Safepay for some banks are being blocked by Encrypted Web Scan and a solution

neap

I was unable to authenticate with some banks using Safepay (Safepay v30.9.25.53, Bitdefender v27.0.44.217). Bitdefender Support Chat suggested "temporarily" disabling Encrypted Web Scan (under Bitdefender Protection » Online Threat Prevention » Settings). It was verified that Safepay could finish connecting online with each bank previously blocked after disabling this protection.

Bitdefender Chat Support then told me to contact my bank to determine why their site is not compatible with Safepay. Say what? Here are the exact words.

Unacceptable answer.

BETTER SOLUTION (for now): In order to keep Encrypted Web Scan ON for protection with other sites, re-enable Encrypted Web Scan but then create an exception to not use Online Threat Protection for the bank sites that don't work in Safepay. This seems counterintuitive and kludgy, but it worked.

Alexandru_BD

Hello @neap,

What Encrypted Web Scan actually does is that it checks the safety of the web pages. Like the description of this feature says, encrypted pages can use certificates issued by untrusted certificate authorities or even stolen certificates from legitimate sources. For more context, HTTPS is indicated by the small lock symbol that appears in front of the address line whenever you visit a website. The padlock usually means the site has a valid HTTPS certificate, the site domain is verified to match the name on the certificate, and the connection to the website is encrypted. In other words, the information exchanged between you and that domain is not in clear text, but encrypted. Unsafe domains are external links to websites that do not have a security certificate issued by a trusted certificate authority, have an unmatching or expired security certificate, and could contain phishing, malware, or unwanted software. So, more sophisticated attacks might use secure web traffic to mislead their victims. Therefore, I would also recommend to keep enabled the Encrypted web scan option, as part of the Online Threat Prevention module.

As for that banking website, as suggested in the chat, you could turn it off temporarily if that banking website cannot be accessed otherwise. There are certain situations when banking sites may restrict access, for various reasons. For example, if a secure environment such as Safepay or let's say a VPN encryption is being used to access a banking website, this may trigger some warnings on their end. I don't think all banks require this, but there have been cases where, due to the over vigilance of several banks, connecting a VPN for example often triggers fraud warnings when you use it to conduct your online banking. In a similar way, it is quite possible that when Encrypted Web Scan is enabled, because it performs these checks, this may raise a flag for them. Obviously, Support recommended to check this with the respective bank, because they are not in a position to change anything, if the security measures the banking website has enabled are blocking you because you are using an antivirus that has the ability to scan for their certificates..

Regards

neap

Follow up — All good now.

Bitdefender Security Update took affect this AM. This took care of issues of Safepay that I was having with those banks. The update brought BD Antivirus Plus to v27.0.45.220 and Safepay v130.1.9.1.

Just now paid up for the subscription. Thanks for being there.