Online Puchase Security Glitch
I recently made two online purchases whilst protected by F-Secure Banking Security.
The first purchase was with a debit card and the transaction was referred to Verified by Visa and the second was with a credit card and was referred to the equivalent Natwest Mastercard verification site. In both instances a screen eventually appeared stating that the transaction was unsuccessful and had not been authorised, I should therefore try again later or call the merchant by telephone.
Notwithstanding these notifications, both transactions had actually been accepted and instantly processed with the money taken from my bank account.
Does anyone know why this might have happened, whether F-Secure should indeed protect against this occurance and what settings I might amend to prevent it ever happening again?
Comments
-
-
-
Thanks Simon. I will try to capture the screen next time, albeit I am now nervous about making any online purchases. The two transactions were reimbursed by the merchant without too much quibble, however I may not be so lucky next time. I have also requested my bank investigates, however they are not usually proactive.
Also, I have on your advice already added extra Malware protection but intend to telephone all transactions to the merchant in future and avoid making on-line purchases. This is most regrettable but better safe than sorry.
-
It's difficult to say what the screens were without seeing one, but I can understand your reluctance to try to replicate the issue. One thing I'm slightly confused about - did you not intend to make the online purchases, as your bank(s) have refunded you?
Unless anyone else has any other ideas, I think perhaps the next thing I would suggest is to send in a support request to F-Secure, attaching an FSDIAG, and hopefully they may be able to see what went on. -
Yes, I intended to make the purchases, however because I received a message on both occasions, which clearly stated the transaction had been refused and aborted, I then made either a second attempt using another card or telephoned the merchant to complete a telephone transaction. This meant that I had unknowingly duplicated the transaction because the first attempy had been successful, even though I had been advised to the contrary. Hence the reimbursements which were put through as credits by the merchants, independently of my bank.
The reason for contacting the bank is because I am unsure whether it is their Verified by Visa system which is the cause of the problem or F-Secure or another component within the system.
I have already sent F-Secure the diagnostic file - whilst they can identify the transactions they are unable to identify the cause of the problem. Their response has been to add both vendor sites to their white list of approved sites.
However this is rather like bolting the stable door after the horse has bolted and adds no reassurance that the same problem will not re-occur when making a future purchase on another "Secure" site.
Currently the situation is at stalemate - hence my reticence about giving it another shot at on-line purchases.
Anyway, many thanks still for your guidance.
-
I had a similar problem about 4months ago when using BankGuard.
I was paying a utility bill online and the payment needed verification by my Bank. The window then crashed but there was no error screen. Usually I then receive an email to verify the payment; this time I did not receive one. But when I checked with the Utility company the payment had been received!! This has only happened the once thankfully.
I would not be weary of continuing online purchases as you have a number of choices;
1. Carry on using F-Secure but use a Live Linux CD for banking transactions and boot your computer from that CD. See for example; http://krebsonsecurity.com/2012/07/banking-on-a-live-cd/
2. Switch to Chrome for online transactions as the Chrome on Windows is quite secure. The sandboxing prevents an attacker from being able to interact with much of the system. Plus if you add ZenMate for Chrome, similar to a virtual private network (VPN), this will add further protection. https://zenmate.io/home
3. Use Sandboxie; http://www.sandboxie.com/ and http://forums.sandboxie.com/phpBB3/viewtopic.php?t=16739
4. BitDefender's SafePay browser; http://www.bitdefender.com/solutions/safepay.html
5. Just use one browser for banking only. Disable all extensions/plugins, disable javascripting allowing bank's site as exception, and even go so far as to restrict it to the bank's IP address range only.
-
@Pablo wrote:I have already sent F-Secure the diagnostic file - whilst they can identify the transactions they are unable to identify the cause of the problem. Their response has been to add both vendor sites to their white list of approved sites.
Did they mean to whitelist so it affects all F-Secure customers, or that you should add these sites as allowed ones?
The only strange thing regardless of what the answer is to that, is that I think these sites should already be whitelisted. I mean NatWest is a large bank. BTW, they have an Internet Guarantee for NatWest Secure.
Without a screenshot of the messages you received it's hard to say if it was caused by Banking Protection perhaps blocking the connections to some web site needed to verify the transactions as successful.
Also it could be a browser related problem as Mariol suggested.
Even though I can't see anything suspicious about this, you could give these multi-engine scanners a try to feel safer:
- http://www.herdprotect.com Scans with 68 Anti-Malware Engines (only scans, doesn't remove found threats)
Note that scanning with 68 engines increases the risk of false-positives although herdProtect claims it can rule them out. So low detection rates like 1/68 or 2/68 are most likely false positives. - http://www.surfright.nl/en/hitmanpro Behavioural scan + scans unknown files with 5 different Anti-Virus programs
If malware is found you'll receive a free 30-day license to unlock the remove threat functionality
Both these scanners only take a few minutes as they only scan running processes and programs that has autostart abilities. Of the two I recommend Hitman Pro the most. It has a lower risk of false positives and can remove threats if any are found.
- http://www.herdprotect.com Scans with 68 Anti-Malware Engines (only scans, doesn't remove found threats)
-
FS stated they would add the two sites to their generic whits list. for all customers and also advised me to clear the two sites from my onboard internet cache.
However, as you rightly sate - Natwest and Barclays are major players so the source of the problem must lie elsewhere.
I will try the HitmanPro as recommended.
Thanks
-
I have experienced similar problems, in my case after hitting the submit button to complete the verified by visa checkout.
In my case the banking protection complains about a link to facebook, blocks it which then stalls the completion of verified by visa screen.
On two occasions the transaction has gone through with no confirmation. On another occasion it did not.
A strange thing is if I turn off the browser banking protection the transaction goes straight through without any mention of facebook.
It appears the either the banking site I am using or verified by visa are allowing some form of facebook interaction while processing these transactions.
🚩 What Do You Think?
We’d love your thoughts on our fresh look! Quick survey, big impact!