Why Special Bank Protection

Discussion in 'other anti-virus software' started by JerryM, May 1, 2013.

Thread Status:
Not open for further replies.
  1. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Obviously no one wants his financial information compromised, but if I have a good AV why do I need something like Trusteer Rapport?

    I have AVs that have special protection built in like Safe Money so I am not asking for myself but wonder how information is intercepted or why any good AV would not provide protection.
    I realize that tests show they do not, but how is your information compromised?

    Thanks,
    Jerry
     
  2. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,734
    how - same question as usual - how gets malware onto the system?
    - by unsafe (or old) browser
    - by drive-by (java, pdf, flash)
    - by usb-stick, disk, cd/dvd, external drive
    - by illegal stuff (purpose)
    - by adware with standard installations (recommend: user chosen setup)
     
  3. JRCATES

    JRCATES Registered Member

    Joined:
    Apr 7, 2005
    Posts:
    1,203
    Location:
    USA
    I think what Jerry is asking, is what makes "Trusteer Rapport" BETTER than an antivirus that SHOULD handle all of those things that you mentioned (?)

    In other words....

    1) is the antivirus software that offers "banking protection" FAULTY in the protection that it offers?

    2) does "Trusteer Rapport" do something special that the antivirus software does NOT? Or...

    3) Is Trusteer Rapport simply "another layer" operating on the premise that "you can never have enough good security when it comes to your financial information"?
     
    Last edited: May 1, 2013
  4. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    977
    Location:
    Paris
    Sad thing is that your credentials are probably safer on your computer than on the Bank's servers (don't go overboard).
     
  5. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Thanks, JR for clarifying it.
    cruelsister, I am not sure what you are saying.?
    If we do any financial transactions on-line then information is on the bank's servers is it not? What do you mean by going overboard?

    When I mention special protection for on-line banking folks tell me about their AV, and the bank's security. That is OK, but I wonder why a first class AV such as Bit Defender without a "Safe Money" type component is not safe? I realize nothing is 100%, but maybe the TRs are and a normal AV is not.o_O
    How is the interception of information made?

    Thanks,
    Jerry
     
  6. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    BitDefender's Safego uses a proprietary "hardened" browser which I would trust more than a regular browser that could be exploited regardless of if Trusteer was active for the connection.
     
  7. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    Most of this stuff is really just marketing taking advantage of some paranoia. Most major banks will cover any and all fraud that occurs on your account, period. So there really isn't anything to worry about.
     
  8. JRCATES

    JRCATES Registered Member

    Joined:
    Apr 7, 2005
    Posts:
    1,203
    Location:
    USA
    Exactly. It's Bitdefender's own browser which is known as "Safepay", and uses sandbox technology.
     
  9. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    I can't argue that, but what I want to know is why is not an excellent AV adequate protection.
    It may be that there is some sort of sandbox that protects better.

    Even though the fraud may be covered there will be a lot of time and stress before it is cleared up, I think.

    Jerry
     
  10. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    True, it's best to prevent it from happening to begin with. My bank says it would take anywhere from 7 days to 30 days to clear up and reimburse you, depending on the dollar amount involved. Meanwhile, they freeze your account, and it's a hassle. Anyway, I don't know the answer to your question, so I can't help there.. sorry. :)
     
  11. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    I've used Quarri's My Protect on many occasions without any issue. I use it anywhere I'm accessing personal information even at airports and such. The idea behind it is to be able to browse securely even on a machine that might be infected. The down side to these types of technologies is that you have to trust them as well as testing organizations on whether you are truly protected or not.
     
  12. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Thanks for the comments, All, my biggest concern would be to have to do financial transactions using an unsecured WiFi in a hotel. I don't travel much anymore so it is as much curiosity as need.

    Regards,
    Jerry
     
  13. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,082
    Location:
    Netherlands
    First phase infection
    Browsers had (have) options for silent installation of add-ons (extensions, plug-ins, skins, user scripts, active-X, etc). Also users can be tricked to lower the 'change my browser' threshold' (invisible/overdrawn window pop-ups, through links from other, social engineering, sources). This type of financial malware installs itself in your browser as an add-on or through add-on triggered process changes (e.g. dll).

    So Trusteer Rapport prevents unintended sneaky browser changes (Hitman Pro alert checks whether your browser is changed at startup). When your browser is not changed changed, infection chance of MITB malware is minimal.

    Second phase misuse
    Like phising websites and keyloggers try to steal your credentials by rerouting you to a seamingly identical website and logging your security/identity credentials, financial malware lays waiting in your browser and is triggered when you initiate a financial transaction (e.g. a payment service or your on-line bank). The malware intercepts your requests and captures your keystrokes. So when you think you are on for instance your "First Chartered On-line Banking webpage" you are actually communicating with a mirror (a detour which is operated by the financial malware).

    So Trusteer rapport checks whether your are on a strong HTTPS/SSL encryption, checks the certificate of the website and checks the IP-adres of the website (so you are really communicating to "First Chartered"). It also encrypts keystrokes, prevent screenprints and closes the internal doors in your browser (to prevent data leakage from secured to unsecured zone's/links/pages).

    Other Secure Safe Banking
    Some AV's have secure safe banking options, some HIPS also (e.g. DefenseWall, BufferZone Pro), some HIPS/AV's like WSA have a feature which triggers on any HTTPS website (so you this website is protected automaticcally and does not need to be added manually). These extra options often come with more user friendliness and a price.

    Trusteer Rapport Pro's and Con's
    When you know your way into Trusteer Rapport's settings and how to add protected websites, it is actually a good additional layer (yes like any other security it is not 100% and yes it feels a heavy on dual and single core PC's). When you own a four or six core CPU with fast SSD and/or RAM disk all these performance bla bla is a non issue. EDIT: the feeling heavy is not related to browsing but to browser launch/start, so feeling heavy is often parotted and sometimes overstated (thanks Fax :).



    Regards Kees
     
    Last edited: May 2, 2013
  14. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,730
    Location:
    localhost
    Contrary to the common knowledge here, I have tested it on a 10 years old PC and there is no noticeable impact on its performance. This is even if run at the same time with a security suite. :)
     
  15. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Hi Kees,
    Thank you for the explanation. It clears up the problem for me in realizing that the browsers are a big part of the vulnerability.

    Regards,
    Jerry
     
  16. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,127
    Location:
    USA
    Part of the answer to your question is until recently many antivirus/security suites did not have the specific protections included in Trusteer Rapport (TR), but that has changed. Now a number of suites protect against keyloggers, DNS poisoning, browser vulnerabilities, etc. There is a lot of overlap between these suites and TR, and TR does not necessarily add additional protection depending on what else you're using. My own experience with TR is that it generally slowed down browsing and although it says it "Works alongside your existing anti-virus software and firewall" (from the Bank of America TR download page) it is a good idea to check Trusteer's website to confirm compatibility with the other security products you're using.

    You specifically mentioned financial transactions over open Wifi. Note that a VPN (virtual private network) is needed to protect against session hijacking when using open wifi. TR does not include a VPN, nor do any of the AV/suites. It is a separate subscription service and definitely worth it if you use open wifi IMHO.
     
    Last edited: May 2, 2013
  17. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    HI victek,
    [ Note that a VPN (virtual private network) is needed to protect against session hijacking when using open wifi. TR does not include a VPN, nor do any of the AV/suites. It is a separate subscription service and definitely worth it if you use open wifi IMHO.]

    I did not realize that. I do not travel much anymore so don't really have a problem. However, I am surprised that there I don't hear of problems associated with unsecured WiFi. Maybe it is a case of probabilities with the numbers of users.


    Thanks for the information.

    Regards,
    Jerry
     
  18. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,127
    Location:
    USA
    Here's some info about session hijacking - definitely something to take seriously. I won't do email on open wifi, let alone online banking without a VPN.

    http://en.wikipedia.org/wiki/Session_hijacking

    http://www.gizmag.com/firesheep-http-hijacking-tool/16726/

    http://marketmoose.com/2011/11/3-ru...ssion-hacking-of-your-laptop-or-other-device/
     
  19. whitestar_999

    whitestar_999 Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    101
    all these software protections are fine but the one i trust most is the OTP delivered over a registered mobile to authenticate each financial transaction.many banks(& in my area all banks) provide this service so ask for it & if it is present take it immediately.though this method is also not fool-proof but it is far more harder to clone a mobile after disabling the original one not to mention a clearly identifiable electronic trail in your home country compared to some wild goose chase across the world ending in china/russia.
     
  20. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Thanks, both of you. I have learned some things on this thread. I appreciate the help.
    Jerry
     
  21. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,127
    Location:
    USA
    Very good point. My bank offers "dual authentication" using SMS to a mobile phone to protect account logon. They also offer instant email notification for all account activity.
     
  22. mhl6493

    mhl6493 Registered Member

    Joined:
    Apr 20, 2010
    Posts:
    230
    Location:
    Tennessee
    I don't want to hijack Jerry's thread, but I'm very interested in this as well. What are the best VPN services out there, in your opinion? I do a lot of traveling, so I really need to look into this more seriously...
     
  23. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Ah, an actual user. Thanks for the feedback.

    I know Quarri's Protect on Q was one of the few stand alone selections that passed Malware Research Group bank security test. I don't know if they have tested My Protect which I beleive is the free product designed to run in any supported browser? Protect On Q uses a standalone "hardened" browser.

    BTW - Trusteer also passed the MRG test.
     
  24. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    Yes as hotels and hotspots are unsafe or can't be trusted a VPN is necessary. http://www.howstuffworks.com/vpn.htm

    HTH,

    TH
     
  25. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    It's OK. Let's see what we can learn?
    Jerry
     
Loading...
Thread Status:
Not open for further replies.