Skip to main content

Christmas Present for Hackers

Let’s face it – the prevalence of online banking is like the best Christmas present ever for a hacker. However, it is also a bonus to software companies such as Trusteer, who supply Rapport software that many banks now provide for free to their customers. Rapport is available from a variety of banks including Alliance & Leicester, First Direct, HSBC, ING Direct, NatWest, Santander and The Royal Bank of Scotland.

The way in which Rapport works is that it verifies that the banking site is not a phishing site. If the site connected to is, then it immediately reports the site to the bank.

To many it seems that downloading Rapport is an extra burden on their already overworked computer with its variety of anti-phishing, anti-malware and on-board firewall systems. However according to Jack Blockley, representing Trusteer in the UK, there is practically no latency with this download and as he says it give extra assurance that your banking credentials won’t be compromised.

As a result of Rapport’s wide adoption by banks there have been several direct malware attacks on Rapport and its maker Trusteer – which led us on to the question, “But what if the customer’s system had already been compromised by malware either before or after Rapport had been installed?”

Jack Blockley informed us that Rapport has the ability to detect malware infection that could compromise the online bank transaction in some way (eg stealing credentials). If an infection of this severity is detected, the bank is immediately informed and the user will receive a call from the bank to let them know that the user’s system may be compromised. One refreshing statistic was that approximately only 4% of all systems using this software had required a bank to call them.

Protection against online banking identity theft is not the only use for Rapport. Users can also the software to validate and hence protect them from identity theft with other frequently used sites such as their credit card and travel sites.