Safepay Not Work With Brazilian Banks

Hello,


I was informed by the Brazilian holder BitDefender SafePay that the tool does not work and may not work with Brazilian banks, since they use plugins to access safety. I wish someone confirm if this information comes.


I use the bank Caixa Economica Federal (www.caixa.gov.br) but would like to use SafePay during access, but can not because our bank requesting the installation of the plugin. The same happens with the Bank of Brazil (www.bb.com.br).


Please can someone try to do something, after all it is not fair to Brazilian users not being able to use this tool.

Comments

  • camarie
    camarie BD Staff
    Hello,


    I was informed by the Brazilian holder BitDefender SafePay that the tool does not work and may not work with Brazilian banks, since they use plugins to access safety. I wish someone confirm if this information comes.


    I use the bank Caixa Economica Federal (www.caixa.gov.br) but would like to use SafePay during access, but can not because our bank requesting the installation of the plugin. The same happens with the Bank of Brazil (www.bb.com.br).


    Please can someone try to do something, after all it is not fair to Brazilian users not being able to use this tool.


    It is more complicated. The short story is this: this bank (and many others from Brasil) requires a browser extension to be installed. This extension intercepts HTTP traffic and modify the requests to and from user browser and bank server; without these modigications, session is invalid.


    On the other hand, Safepay does not allow extensions because of security risks (and the extension intercepts ALL traffic - this is why we do not load them).


    So, for the time being, the answer is these two (Safepay and extension) are not compatible. We discussed internally to allow certain cases, such as this specific one, to be allowed with user consent, but the implementation is very hard and needs considerable time to be done. If we will conclude the risks can be controlled, we'll announce it here.


    Regards,


    Cristian

  • It is more complicated. The short story is this: this bank (and many others from Brasil) requires a browser extension to be installed. This extension intercepts HTTP traffic and modify the requests to and from user browser and bank server; without these modigications, session is invalid.


    On the other hand, Safepay does not allow extensions because of security risks (and the extension intercepts ALL traffic - this is why we do not load them).


    So, for the time being, the answer is these two (Safepay and extension) are not compatible. We discussed internally to allow certain cases, such as this specific one, to be allowed with user consent, but the implementation is very hard and needs considerable time to be done. If we will conclude the risks can be controlled, we'll announce it here.


    Regards,


    Cristian


    I understand , but I do not agree with the attitude of the company not to disclose this information on the official website , since the Brazilian user buys a product hoping to get the full " package " , but in reality , there is functionality that does not work . The Brazilian paid the same as users in other countries being, however is without a layer more . I know the fault is not the BitDefender but banks here in Brazil , but do not agree with the practice or omission of information in that Safepay not work with most Brazilian banks site . Moreover , as found people complaining about this function since 2012 . Still , the security suite Kaspersky uses a similar layer of protection called " Safe Money" which is compatible with all banks . If you can not provide protection to Safepay , because you do not think to modify the current solution to something. Even the Comodo Internet Security has a " protected" for this type of protection browser .


    I feel wronged in the end, bought a license for thinking about my safety when accessing the internet banking from my bank .

  • I understand , but I do not agree with the attitude of the company not to disclose this information on the official website , since the Brazilian user buys a product hoping to get the full " package " , but in reality , there is functionality that does not work . The Brazilian paid the same as users in other countries being, however is without a layer more . I know the fault is not the BitDefender but banks here in Brazil , but do not agree with the practice or omission of information in that Safepay not work with most Brazilian banks site . Moreover , as found people complaining about this function since 2012 . Still , the security suite Kaspersky uses a similar layer of protection called " Safe Money" which is compatible with all banks . If you can not provide protection to Safepay , because you do not think to modify the current solution to something. Even the Comodo Internet Security has a " protected" for this type of protection browser .


    I feel wronged in the end, bought a license for thinking about my safety when accessing the internet banking from my bank .


    Besides Christian, the omission of this information does not work with Brazilian banks hurts our Consumer Protection Code for thus it is written: False advertising is that which discloses partial information or totally false, default data, induces the consumer to an error of judgment in choosing the product. Already advertising abuse is that which uses unethical means to achieve a public vulnerable (eg, children) and violates the basic social values​​.


    Both are prohibited by the CDC and is borne by the supplier prove veracity of the information contained in the advertisement.


    Reference: Articles 6, VIII, 18, 37, 38, 66 and 67 of the CDC.

  • camarie
    camarie BD Staff
    I understand , but I do not agree with the attitude of the company not to disclose this information on the official website , since the Brazilian user buys a product hoping to get the full " package " , but in reality , there is functionality that does not work . The Brazilian paid the same as users in other countries being, however is without a layer more . I know the fault is not the BitDefender but banks here in Brazil , but do not agree with the practice or omission of information in that Safepay not work with most Brazilian banks site . Moreover , as found people complaining about this function since 2012 . Still , the security suite Kaspersky uses a similar layer of protection called " Safe Money" which is compatible with all banks . If you can not provide protection to Safepay , because you do not think to modify the current solution to something. Even the Comodo Internet Security has a " protected" for this type of protection browser .


    I feel wronged in the end, bought a license for thinking about my safety when accessing the internet banking from my bank .


    I understand your frustration, but it is really a thing I was not aware of. Obviously, we do not have accounts opened on Brazilian banks here on development, so we tested against as many banks as possible and the browsing worked.


    For other people complaining since 2012: I cannot find other forum posts regarding that (maybe I'm not searching with correct keywords).


    As for other products you are mentioning: Safemoney is a sandbox over an existing browser, and they let the browser load whatever extensions registered, while Comodo browser is a Firefox (lately Chrome) recompiled with some additions - both of them are basicallty thin layers over existing browsers (with all the pros and cons).


    Safepay is vastly different, being a browser on its own and isolating itself from the rest (basically, is a reverse sandbox).


    I don't think someone here wanted to trick the customers by omitting such informations. Probably is better to contact support for further information - I am a developer and I described exactly what is the situation regarding the current status. I'm afraid I cannot be of any more help.


    Cristian

  • I understand your frustration, but it is really a thing I was not aware of. Obviously, we do not have accounts opened on Brazilian banks here on development, so we tested against as many banks as possible and the browsing worked.


    For other people complaining since 2012: I cannot find other forum posts regarding that (maybe I'm not searching with correct keywords).


    As for other products you are mentioning: Safemoney is a sandbox over an existing browser, and they let the browser load whatever extensions registered, while Comodo browser is a Firefox (lately Chrome) recompiled with some additions - both of them are basicallty thin layers over existing browsers (with all the pros and cons).


    Safepay is vastly different, being a browser on its own and isolating itself from the rest (basically, is a reverse sandbox).


    I don't think someone here wanted to trick the customers by omitting such informations. Probably is better to contact support for further information - I am a developer and I described exactly what is the situation regarding the current status. I'm afraid I cannot be of any more help.


    Cristian


    Cristian ,


    although I am somewhat frustrated with the situation , I completely understand that in the end , the development sector did not expect it ( although I still disagree that there is no such information on the official website , with due regard as to Brazil , but okay ) .


    Referring to the comments of 2012 are spread across sites including Brazilians , there are claims in the official facebook BitDefender , here in Brazil .


    However , I know that is no intention to deceive no customer , although I made ​​the quote of missing information based on Brazilian law .


    I want to make clear that I understand the situation , which is not the company's fault , and the difficulty is imposed by the banks themselves .


    Cristian , please keep trying to make us Brazilians , we can use this additional layer of security with the banks here . I know it's tricky, but keep trying . I canceled my subscription to another suite and began to use BitDefender , believe in the efficiency of the product from you.


    No more , thank you for attention , sorry for any inconvenience it has caused .


    Bruno Simon

  • camarie
    camarie BD Staff
    Cristian ,


    although I am somewhat frustrated with the situation , I completely understand that in the end , the development sector did not expect it ( although I still disagree that there is no such information on the official website , with due regard as to Brazil , but okay ) .


    Referring to the comments of 2012 are spread across sites including Brazilians , there are claims in the official facebook BitDefender , here in Brazil .


    However , I know that is no intention to deceive no customer , although I made ​​the quote of missing information based on Brazilian law .


    I want to make clear that I understand the situation , which is not the company's fault , and the difficulty is imposed by the banks themselves .


    Cristian , please keep trying to make us Brazilians , we can use this additional layer of security with the banks here . I know it's tricky, but keep trying . I canceled my subscription to another suite and began to use BitDefender , believe in the efficiency of the product from you.


    No more , thank you for attention , sorry for any inconvenience it has caused .


    Bruno Simon


    Understood. Then, as I said - I will reissue to the management the need to evaluate extension support; at least that I can do.


    I will do it gladly, because there are not many things that upsets me than an upset customer; what I do lack now is time to think on it.


    I'll get back in forum when I have news.


    Cristian

  • Understood. Then, as I said - I will reissue to the management the need to evaluate extension support; at least that I can do.


    I will do it gladly, because there are not many things that upsets me than an upset customer; what I do lack now is time to think on it.


    I'll get back in forum when I have news.


    Cristian


    Cristian,


    sorry to bother you again, just wanted to tell, although I do not know if it will be useful, but the system linux (ubuntu 13:10) access to Brazilian banks Caixa Economica Federal and Banco do Brazil are made using only the java and maybe certificates digital, in the case of Caixa Economica Federal. Maybe this information can help as to Safepay.


    Thank you.