Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

HSBC locks browsers with anti-malware filter

Tames browser hijacks.

Article comments

HSBC has started nudging its online bank customers to download a free security app it reckons can protect them from the predations of banking Trojans, phishing, and keyloggers.

The application in question is actually Trusteer's Rapport browser plug-in, which protects a user's the browsing sessions while visiting specific websites. The plug-in embedded its own default selection of banking institutions (including HSBC and Alliance and Leicester in the UK), but the user can add additional ones as they choose, although this limits some security features.

When visiting one of these sites, Rapport blocks any attempt to take control of the session by malware, which could include man-in-the browser, keylogging and screen capture, session hijacking, and DNS redirection hijacks.

Other invisible layers of protection include secure DNS via Trusteer's site - a block on redirection attacks - and a secure internal store for all data worked on during an online banking session. Bank IP addresses are verified and communication to and from the bank site is encrypted, a feature Trusteer points out is also useful when using open public Wi-Fi hotspots. Users can monitor and configure the app using a green (on) or grey (off) icon which installs itself on the browser toolbar.

"Download rates have surpassed our most optimistic expectations," said HSBC's digital security manager, Nick Staib. "Rapport is software that I use myself and I am happy recommending to friends."

The app allows for some nice features such as receiving a weekly report on different types of security and browsing events, and there is also an optional feature to allow Trusteer to remotely collect data on any attacks encountered.

It is worth noting that any bank or site not embedded within the app will face some limits on the security features it can access. Rapport does not support full traffic encryption for added sites (only for passwords on these sites), screen grabbing protection will not work, and fraud and transaction tracking, which requires bank involvement, is obviously turned off.

Rapport is really the thin edge of a slowly growing movement, that of whitelisting. The principle behind this is that a user does not know which sites are malevolent but does know the few sites that are not. Focussing on securing access to these is the conceptual strength of its design.

Unlike some past attempts at securing browsers through plug-ins, rapport is also pleasingly low-key. Installation happens in seconds, requires no browser reboot, and seems to consume almost no memory. Turning the app off involves entering a CAPTCHA.

Supported browsers include Microsoft's IE, Mozilla's Firefox and Google's Chrome, and works on Windows XP, Vista and 7, as well as Apple OS X Tiger. The application is free as long as the number of protected websites (including those already embedded) does not exceed 100.

Anyone not downloading the app through a supported partner should visit the Trusteer website.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *