BPTrade has devoted significant resources at all levels to the issue of client data security. We encrypt all important client data to and from each of our products.
Quote data is not encrypted within our platforms because of the increase in overhead to encrypt and decrypt the large volume of this type of data. We do, however, encrypt all order and account related data to and from the client, and all traffic to the clearing house and accounting back offices are fully encrypted.
At the network level, BPTrade employs very strict firewall rule sets to block all non-proprietary traffic from reaching our client servers. Our multi-tier network architecture further ensures that none of our market data, execution, or database servers is accessible to the outside world.
BPTrade utilizes the industry standard AES (Advanced Encryption Standard) encryption, using the Rijndael cipher algorithm. Rijndael was designed to provide maximum protection against known security attacks, while still retaining speed on a wide variety of platforms and simplicity of design. What this means is that trading performance does not suffer in order to provide secure encryption.
BPTrade's implementation of AES uses 256 bit encryption. Client web page contents are encrypted with a key created from the user's password and transmitted in an encrypted format back to our servers. Once the server receives this information it can recover the original data using the password that it has stored in an encrypted format and complete the required transaction.
The data that is sent to the client is NEVER cached in an unencrypted format on the client's computer. All of the client-side decryption is handled in memory. In plain English, your account information cannot be retrieved from the web browser's cache files.
More information on AES and the Rijndael cipher can be found at the Computer Security Resource Center.