Testing of Banking Protection.

Blackcat
Blackcat Posts: 503 Influencer

I assume that the poor performance of F-Secure 2013 in this Banking malware test was due to the fact that the Banking protection was not available in this version? (test was in October, 2012, while the protection module was only released in Novemember of that year).

 

http://www.mrg-effitas.com/wp-content/uploads/2012/11/MRG-Effitas-Online-Banking-and-Endpoint-Security-Report-20121.pdf

 

Is this a correct assumption?

 

If so will the banking protection of F-Secure be tested in the future?

Comments

  • Hi Blackcat,

    With regards to your query, banking protection will enable protection in terms of blocking connections back to malicious c&c or logging site and this will definitely improve on the baseline IS2013 protection without addressing the question of future testing or the weakness against this specific test. We are continiously improving our platform to provide you better protection against malicious attack. Moreover paypal is not supported by F-Secure yet.

     
    Thanks.

    Best Regards,
    Jagadesan

  • Blackcat
    Blackcat Posts: 503 Influencer

    This test is not a good one; http://www.matousec.com/info/reports/Online-Payments-Threats-2.pdf

     

    Let's hope protection has improved since then!

  • Blackcat
    Blackcat Posts: 503 Influencer

    Not so good again here in a latest one; http://www.mrg-effitas.com/wp-content/uploads/2013/08/MRG-Effitas-Online-Banking-Browser-Security-Assessment-Project-Q2-2013.pdf

     

    Comparing results, F-Secure shows no improvement in its banking protection over time whereas some vendors such as Webroot have shown a massive improvement. 

     

    A valid point would be that banking protection is tested by using malware "simulators" which is not a real-world situation. But on the other hand why can some vendors achieve 100% pass rates?

     

    IMHO, if F-Secure can take a look at these testing site results and see if they can improve their banking protection; if only as a potential marketing tool when results do improve. Would look good in the Awards Section of the FS site.

  • Simon
    Simon Posts: 2,667 Superuser

    @Blackcat wrote:

    Not so good again here in a latest one; http://www.mrg-effitas.com/wp-content/uploads/2013/08/MRG-Effitas-Online-Banking-Browser-Security-Assessment-Project-Q2-2013.pdf



     

    I wonder if it's relevent that the test in that report was using PayPal as it's testing site, which I don't think FS Banking Protection supports yet?

     

    Obviously, if other products do, it's in FS's best interests to support PayPal as soon as is possible, but for the purposes of that particular test, maybe the result is a little misleading?

  • Blackcat
    Blackcat Posts: 503 Influencer

    PayPal protection is present in the beta at least Smiley Wink

     

    PayPal.GIF

     

     

    But overall, compared to other vendors F-Secure's Bank Guard results do not look top notch.

     

    Compare this to their protection against malware such as trojans/viruses; they are mainly at the top of the tree in most of the well-known testing sites such as av-comparatives/av-test.org.

  • Simon
    Simon Posts: 2,667 Superuser
    Sorry, I wasn't aware that PayPal protection had been enabled. But they probably weren't using the beta for that test.

    I agree with your point though. You have to look good to compete, and everything has to be top notch to round off the package.
  • Ville
    Ville Posts: 729 F-Secure Product Expert

    Looking at the report, they are using the Internet Security 2013 version of our product, which did not have PayPal protection enabled (due to some initial technical problems with it). It's enabled in beta and in upcoming Internet Security 2014, so I would expect to see improvement in the results.

     

    Also I'm a bit disappointed with the test, since they only tested one banking site and based all their results on that.

     

    Ville

    F-Secure R&D, Desktop products

This discussion has been closed.
Feedback on New Design