential data over the Internet. VEO supports up to 128-bit encryption.
Back to Browser/Encryption/Firewalls
What's the difference between 128-bit and 40-bit encryption?
The difference between these two types of encryption is one of capability. 128-bit encryption is exponentially more powerful than 40-bit encryption.
Think of it this way
40-bit encryption means there are 240 possible keys that could fit into the lock that holds your account information. That means there are many billions (a 1 followed by 12 zeroes) of possible keys.
128-bit encryption, means there are 2128 possible keys, or 288 (a three followed by 26 zeroes) times as many key combinations than there are for 40-bit encryption. That means a computer would require exponentially more processing power than for 40-bit encryption to find the correct key.
Back to Browser/Encryption/Firewalls
How can you determine what level of encryption your browser supports?
Microsoft Internet Explorer
Internet Explorer:
Check your browser with IE
For Microsoft Internet Explorer, click on 'File', then 'Properties', then select the 'Security' tab. From there scroll down to 'Security Strength'. If you are not sure, we encourage you to download and register the most current version of this software. See address below. Be sure to specify the 128-bit version from the list of available software that can be downloaded.
Microsoft displays the icon on the lower right corner of the browser. For a secure environment, Microsoft Internet Explorer (any version) uses a closed padlock; there is no icon for an unsecured environment. Microsoft Internet Explorer does not distinguish between 40-bit and 128-bit encryption on the browser screen.
Although 128-bit encrypting browsers are available for download under certain circumstances, the availability and means of doing so are changing daily. We encourage you to check with your browser provider in respect to the current status.
Follow these steps to take full advantage of Microsoft Internet Explorer's built-in security features.
Make sure that your browser's safety level is set to "High". This selection ensures that Internet Explorer will only download signed or certified code to your computer. Select "View" from the menu bar on top of your browser and then select "Options". When the "Options" screen opens, you will see a series of tabs at the top, select the "Security" tab. Then, select the "Safety Level" button near the bottom of that screen. The screen that opens will allow you to set your security level to high.
You can take advantage of the features that alert you when an ActiveX control, which is a type of program which can be downloaded from the Internet, is about to be downloaded onto your computer. It's a good idea to find out about the publisher or Web site by clicking on the information provided on the security certificates presented before you download an ActiveX program. When presented with certificates from unknown Web sites or publishers, exercise caution.
Most certificates give you the option to turn off future certification notices. Do not select this option if you wish to carefully monitor the source of the programs, which you download onto your computer. You have several other options on the "Security" tab that allow you to choose what types of software can be downloaded onto and run on your computer. If you are particularly concerned about safety, you can choose to:
Not allow the downloading of ActiveX content Disable ActiveX controls and plug-ins Not run ActiveX scripts Disable Java programs To make any of these selections, uncheck the boxes at the bottom of the "Security" tab within the "Options" menu of your Internet Explorer browser.
Back to Browser/Encryption/Firewalls
What is a firewall and what does it do?
An Internet Firewall is made up of a combination of hardware and software which is designed to securely separate the Internet from internal computer systems and databases. At TD Ameritrade, data coming from customer computers via the Internet flows through a series of safety checkpoints on its way to our internal systems. Data is encrypted between the customer and internal systems to protect it from unauthorized disclosure or modification.
Back to Browser/Encryption/Firewalls
FAQ's on Internet Security
Confidentiality means that unauthorized users cannot read any transmissions sent from one party to another.
Integrity means that messages are not altered during transmission.
Back to FAQ's on Internet Security
What steps has TD Ameritrade taken to ensure the privacy and security of your information on its Web Site?
TD Ameritrade top priority is to protect the confidentiality and integrity of its customers' information. TD Ameritrade has ensured that the appropriate safeguards have been implemented each step of the way. The safeguards include:

1. Encryption - all applications and other communications requesting confidential information must be set up in a "secure environment" on our site, transmitted to us securely through the use of encryption and maintained in a secure format upon receipt by us until distribution to the appropriate business area.

2. Firewalls - TD Ameritrade has in place an Internet firewall designed to securely separate the Internet from TD Ameritrade's internal computer systems and databases. Data coming from customer computers via the Internet flows through a series of safety checkpoints on its way to our internal systems so that only authorized messages and transactions enter our computer systems.

3. Monitoring- TD Ameritrade monitors all internal systems to ensure that there has been no security attack or attempted break-in. We also arrange for regular independent security checks on our computer systems to ensure our high standards are being complied with.

Back to FAQ's on Internet Security
What can you do to protect your accounts and personal information using TD Ameritrade Web Site?
You also play a role in maintaining the security of your information. Encrypting your data is the best way to ensure your privacy is protected while using the Internet. Become familiar with the level of encryption of your browser and upgrade for greater protection. Here are some additional things you can do:

1. Use the built-in security features of your browser. Choosing certain security settings and options will help protect your accounts and personal information. For more information, look at our detailed instructions on how to maximize the security of your browser or review your browser documentation.

2. Protect your password by choosing one that is difficult to guess. Avoid words that may be found in the dictionary, as these are easy to guess.

3. Change your password regularly.

4. Do not share your password with anyone.

5. Never write your password down or store it in your computer where it is automatically replayed. If someone walked up to your PC and replayed your logon sequence including a stored password, then they can connect as if they were you. Always key in your password yourself for each logon to TD Ameritrade VeoŽ.

6. Remember to logoff when you have finished with your transmissions.

Back to FAQ's on Internet Security
Can other people view your personal information when you're using the web?
Yes and no. If you have encrypted your data, then it cannot be viewed while it is being transmitted. However, your browser will store information in memory (cache) after it has been sent.
Some sites that you visit after TD Ameritrade may search this memory and obtain information that you haven't intended to provide. To protect yourself from this, clear the cache after visiting a secure site.
Back to FAQ's on Internet Security
How do you clear your cache?
Since the process required to clear the cache differs from one browser to another, please refer to your browser for details.
Back to FAQ's on Internet Security
Does TD Ameritrade support beta versions of browsers?
Not officially, we don't formally test them.
Back to FAQ's on Internet Security
Are there alternatives to applying online?
Yes. You may also request an application by calling TD Ameritrade Institutional at 1-800-431-3500.
Back to FAQ's on Internet Security
What do you do if you have a problem with JavaScript on our online applications?
To ensure that the information you enter on any online application form is not affected and remains confidential, please follow the instructions below to disable your browser's javascript capability prior to completing any application:

Microsoft Internet Explorer: From the main menu choose "View"; "Options"; "Security"; "Run ActiveX Scripts" should NOT be checked. Then close down and restart your browser in order for these changes to take effect.

  Back to Top
Protecting Your Privacy on the Internet
There are three sections in this area:
TD Ameritrade Privacy Code
Protecting Your Privacy
Effective Password Management Practices
TD Ameritrade Privacy Code
TD Ameritrade Privacy Code informs you of our commitment to and policy on privacy. It tells you the ways we ensure that your privacy and the confidentiality of your information are protected. To review the full text of our privacy code click here.
Protecting Your Privacy On The Internet
There are things you can do to protect your privacy over the Internet.

1. Your password is key!

2. Choose an effective password - don't pick your birthday, SSN or another number or word that could be easily guessed.

3. Protect your password. It is your access to your Internet account.

4. Do not reveal it to anyone.

Be familiar with the encryption level of your browser and what it means in terms of your privacy protection. If you want greater protection, upgrade your browser (e.g. 40-bit to 128-bit).
Clear the cache of your browser after visiting secure sites. Browsers generally cache, or locally store, images of pages have downloaded to enhance performance. By clearing your cache after visiting secure sites, you ensure no one else can view any confidential information you may have transmitted. Please refer to your browser for information on clearing your cache.
Effective Password Management Practices
Access Control And Passwords
One of the easier and most effective access control methods is the use of passwords. Although passwords are a convenient way of protecting system access, users often defeat the security measures by carelessness or improper use. It is therefore necessary for all system users to strengthen passwords and ensure their confidentiality at all times.
Weak Passwords
Most users tend to select a password that is easily recallable so they will not forget it. Often a user selects a password based on things like:

1. Personal or family details, possessions, interests, or relationships

2. Dictionary words

3. Dictionary words spelled backwards

4. First names, last names, street names, city names

5. Names of sports teams

6. Valid car license numbers

7. Room numbers, social security numbers, or telephone numbers

Although this seems harmless, such passwords are inherently weak because they can be anticipated and easily guessed by an impostor. Someone trying to guess your password will try your name, date of birth, nickname and those of your spouse and children. A more enterprising impostor, on the other hand, may gather a substantial collection of candidates from dictionaries and mailing lists and search them for your password. At 1 millisecond per possible password choice, it takes less than 4 minutes to search a 250,000 word commercial dictionary. If someone did that to your password, would they get through?
Improving Passwords
A password offers no protection to any system or data if it can be guessed easily. Ideally, passwords should be easy to remember by the user but hard to guess correctly by anyone else. By applying the suggested password selection procedure listed below and ensuring password confidentiality, the strength of a user's chosen password is considerably improved.
Password Selection Procedure
1. Choose a string of alphabetic characters that is easy to remember using one of the following techniques. 1. Type a common word, but shift your hands up or down one or two rows on the keyboard. For example shifting down one row on the keyboard changes "FRIDAY" to "VFKCH." 2. Move one letter in the alphabet for each character, "FRIDAY" become "GSJEBZ." 3. String words together to form one word, like "OMYGOSH." 4. Use synonyms/antonyms for syllables like "SNOWMILK" for "ICE CREAM." 5. Use phonetics ("CHRIS" becomes "KRIS") or reversal ("MIKE" becomes "EKIM"). 6. Create an acronym from an expression. For example, take the first letter of a common expression, such as "This fancy stuff works!" to form the acronym "THFWO."

2. Choose a string of at least 1 or more numbers that is easy to remember and insert it somewhere in the password.

3. Using some rule that you create, combine the string of alphabetic characters with the string of numbers to create an alphanumeric string. This alphanumeric string should be at least 5 characters long. Using this procedure, one might select, say "WCYD" and "129." A possible resulting password could be 1W2CY9D, which is much less obvious than either of the easily remembered sequences. Password Confidentiality Although the Password Selection Procedure will make it more difficult for someone to obtain your password without your knowledge, you must also do the following to make sure your passwords stay confidential: 1. DO NOT SHARE YOUR PASSWORD WITH ANYONE 2. CHANGE YOUR PASSWORD REGULARLY Change your passwords at least once per month, or more frequently for highly sensitive data, to make it harder for someone to gain unauthorized access. 3. USE A UNIQUE PASSWORD FOR EACH SYSTEM Always use a different password for each system you access. 4. IF WRITING IT DOWN, SECURE IT It is strongly recommended that you NOT write down your password. However, if you really must record your password, it should be done in a form recognizable only to you and kept in a secure place. Even in an obscured form, the written record provides clues that someone could use to "break" your password. 5. DO NOT STORE YOUR PASSWORD ON THE COMPUTER
Passwords should not generally be stored in the computer. Function keys should not be programmed with your password to complete a logon procedure. Remember, handle your password like you would the key to your house. It is what stands between an intruder and your data. You wouldn't give a burglar the key to your house, would you?