Affordability and digital know-how are steering more and more investors to robo advisors, and that can mean good or bad news for financial consumers.
“Low-cost, automated investment advice is set to become the core of financial planning services, with market potential of $19.5 trillion assets under management, according to a new report from Dublin, Ireland-based Research and Markets.
Yet with the massive Equifax (NYSE: EFX) breach still on the minds of consumers and companies, there are potential risks for investors using robo-investment platforms. Do investors know their data is safe? What are robo advisors doing to protect investors’ data? And most importantly, what steps can investors take to maximize their data’s safety?
[See: 7 Great Ways to Buy Energy Stocks.]
Experts say robo-portfolio users shouldn’t worry about their digitally-based investment services providers, although they may want to focus on their own computers, laptops, tablets and smartphones instead.
“Robo-investment platforms have bank or military-grade encryption,” says Robert Siciliano, an identity theft expert at IDTheftSecurity.com. “They have everything to lose and nothing to gain by being breached.”
Siciliano does say that “nothing is 100 percent secure”, but the “path of least resistance is not necessarily the site itself but the user’s device.”
With malicious software on a user’s device, a criminal can remotely see the websites visited and the usernames and passwords typed. “This is how a robo account can be compromised,” Siciliano says. “Additionally, if the user’s email is compromised generally as a result of malware, then it is inevitable funds will be transferred out of the victim’s account.
“If two-factor authentication is set up that requires the users mobile phone to log in, then the account holder has a fighting chance,” Siciliano adds.
Others say that robo-investment firms are keenly aware of client data safety — it’s an issue at the top of a firm’s priority list.
“In general, because the stakes for survival are so high, especially when the margin of error is so small with the public’s hard-earned savings and retirement, robo-advisors are highly sensitive to data breaches and consider investor data and account a top priority and of vital importance,” says Scott Schneider, president of Zacks Advantage, a Chicago-based robo-investment advisor.
[See: Hot of the Grill: 8 Tailgating Stocks.]
Schneider says that, beyond the initial online onboarding process of automated questionnaires and account creation, “digital-based investment firms follow the same process of managing accounts and portfolios as every major bank and financial institution.”
Working closely with big Wall Street behemoths who have invested heavily in data protection, helps, too, he says.
“We have a trade clearing and custodial relationship with Schwab, and most robo-advisors are either owned by major financial institutions or clear, trade and have custodial relationships with a major financial institution,” Schneider says. “While anything is possible in terms of exposure to data breaches, major financial institutions spend a tremendous amount of resources to ensure investor capital safety since it is a life or death benchmark for their long-term growth and survival.”
Schneider advises investors who are anxious about the security of their data to ask some pointed questions to their digital money managers. “To protect oneself when investing with a robo advisor, the most important thing is to look under the hood and find out who they trade and clear their trades through and what custodial relationship they have where your money is being held,” he says.
There are other levels of security that customers should look for when working with robo advisors, says K. Alexander Ashe, chief executive officer at SpendCast, a personal financial app provider.
Basic data safety involves SSL certificates to protect data entered at a website or a web service, Ashe says. “On an advanced level, robo-clients need the assurance that data stored internally is encrypted, and that there’s a high-level corporate data security plan, and that two-factor authentication is being used.”
“What really helps is an experienced chief information security officer and/or chief information officer,” Ashe adds.
On a more direct, actionable level, Ashe encourages robo-investors to never enter data on a website without SSL certificates. “Also, make sure to use a complex password, preferably a phrase for complexity and memory that combines upper and lower-case letters, numbers, and special characters, and use different passwords for different websites.”
“In addition, check your credit report at least quarterly for suspicious activity,” he says.
[See: 8 Things to Consider When Choosing an Online Broker.]
The best defense against data loss is for robo-investing consumers to rely on the expertise of their digital investment firm, but to also take action on their own to secure their financial data.
“Obviously the larger companies have the dollars to create greater firewalls against a breach but even the best can be breached,” says Lou Cannataro, a partner at Park Avenue Financial, in New York. “We tell our clients to be proactive and assume at some point in their life with the world becoming digital, that somehow, some way their identity may be used or stolen.”
More from U.S. News
7 Investment Fees You Might Not Realize You’re Paying
10 Stocks Paying Dividends for More than a Century
Is Your Data Safe With a Robo Advisor? originally appeared on usnews.com
