Security Policy

Federated Investors has long recognized the need to balance access and ease of use against an appropriate level of security in the design and implementation of e-commerce tools. Please read on to learn about the steps we've taken to create a site that makes doing business with us online more secure and convenient.

We employ firewalls, encryption technology and user authentication systems (e.g. passwords and personal identification numbers), along with secured connections (digital certificates) where appropriate on our Internet systems to assure the security of data. A firewall is a combination of hardware and software that operates as a selective barrier to let only authorized traffic through to computer systems. The firewall protects both the computer systems and the information stored on them. Federated's computer systems also generate system and application activity logs, which are reviewed regularly for anomalies and discrepancies, which are investigated thoroughly.

Online Account Access Security

  • You establish a private personal identification number (PIN). This private PIN must be provided every time you log into your account(s). For added protection your private PIN must be a minimum of 8 to a maximum of 32 characters and must contain at least one letter, one number and one symbol.
  • Online access will be terminated after three unsuccessful logon attempts.
  • To prevent unauthorized access to your account via your computer, we use a timeout feature, which means that your sessions will be automatically terminated after 15 minutes of inactivity. If you'd like to continue after this point in time, you simply log on again.
  • We use the latest industry standard encryption technology, Transport Layer Security (TLS), to protect private information transferred from your computer.

Read on to learn more.

What is TLS?
TLS stands for Transport Layer Security. This technology is developed and adopted by all vendors producing secure Web-related software. It is used to establish a secure connection between your PC and the server. TLS allows you to transmit information in an encrypted manner, so all data transmitted between the server and your computer will be completely encrypted even while traveling across multiple networks.

Encryption is achieved through an electronic scrambling technology (developed by RSA, Inc.) that uses "keys" to encrypt and decrypt data. Basically, the information is scrambled for data transmission and can be reassembled in its original format only by someone who has the correct "key." Each party has a private "key" that no one can access, and a public "key" that can be passed back and forth among the parties. Information encrypted with a public key can be decrypted only with the associated private key. In other words, the information you send is encrypted using our public "key." It can only be decrypted by us using our private "key." The same goes for the information we send to your computer-we'll encrypt it using your public "key," but only you can decrypt it using the private "key" that you alone hold. To further enhance security, these "keys" are established at the beginning of your secure session and are used for that session only. The "keys" for each secure session are established and retired automatically by the TLS program; it is not necessary for you to learn to operate an encryption program.

Federated, using the industry standard Transport Layer Security (TLS) encryption, provides the maximum encryption key length (up to 2048-bit) allowed by your browser when transmitting your information. When we talk about encryption, such as 256-bit encryption or 2048-bit encryption, we're referring to the length of the "keys" used to encrypt and decrypt data. The longer the key, the more secure the encrypted data. You could think of the key as a password, without which you can't decode a message. Basically, a 2048-bit key is like a 40-character password (and virtually impossible to decode).

Browser Security
To establish a secure session with our site, your browser must be TLS-compliant. You'll need a Web browser such as Chrome or Microsoft Internet Explorer that supports at least 256-bit encryption. Many other browsers will support encryption, but they may not provide the highest level of security available. To take full advantage of our site's security features, we strongly recommend upgrading to a browser that supports 2048-bit encryption. Newer versions of Chrome and Microsoft Internet Explorer have this capability.