I have a desktop PC with no camera on it. It works for me as if I want to use video for whatever reason I just use my laptop or phone. Is there a way I can set up the PC as a trusted device? On attempting to log in it requests an auth code which I can verify with my phone, but then fails at the next step as it wants a video every time, which apparently has to be on that device, and not another one which Iāve got control of. Any way around this?
Thanks
Iāve used my laptop for the first time today and had you verify a code sent to my phone, but didnāt have to photo verify.
Good to know, in which case itās odd I canāt use my desktop PC without creating a video.
I had the same issue, and ended up borrowing a usb webcam from another pc. Used it once for the verification and then disconnected it. Now I can login without verification prompts.
I have the same issue one one device I use, when I reached out to support they told me that there is no way around this, that I must verify with a camera if I want that device to be classed as a trusted device.
Unfortunately that device uses a VPN for work and such, and even if I plug a camera in and follow the camera trusted device process, it may lose its trusted status, if I connect via hte VPN for instance.
today my daughter tried to login on a computer and got the popup that she had to do a video id check. She logged in using her phone and did the id check but still cannot log in with the computer which has no camera and it demands a video id check but then says āyou donāt have a camera on this deviceā
T212 are making it impossible for people to access their accounts
My concern here is all the coverage of AI-generated deepfakes. Has this changeāthat camera feed be used instead of two-factor authentication using a phone number known to belong to account holder opened a door that was closed? Hope things are in place to prevent video feed deepfakes.
I guess itās theoretically possible (video recordings and possibly deepfakes are known to be able to get around facial recognition on a lot of Android devices for example).
The behaviour Iāve seen though on my account is that itās not a replacement for 2FA. In fact, you could call it more like 3FA because it still requests video verification after Iāve logged in with a password, AND verified the login with an authorisation code generated on a trusted device (usually my phone).
Iām having the same issue. I just want the live trading screen on one of my monitors so I can keep an eye on what is happening.
I understand security is a concern but demanding a passcode every few minutes is just stupid. My suggestion would be to put account details, buying and selling, withdrawals etc behind a password/biometric wall but let the live market tracking stay on screen.
I could just duplicate my stocks into Google finance and get the same live market info. Which is probably what I will do if this is not fixed. And it needs fixing.
Agree with all of the above. I made an official complaint about it, because thereās some people with disabilities that might not be able to use a camera on their desktop computer, or be able to enter the auth code within time.
I understand the need for security, but requiring desktop users to purchase a webcam seems like a step too far. If thereās a prompt on an already trusted device (like my phone) that a new device logged in, that prompt can be extended to trust that device.
Itās a silly restriction that assumes everyone accessing their account is doing so on a device with a camera (laptop, tablet, mobile).
I had an issue with this because as others have said the device identification appears to based off the connection IP and is not intelligent enough to handle VPN. The help desk raised it to a complaint as there wasnāt anything they could do. Needs devs to come up with a better implementation or at lease give users the choice so they can opt out of the R&D.
There is no legal requirement for this and two-factor auth is quite adequate.
Something that occurs to me is that they do have a workaround - when I originally signed up it was with my PC with no camera, and at some point during the process it asked me to link to the phone (by QR code) in order to photograph ID documents and do the video verification thing. It worked fairly seamlessly. Why can they not do the same thing for just signing in, if they must use video verification?
I do agree with the comment about disabled users, who may find all this even more difficult to deal with.
I never had to make a video to log in. However i have to do it to withdraw money to my bank account even though i am logged in using 2FA already. This is a pain sometimes, i had the case i was in quite dark room and it didnt recognise me and asked me to upload ID pictures instead but it was blocked in between the 2 sides, only the front picture i could upload. It worked after several attempts but it is frustrating to struggle to withdraw your own money when you already had to use a 2FA to be logged in and you are using a bank account already registered in the app anyway and used multiple times to deposit and withdraw money.
Hello everyone,
I want to share my absolute frustration with the current state of āsecurityā on this platform. What Trading 212 calls security improvements are, in reality, a series of critical security holes and user harassment.
1. The āAlert Fatigueā Risk I explicitly refuse to use facial recognition, but more importantly, I refuse to use the āTrusted Deviceā feature altogether. I prefer the higher security standard of 2FA via Google Authenticator for every login. However, T212 punishes this secure behavior by spamming my inbox with āNew Device Loginā emails every single time I log ināwhich happens multiple times a day due to constant automatic logouts.
By flooding my inbox, T212 is training me to ignore security alerts. If my account is actually compromised, I will miss the real alert because it will be buried under 10 other identical emails from the same day. This is a textbook example of āAlert Fatigueāāa dangerous security design flaw.
2. The āTrusted Deviceā is a Security Hole T212 pushes the āTrusted Deviceā feature as if it were safer. It is not. Marking a PC as āTrustedā creates a static point of failure. You verify the hardware once, and from then on, the 2FA protection is essentially disabled for that device. If a hacker gains remote access or if anyone else sits at that PC, they have an open door.
I choose NOT to create this hole in my security, yet the platform makes the user experience unusable unless I surrender to this flawed ātrustā model.
3. Official Complaint & Regulatory Consequences I have already filed an Official Formal Complaint regarding these issues. Under EU Directive 2013/11/EU (on alternative dispute resolution) and local regulatory frameworks (like CySEC or FCA rules), a broker cannot simply ignore a formal complaint.
Legal Obligation: Once a formal complaint is recorded, they are legally bound to provide a āFinal Responseā within a strict timeframe (usually 8 weeks).
The Ombudsman: If they provide an unsatisfactory response, I have the right to escalate the case to the Financial Ombudsman. This costs the broker significant money in case fees and puts their āsecurityā claims under independent expert review.
Conclusion: Trading 212 claims they do this for our safety, but they are actually penalizing users who choose stronger security (2FA) over their flawed āTrusted Deviceā model. If more users filed formal complaints instead of just posting on the forum, T212 would be forced to fix this broken workflow.
Fix the session timeouts. Implement a āView-onlyā mode. Stop the email spam for known browsers using 2FA. Stop the security theater.
This is starting to get really annoying now.
I want to use Trading212 on my desktop PC. I donāt want to buy a webcam just to do this. But to do this, I need to have my phone next to me because it logs me out every 3 hours or so, and I need the auth code.
In the last 5 hours I have done this 4 times. And each time received an email saying āYour Trading 212 account was logged in to from a device you donāt usually useā. Each of them have the same User Agent, Location and IP Address, so itās obviously a device I do usually use.
This doesnāt help security at all. If I do give in and buy a webcam, then that device stays continuously logged in without any mechanism to log it out. On my laptop, for example, if someone steals that, they can access my account without any authorisation, other than the password to the desktop itself.
@Bogi.H / @KrisG - Sorry to @ you, but can you advise if T212 would be willing to explore alternative ways to Verify our identity other than by using a Webcam. Not all devices have this option.
Me personally I wouldnāt even mind a push notification to the App on my mobile phone, which has faceID enabled to accept its me, and authorise by Biometrics that way (which IBKR does). But I am not prepared to plug an exterrnal camera in each time, and regulary would lose trusted status due to VPN usage and other factors.
Thanks everyone sharing your thoughts on the topic. Let me shed some light on how the mechanism works. Thereās a big difference between a standard login and ātrustingā a device:
Because ātrustedā status removes that extra layer for future logins, we have to be 100% sure itās really you approving it - not just someone who got hold of your password or managed to obtain a code. Thatās why a selfie/video check is required to mark a device as trusted.
So if your device doesnāt have a webcam (or itās disabled), it wonāt be able to become ātrustedā on that browser. In that case, you can still use the platform - youāll just stay on the standard login flow (password + 2FA) each time.
In that case, you can still use the platform - youāll just stay on the standard login flow (password + 2FA) each time.
Itās not on every login though. I think I would have less of an issue if it was. Itās every time the page refreshes. So if itās on a tab in the background that unloads, you need to enter a new code. If you have a multiple monitor setup and itās on a window you havenāt focused for a while, you have to enter a new code. Itās also not always obvious you need to enter a new code. A few times yesterday I tried to search on the visible page on my second monitor, and search wasnāt working because it had decided I had ālogged outā and didnāt bring up the prompt for the code.
Thank you for the reply Bogi. I will mark this as the solution because it directly answers the question, and I will know not to click āremember this deviceā on this particular PC. I appreciate that you take the security of the platform seriously, however I would ask that you could consider some of the comments here as Iām sure there are many of us with a PC with no web cam and the āstandard loginā poses some real usability problems for some people, for example:
Thanks