Securing communications to reduce online fraud

Linda Musthaler
By | January 26, 2012

Posted in: Network Security Trends

The last decade has seen huge growth in the number of U.S. households that use online banking and online bill paying services. Some  72.5 million households participate in online banking, with 36.4 million using the Internet to pay bills, according to the Fiserv 2010 Consumer Billing and Payment Trends Survey. Those numbers represent a an 84% increase in online banking and 78% in online bill paying in the decade since 2000. The number of online bill payment users receiving e-bills is also increasing.

There is a significant risk of cyber attacks against the financial services industry. Not surprisingly, cyber thieves have taken note of those figures and are targeting consumer and small business’ online banking activities.  Phishing scams, man-in-the-middle and man-in-the-browser attacks, keystroke loggers and banking Trojans such as Zeus can make online banking a risky activity.

Banks and credit unions that offer retail and commercial online banking typically build multiple layers of security around their applications. While the banks can control what happens on their end of the transactions, it’s difficult to secure millions of customers’ end point devices that are often infected with all sorts of malware.

Recently,  I’ve been interviewing the IT and security managers at the financial institutions in preparing case studies  for security vendor Trusteer, whose Rapport product is designed to secure online transactions. The customers unanimously say the product is 100% effective;  based on that kind of customer feedback, I  felt it’s worth sharing with you, especially since it can be used not only for online banking, but with any web-based application. If it works for them, it might be something worth investing

(In full disclosure, Trusteer, paid me to write the case studies. They have no involvement in this post).  Rapport is designed to create a secure communication tunnel between a client PC and a web-based application; for example, online banking or customer relationship management. The solution locks out any possibility of man-in-the-middle or man-in-the-browser attacks and mitigates any risk from keystroke loggers, banking Trojans, etc. intended to steal credentials or sensitive data.

Using a lightweight agent, Rapport establishes three protection layers on the client computer:

API blocking. Rapport.   controls operating system API calls that malware can use to access information or tamper with the session. When the user is connected to a website protected by Trusteer (i.e., the application), malware can’t use OS APIs to read keystrokes or capture the screen. It can’t access the browser to read or write data. It can’t use commands to inject or alter transactions, and it can’t capture session cookies stored by the browser.

Encryption. All information that travels between the user and the browser is encrypted. Keystrokes are encrypted as soon as they are generated by the keyboard driver all the way to the browser.  Further, the temporary information that the browser keeps and all the information sent from the browser is encrypted until it is being transmitted over SSL to the protected website.

Delivery confirmation. Rapport ensures that information submitted by the user reaches the intended website and validates the website’s IP address through a secure DNS server operated by Trusteer. Should a browser connect to a malicious IP address such as a phishing site, Rapport immediately diverts the traffic to the correct IP address. Rapport also validates the SSL certificate and ensures that it really belongs to the website,, even if the attacker managed to tamper with the browser’s certificate store.

For my case studies, I’ve interviewed several banks that have all used Rapport for more than a year. In each case, Trusteer Rapport has been completely effective in preventing online fraud. The banks have had zero breaches of their online banking applications.

You May Also Be Interested In: