Rapport Security

By | March 10, 2011

Arden asks about additional bank security
One of my bank accounts (I wish I had some money in them, I would share) introduced a security program Called Rapport Security. Supposedly it can be used to secure any website. Is it a good thing to use as extra security? Is it really needed?

Our Answer
According to what we’ve been able to find out, this software acts to prevent so-called “Man In The Middle” attacks. A man in the middle would be someone who is monitoring traffic between your computer and the site you’re on and intercepting the transmissions between your bank’s computer and your computer. But since, as far as we know, all banks use secure servers and the data sent between your computer and the banks is already encrypted, we’re not sure how much good this extra-layer of protection would do.

According to Tusteer’s Web site:

“Rapport is a service for online financial, retail, healthcare and government institutions that wish to protect their customers’ transactions being tampered with or Privately Identifiable Information (PII) being stolen whilst connected (or trying to connect) to the institution’s website.

The Rapport service includes a lightweight browser security plug-in, as well as cloud-based analysis and reporting services. The lightweight browser security plug-in is installed in-flow when the customer first visits the Web site. This one-time process takes a few seconds and is very similar to a Flash viewer (also a browser plug-in) installation. Customers who have already downloaded the Rapport plug-in from another Trusteer partner do not need to download anything!

Rather than try to clean malware from the desktop, Rapport acts like a vault inside the browser protecting Web pages downloaded to the browser, as well as data entered by customers in response to those pages. Malware cannot read or alter these pages or the information customers enter into them. PII, transactions, and Web site integrity is preserved.

Rapport prevents redirect and fraudulent Web site attacks through strong authentication of trusted Web sites before releasing sensitive information from the vault. By securing browser data in the vault and then ensuring that outbound data is sent only to trusted sites, Rapport eliminates any criminal entry point….”

This doesn’t secure all Web sites, even if you install the toolbar. It only secures Web sites who are using the Rapport Security service. If you’re confused – so are we. It sounds like a bit of overkill to us. Nothing beats common sense things like not clicking links in emails from financial sites or site which require you to enter personal and confidential information; or having and keeping good antivirus and antispyware programs on your computer and keeping them up-to-date.

Since the Rapport consumer toolbar only works with sites that have the Rapport Security system installed, the extra layer of protection it would afford would depend entirely on the number of Web sites that actually use the Rapport Security system. And right now, it seems, not many do.

Leave a Reply

Your email address will not be published. Required fields are marked *