Trusteer technology is built to scale. With the rapid growth in the number of malware being developed every year, a successful solution to the problem cannot rely on identifying and processing hundreds of thousands of malware samples. Nor should such a technology rely on users to make security decisions when abnormal behavior is detected. This is why Rapport uses technology which is not based on signatures or heuristics. Instead, Rapport applies the same rules and restrictions to any piece of software that tries to access or tamper with sensitive information.

The security technologies used by Rapport are:

  • Keystroke Encryption: Rapport encrypts sensitive information from the moment it is typed into the keyboard until it reaches the browser, thus preventing information from being read or tampered with before it reaches the browser. Keystrokes are encrypted very low in the operating system’s kernel, and are kept encrypted inside the kernel and user space.


  • Browser Lockdown: Browser Lockdown is at the heart of Rapport’s technology, as nowadays, the majority of malware injects into the browser in an attempt to steal and tamper with information. Rapport applies strong access control mechanisms to all internal and external browser interfaces. Any attempt to access information inside the browser, such as web pages, and information entered into web pages, goes through Rapport’s access control mechanism. Based on a policy, Rapport prevents attempts to access sensitive information inside the browser, such as login information, transactions, and private communication. Rapport’s access control mechanisms control all the various browser interfaces, including browser add-ons, browser DOM interfaces, code injection into the browser, browser cookie storage, and more.


  • Communication Lockdown: Rapport verifies the legitimacy of the website that the user is currently using, preventing the submission of sensitive information to fraudulent websites. Rapport also verifies that the connection with the website is direct, and that it is encrypted to prevent Man-in-the-middle attacks.


  • Actionable Intelligence: All policy violations, such as attempts to read password fields and change web page content, are reported to the Trusteer cloud-based fraud analysis service. The Trusteer team of fraud analysts works 24x7, analyzing information from customers all over the world in order to identify new attack patterns. Advanced automatic update mechanisms allow Trusteer to react immediately to new threats. Organizations are immediately alerted regarding new attacks as they occur, instead of days, weeks, and even months after the fact.
 
Privacy PolicySitemap

Copyright ©2009 Trusteer. All Rights Reserved.