We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Is Trusteer/Rapport necessary to be protected by banks' fraud guarantees?
Options
Comments
-
Used it for 2/3 years and never seen a problem0
-
it verifies you are on the site you think you are by checking the IP address against its records, and protects against key loggers
It sounds like the bees knees or is it?
IMHO its a sensible choice to use it
its got one more advantage, most virus software aims to stop stuff getting on your system, it works by assuming there might be a key logger, and preventing it working0 -
So to clarify - it hooks API's to log your keypresses and 'check' you aren't re-using passwords, and it 'validates' sites are the "right" ones?
So;
* You'd better trust it at least as much as your wife if you want it logging your keystrokes...
* it must also store these keystrokes, otherwise what would it check for re-use against? Is this central store itself 'secure'? It's definitely less secure than just stored in your brain...
* You'd better hope whatever it's checking the validity of sites against is also impervious. I don't know what it is, but I absolutely guarantee it's not foolproof and impossible to compromise (because nothing is)
What does it do if you go to a 'fake' site, hopefully just warn you? Or does it redirect? If the latter, I can foresee at least a chance of the greatest facepalm moment in IT security history coming up if they get compromised. Or failing that, the worst that could happen is someone gets access to the cache/record of all your passwords that this software is storing...0 -
... and, of course, no one has thought of all this before.
They need someone like you to work for them, then we could all rest easy in our beds.0 -
So to clarify - it hooks API's to log your keypresses and 'check' you aren't re-using passwords, and it 'validates' sites are the "right" ones?
So;
* You'd better trust it at least as much as your wife if you want it logging your keystrokes...
* it must also store these keystrokes, otherwise what would it check for re-use against? Is this central store itself 'secure'? It's definitely less secure than just stored in your brain...
* You'd better hope whatever it's checking the validity of sites against is also impervious. I don't know what it is, but I absolutely guarantee it's not foolproof and impossible to compromise (because nothing is)
What does it do if you go to a 'fake' site, hopefully just warn you? Or does it redirect? If the latter, I can foresee at least a chance of the greatest facepalm moment in IT security history coming up if they get compromised. Or failing that, the worst that could happen is someone gets access to the cache/record of all your passwords that this software is storing...
All that is scary if true but is it?:T0 -
it stores passwords on your pc
it compares the IP address of the bank against the site you are on purporting to be your bank0 -
it stores passwords on your pc
it compares the IP address of the bank against the site you are on purporting to be your bank
And passwords on your PC are easier to obtain than those you just remember.
And it compares the IP address *it thinks* is legitimate against the site you are visiting - which is where (some of) my concern is if the software or wherever it looks up the IP address from is compromised.0 -
And passwords on your PC are easier to obtain than those you just remember.
And it compares the IP address *it thinks* is legitimate against the site you are visiting - which is where (some of) my concern is if the software or wherever it looks up the IP address from is compromised.
should the IP address be compromised then its not going report the bank as fraudulent
if you dont use the software then equally nothing is reported as fraudulent so you are no better off, but in the first case you can blame the bank because you are using their recommended software to detect this happening0 -
NO I don't use it and never intend to its bloatware that isn't needed, I have enough security measures in place to not need to install other random programs / extensions etc0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.1K Banking & Borrowing
- 253.2K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244.1K Work, Benefits & Business
- 599.1K Mortgages, Homes & Bills
- 177K Life & Family
- 257.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards