Earlier this week I logged on to the website of my bank and was greeted with an option to download software named ‘Rapport'.
This was not the first time I had heard of this, it was flagged to me by a friend last year who emailed me saying that they had tried to log into their bank website and were greeted with details on Rapport, with a short Q&A that read as follows;
But why do I need Rapport? I'm already protected by a firewall and anti-virus software.
Traditional online security software is essential, but Rapport goes even further, providing another layer of protection when banking online. We recommend you use Rapport alongside your firewall and anti-virus. It's not designed to replace your existing protection.
I've never heard of Rapport – can I trust it?
Yes. Rapport is produced by the financial security experts at Trusteer. Industry analysts at Online Banking Report described Rapport as 'a major boost in fraud prevention'. They also named Rapport 'Best of the Web'.
Won't it be a hassle?
No. Rapport takes seconds to download and install. There's no need to restart your computer. And it's already set up to protect you when you use RBS Digital Banking.
Now being the investigative journalist that I am, I looked into it further. I found out that it is produced by an Israeli company called Trusteer, who is now stepping up their marketing in the UK.
The description on the website explained that ‘Rapport from Trusteer is a lightweight browser plug-in plus security service that prevents criminals from tampering with a user's browser and protects against man-in-the-browser, man-in-the-middle and phishing attacks.
“When users browse to sensitive websites such as internet banking, web mail or online payment pages, the Rapport plug-in immediately locks down the browser and prevents any unauthorised access to web pages and confidential information that flow through the browser.”
All very good stuff, but it left me with some unanswered questions – considering that we have spent many years telling people not to click on suspicious links, not to download untrustworthy files, be careful about what they install – is it really likely that members of the public will download this? Or will it be comparable to software updates, ignored rather than installed?
I spoke with Mickey Boodai, CEO of Trusteer, who explained that it is a ‘piece of software that sits on the computer and locks down the communication between you and the bank'. If malware, or a banking Trojan to be specific, tries to intercept the login process, the communication is locked down so nothing looks at it.
Boodai said: “This isolates the browser and blocks intervention to it. Software will block it for the duration of the session.”
So what about education and publicity for the public who are the target market in this instance? Boodai admitted that it was being promoted by the banks directly, and while some customers may call back and ask about it, most will trust the bank's advice on security.
He said: “We keep it as simple as possible as it is very technical and once a consumer gets confused they lose interest.”
So looking further at the software, Boodai said that you can use multiple windows on a browser and use Rapport to protect the window with which you access the banking site. It is available for use with Internet Explorer, Firefox, Chrome and on Safari on the Mac. Once you have downloaded it, it places an icon on the browser that turns the address bar green so it is an indication of it being secure.
Boodai said: “It starts working from the moment you go on to the banking website, on all other websites you can click on the icon and choose to protect it. It will remind you to use it for any special site and we recommend you use it to protect it.”
So if it protects the login process on such a sensitive site as banking, I asked him if there were plans to roll it out to other sites – such as social networking, web mail or even auction or shopping sites. He said: “We are focussed on the financial sector at the moment and technology to market at a high level, it is not limited to any website, it is a good solution.”
I have to admit that while Mickey Boodai did answer my questions and I have no doubt that it works efficiently; if it did not I doubt that UK banking sites would touch it, there is still a doubt in my mind about how it will be received by the general public.
As we have said in the past, the security-savvy public and I feel that many will be suspicious until they are informed about Rapport.