How T. Rowe Price Helps to Protect Your Information

At T. Rowe Price, safeguarding your online security and privacy is a high priority. We use strict controls to help ensure that your online communications and transactions are safe and reliable.

T. Rowe Price will not request personal information via e-mail or text message. You should only provide account information via T. Rowe Price's secure website, when calling T. Rowe Price, or by U.S. mail/express delivery.

To help protect your information we employ:

Encryption

T. Rowe Price uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) technology to establish an encrypted connection between your browser and our Web applications. SSL/TLS websites start with "https://" instead of "http://" and signify that you are in a secure online session with us. To ensure your protection, we require a modern version of SSL/TLS and industry standard encryption strength - these are supported by current versions of all modern browsers. Additionally, T. Rowe Price offers the additional protection offered by Extended Validation (EV) certificates, which are designed to display the browser address bar in a green color and display the true company name (T. Rowe Price) when you are accessing trusted websites such as ours.

Website Verification

In connection with establishing online access for your account, you are required to select an image and input a phrase. This helps to ensure that in the future you are logging into a valid T. Rowe Price website since your selected image and phrase will appear. If your image and phrase do not appear, contact Customer Service at 1-888-358-8490, Weekdays: 7 a.m. to 10 p.m. ET, Weekends: 9 a.m. to 5 p.m. ET.

2-Factor Authentication

T. Rowe Price offers 2-Factor Authentication, which requires you to enter your password plus a one-time Access Code to provide greater security during the log in process. This service is not yet available for investors who only have a workplace retirement account managed by T. Rowe Price.

When you log-in, a unique access code is sent to you via text message to your mobile device. For investors with a T. Rowe Price Brokerage account, you can choose to receive access codes via digital token.

Log in and enroll to receive an Access Code via Text Message, or to order a Token.

User Name Requirements

You may choose any user name between six and twelve characters long. If the user name you select is already in use, you will be prompted to select a different one. Please do not use the following characters in your user name: spaces, " % &' + ; = , ^ ` { }). User names are not case sensitive.

Password Requirements

Your online access password must meet the following security criteria:

  1. Must be between six and 10 characters long.
  2. Have at least two letters and two special characters or numbers.
  3. Cannot be the same as your user name.
  4. Cannot include the following characters: space " % & ' ; = ^,{}.
  5. Cannot have more than three repetitive characters in succession. (For example QRb111 is acceptable, QRb1111 is not.)
    Learn more about creating strong passwords by visiting OnGuard Online, a service of the U.S. Federal Trade Commission and other federal agencies.

Security Questions

If you forget your password, answering the security questions you select will allow you to reset your password online. The security questions are designed to be personal to you. Your answers must be between three and 20 characters long, including spaces, and are not case-sensitive. The answers should also be easy for you to remember but hard for others to guess.

Log in to setup or change your security questions

Notifications and Confirmations

For online transactions, a confirmation statement is mailed promptly after the transaction date. You can choose to receive an email and or/text message alert that a confirmation has been posted to your online account instead of having the confirmation sent by mail, click here to update your preferences. Make sure you review your account activity periodically. For security purposes, you will be asked to provide personal information for identity verification when you call us. When a customer requests a change of address, we send a confirmation letter to both the old address and the new address.

Logging

System activity is logged in order to preserve the information necessary to validate the transmission of data.

Access Controls

Within T. Rowe Price, access to such information is limited to those who need it to perform their jobs, such as servicing your accounts, resolving problems, or informing you of new products or services. T. Rowe Price's network is protected by various security infrastructures, including industry-standard firewall technology and intrusion-prevention systems.

Termination of Online Account Access

T. Rowe Price reserves the right to terminate online account access for any account that exhibits suspicious activity. In such a situation, you will be notified so that we can verify the activity of your online account with you.

How T. Rowe Price handles suspected fraud incidents:

In the event of activity that results in an unauthorized disbursement of funds from a client's account, T. Rowe Price will work with the clients and other parties involved, including law enforcement agents when appropriate, to investigate the incident.

Our goal will be to recover the funds and re–invest the money in the client's account. Each situation is handled on a case–by–case basis and in the event that the funds cannot be recovered in full, potential responsibility will be evaluated by T. Rowe Price based on the circumstances involved in the incident.

Protecting Your Personal Information and Preventing Identity Theft

T. Rowe Price will not ask for personal information via e-mail or text message. Be cautious of any unsolicited message you receive that asks for personal information. Do not respond to or open attachments, or click on links within an e-mail or text message if you suspect the message is fraudulent.

What Is Social Engineering?

Social engineering is a term for manipulating or deceiving people into providing confidential information or performing an action that compromises their personal information. Social engineers are con artists. Phishing is a common form of social engineering that uses fraudulent messages to trick customers into unsafe electronic activity. The most common forms of phishing are e-mails, text messages, and pop-up messages. The motive is to trick you into clicking on a link or opening attachments that infect your computer with malware or into providing personal or confidential information such as your user name and password.

What You Can Do

We recommend our clients practice good computer habits, such as:

  1. Keeping all internet browsers up to date with the latest version
  2. Regularly running anti-virus and anti-spyware software
  3. Keeping the device operating system and software up-to-date with patches
  4. Keeping passwords confidential
  5. Only using trusted networks when accessing personal or financial information
  6. Only using trusted devices with proper security settings to access personal or financial information

Avoid being a victim of a social engineer or scam artist by being an educated and aware online consumer. Learn more by visiting OnGuard Online, a service of the U.S. Federal Trade Commission and other federal agencies. OnGuard Online provides information about avoiding scams, understanding mobile apps and Wi-Fi networks, securing your home computer, and protecting family members.

If you are a victim of an Internet crime, report it to IC3, a service of the U.S. Federal Bureau of Investigation and the National White Collar Crime Center. You should also report attempted identity theft to the local authorities as well as to the Federal Trade Commission's Complaint Assistant Application.