Came across this Trusteer tool after reading an excellent Byron Acohido recent blog about Internet banking security.

Trusteer have a solution call Rapport, that it claims will secure end-to-end connectivity between the client browser and banking portal or any website. 

“Rapport builds a “secure pipe” inside the desktop which hides credentials and communication with the Website from malware and fraudulent Websites.”

 trusteer04The free version comes with certain limitation, like the amount of sites you can protect. And currently it does not support Google Chrome.

Initial installation and testing seems to work well but you may want to tweak the default Security Policy, since a few options is not enable for your own sensitive websites.

During installation, you can opt to participate in sending events to Trusteer’s central server.  And base on the analysis the central server can send commands to the Rapport client to counter the attack, sound like a version of botnet’s command & control concept, how flawless it will work? I really wonder.

“The central service runs extensive tests to determine whether the activity is fraudulent. In an event of fraudulent activity the central service instructs Rapport to more aggressively block the threat.”

Rapport works with the assumption that the desktop is inherently unsafe, so, whether this approach is the panacea of our headaches with Internet security, the jury is still out.

Although the tool concept sound great, it’s still not for the faint hearted or those who are not-so-techie, like, it uses CAPTCHA to stop a service and sometimes you see errors pop-up and may even slow down a little when you log-in, but overall, it’s another useful tool to add.

Let me know your user experience.

Update (04 March): Found a video that claimed that Rapport can be circumvented with a trojan, it shows the key strokes were being captured. The link points to an URL in Russia, so, becareful if you want to view it.