FYI - Eset got "dinged" on the simulator test because its banking and payment protection feature didn't auto open the bank's web site: https://online.budapestbank.hu/login.html?lang=en used in the test. This was so because Eset doesn't always have a complete internal worldwide list of all bank web sites. Standard procedure in these cases is to exit the browser and then start up its banking and payment protection feature manually via desktop icon access. Then manually enter the bank's URL. As noted in the report when accessed as such, Eset did detect the simulator. Personally, I always access my bank's web site this way. I clear all temp files, cookies, etc.. at browser shutdown. As such, I don't have to worry about any "residual crud" left in the browsers memory or disk space from an existing web surfing session. -EDIT- I also just noticed that that simulator test was performed using Edge. Appears MRG was unaware that Eset does not officially support Edge for its Online Banking and Protection feature. In any case, this fact is immaterial since the above test bank web site does not auto open the feature in IE11.
So basically you have all those incorporated in AVs except the only one that most banks recommends (Trusteer Report)....
MRG did a commissioned test in 2015 of Trusteer Rapport vs. Webroot here: https://www.mrg-effitas.com/wp-content/uploads/2015/07/Webroot-SecureAnywhere-Versus-Trusteer-Rapport-Comparative-Analysis-2015-Q2.pdf. In that testing, it did not fair well. This is the only AV lab test of it I could find. Such testing would be applicable in your situation where you are running a stand alone version of TR not associated with any particular bank TR server installed software. -EDIT- The main point to note is given in the conclusion section of the report that states TR's maximum protection is only achieved when accessing a bank partner's web site; i.e. it is using TR's corresponding server software. Also you might check out Kreb's comments on Trusteer Rapport; especially if you value your privacy. It's EULA has a few undesirable provisions in that regard. -EDIT- @Triple Helix see if you can get Webroot to "spring" for new commissioned test.
I don't see the need as they did so good in this test. The thing is all Web pages are protected by WSA's Identity Shield if the said Browser is listed!
thanks for the link. the version i have is TR endpoint security, i guess it is the client-side version offered by my bank with their own settings (i admit i never used it before, never felt the need), but since i saw it offered by my bank, i got curious. will check, thx.
Appears IBM has moved it to the cloud: https://www.ibm.com/us-en/marketplace/phishing-and-malware-protection/details#product-header-top . This might also have resolved the system performance issues that were common when it was installed locally. Other than that, appears the rest of my prior comments about it are still applicable. That is maximum protection when using it is only achieved when accessing a partner web site i.e. it has Trusteer Rapport server software installed. Basically, it works as a point-to-point VPN connection. Quarri had a similar cloud based "armored" browser product called MyPOQ. Look's like Quarri is out of business; probably bought out by IBM. Bottom line - I think most people would want secure payment protection for additional transaction processing besides a secure connection to their bank. Also TR is not compatible with any other AV based banking and payment protection feature that I am aware of. If TR is installed, the AV feature won't work.
