16 Jan 2017

A question about : NatWest's 'Rapport' software

For a few months now, NatWest have been suggesting I install their 'Rapport' software (made be Trusteer). Trusteer's site says:

https://consumers.trusteer.com/learn

Whilst NatWest's blurb is:

https://www.natwest.com/commercial/se...e/rapport.ashx

They claim that this is to be used in addition to Antivirus, Firewall, Antispyware etc, and that it creates a 'secure pipe' title=Huh between your browser and their banking site.

Potentially, it can be configured to 'protect' many other sites you log into. However, Googling suggests that the software it is not without reported problems. I'm already fully protected against the above with uptodate antivirus/spyware, firewall, anti-phishinging etc, daily/weekly scans, I don't get taken in by junk phishing emails either, and am cautious about cluttering up my PCs with yet more intrusive software.

But I'm also cautious of banks who, in the event of a 'security breach' may use a customer's declination of such software as some kind of implicit negligence/get-out clause. It's not stated as costing anything (yet) but who knows their future intentions.

What do you think - install or ignore the invitations?

Best answers:

  • if in doubt don't and call Natwest or go to a branch to enquire. They sould beable to provide the exact website needed so that you not fall prey to a fake site.
  • I think the more people that download it, Natwest will getmore of a case together to start either:
    Charging for that service which is v unlikely as that will put people off using online service which in the long run saves them money as takes the pressure off paying for someone to be in a branch dealing with your queries.
    As you mention use the your decision to decline using that service as a get clause for holding customers liable for transactions unathorised on your bank account.
    I believe if you can prove that you have good Quality internet security installed you don't have to worry about that.
    Also for other info I believe some banks have a 2/3 strike rule
  • I originally had that installed. However after a while I noticed that when a browser was open my machine was sluggish. When I checked in task manger I found that Rapport was taking a rather high percentage of CPU time (around 35% when a browser was open0.
    Uninstalled said software and now back to normal. I'm happy that I have sufficient security in place not to need this piece of rubbish
  • As long as you connect to the site using https, then the browser achieves the same result as the Natwest software. I can't see the point in it.
  • Thanks for the replies.
    mugwump's comment was particularly relevant, yet another anti-whatever package on top of all the rest of the baggage a Windows PC must carry, is rather counter-intuitive. The idea of potentially all logins (not just NatWest) going via yet another bespoke piece of software, makes me shudder.
    It's curious that NatWest (RBS) are taking this approach. You can't login without both certain PIN & certain password characters (they always ask for different ones). A few wrong login attempts would soon 'lockup' your online access, I'm sure.
    Even once in, all NW online users would need a 'card reader' (issued over a year ago) plus your bank card, plus your card PIN, to create the third party payee essential to drain out funds fraudulently. It seems pretty unlikely any online scam artist could bypass that little lot, and so it's not surprising that other banks lacking such precautions are the ones we repeatedly hear of being targetted.
    A workmate's joint account (Abbey, I think) was emptied, he's almost certain that his non-techie wife responded to a phishing email at the time (although she denies this) and the said bank then had no further precautions to stop third party payees being created.
    They asked him some challenging questions (including 'what Windows service pack are you on'?!) but he stood his ground and got his money back a month later. The trouble for the banks is that online banking has saved them a fortune via the branch closures they've been able to roll out off the back of it, and so the idea that a customer could lose everything (albeit via their own gross stupidity) is one they don't want to become known/believed.
  • The use of SSL/TLS is not the same as using Rapport. https only secures the link between your PC and the bank. If you have malware on your PC it can still record your id and password and can still submit transactions against your account in the background. Rapport is intended to prevent this. I would guess from reports that Kaspersky flags it as a keylogger that it's using keylogger-style hooks to block keyloggers.
    It may be worth having. If you Google it you'll find most banks are offering it. I'm still thinking about it.
  • I'm sceptical. Much of Trusteer Rapport's publicity is built on quoting tests by a small body (OITC, which stands for Okie Island Trading Company) that rather differs in both methodology and results from most more recognised anti-virus surveys, and which happens to have an interest as a reseller.
    And the product seems rather poor at dealing with false positives, i.e programs which have a legitimate reason to access the various subroutine processes it monitors.
    Ask the bank for copies of tests by their own security experts ...
    The forum search here works, and there are several threads
  • this is the report I rather cryptically alluded to earlier
    https://www.virusbtn.com/news/2009/04_22.xml
  • Just found the following review on CNET:
    Quote:
  • Interesting stuff, My Kaspersky internet security suite did the same thing when I was phished for info claiming to be from HSBC.
    I'm not going to download as for reasons previously stated that it uses too much system resource.
  • Whenever my banks urge me to install anti-malware software, I ask them, very politely and earnestly, which ones they would advise and prefer me to use on my Macs.
    Strangely, this has never produced any reply. :confused:
    Maybe I should now also ask them how to install "Rapport" on a PowerPC Mac.
    I've always made it clear that if they wish to protect themselves from fraud occurring on my accounts, I shall be happy to accept from them a Windows-based computer or a five-year interest-free loan of Ј1,000 to buy one.
    Clearly it is time to ask them at least to supply me with an Intel Mac.
  • Online banking seems like a pretty big risk to me, particularly on a Windows PC, so I wouldn't even want to try it out.
    What are the benefits of online banking that make it so appealing?
    I know phone calls aren't exactly secure, but I phone if I need to check my balance. I guess it would be a lot harder to intercept someone's phone communications without the telco's assistance. It's also impossible to install malware on my landline phone.
    If I need to pay a bill I send a cheque (otherwise bills are paid by DD).
    Maybe I'm just being dense, but I can't see why I would need to bank online...
  • It avoids the need to covert everything into rupees and deploy a volume booster in order to effect a transaction.
  • If you do download and install it, it's a !!!!!! to get off
Category: 
Techie Stuff
  • 3062 reads
Please Login or Register to reply to this topic