Avlab.pl test says otherwise! As you can see, there are lot of components required for safe online banking is being compromised as compared to its competitors.
Hello,
I would say it does the job fairly well. Safepay protects against all e-threats that target your banking data such as hacking, phishing, packet analysis, “man-in-the-browser” and “man-in-the-middle” attacks, trojans, system changes, etc. While browsing in Safepay you don’t risk being spied on or having your passwords stolen. Malicious keyloggers can’t record what you type on your keyboard and send reports over the Internet to hackers. Safepay also prevents malware to take screenshots and detects fraudulent websites. The web-filtering technology ensures that you never land on a harmful website. The browser also comes with a built-in VPN that secures your confidential data even on public Wi-Fi networks.
Maybe @camarie can jump in to expand on what's included and whatnot, and the levels of performance and security of this protected browsing environment, if there are any concerns here.
Regards
First, I have asked about in what scenarios a malware gets run. As the webpage says, We downloaded malware to the system via the Telegram messenger. Not that I don't trust they obtained some results, but I would like to better understand how in order to be able to respond, at least, or to fix the scenario, if so. Was that executable run from a drive-by download? from inside Safepay? outside? was it automatically executing or the user (or some automated meaning)?
No answer that I know of was provided.
The task for the tested solutions with the banking mode running in the background was to detect and stop an attack at any stage: before launching, after starting, or after establishing a connection to the server owned by a hacker. This in itself - at least for me - shows some kind of expectation: while in banking mode, go full paranoid.
This is not how Safepay works. Safepay does not protect the system from downloads and executing files outside itself, that is what antimalware does. Even if yes, there was a shortcoming in which a binary file could download thru Safepay (issue now fixed), the user still had to launch manually the executable - this hardly qualifies as a vulnerability. All in all, what Safepay does is to complement what the solution already does: the defense mechanisms (antimalware, realtime protection etc.) takes care of the protection at all times, while Safepay is a specific, isolated browser which brings on its own things. In no particular order, the main set of protection features specific to Safepay are:
All in all, I would be more than glad to know how avlab.pl obtained the results and what I can do to make it better for Safepay. The "download and running a file which we label as malware" would be better directed to the protection forum categories.
