| |
What is Securite?
Securite is a patent-pending network security software that protects computer users from phishing, crimeware/spyware, keyloggers and hackers from stealing their confidential information and identity during financial transactions like ebanking and internet shopping.
|
| |
| |
How does Securite work?
Securite employs the latest in computer, network and security technologies to provide a total solution to ensure that sensitive and confidential end user information is not captured or leaked during a financial transaction.
Simply put, the Securite Security Suite software (Securite) needs to be installed on the client's computer, and it is activated upon the internet browser startup. When the user goes to a Securite protected website, Securite verifies the authenticity of the identity of that website for the user. Once verified, Securite will establish a dedicated link to the actual website to prevent hackers from hijacking the information in transit.
During the transaction session with Securite protection enabled, Securite will "lock-down" the machine by preventing other applications and processes to read or access information on the computer including keystrokes, memory and files. The net effect is only to allow those legitimate applications and programs to operate. This will prevent any hidden or background processes like spyware or loggers from stealing user passwords from keystrokes, reading the browser cache or computer memory/file. Valid applications will continue to operate properly during the lock-down. Once the transaction is completed, the lockdown will stop and other applications in the background can continue to run as per normal.
Cross-site scripting (scripts that bring the user to another site maliciously or by design) and phishing emails will also be prevented. As Securite is lightweight and operate seamlessly with the browser, the end user will not experience any noticeable delay. Users can see the Securite icon which looks like a Shield on the bottom right of the browser, and also the URL bar will be highlighted in colour to show that Securite is active and being protected.
|
| |
How do I know Securite is Active?
There are visual cues on the internet browser that will show that Securite is active and what kinds of protection is available. On the bottom right corner, a shield icon with different colours is visible. On the URL address bar, the URL will be highlighted in different colours to signify the type of protection.
 Red — User is accessing a URL being blacklisted by Securite.
 Green — Ensure that user is accessing the legitimate Securite whitelisted and protected domain.
 Animated — Ensure that user is accessing the legitimate Securite protected site and Secure Session (maximum protection) is enabled.
 Grey — User's focus is out of browser session. Securite protection is off.
|
| |
What is the Securite Directory service?
This is a secured trusted service available on the Internet that the Securite software will check for available information to allow for verification for a service provider website. We will check the IP address and validity of the SSL certificate, amongst other things, to ensure that this website that the user is attempting to connect to is legitimate. The Security software will access the Securite Directory service when the user is trying to access a particular web-site.
|
| |
What makes Securite better than traditional anti-virus software?
1. Anti-virus software engages a detection and scanning approach to identify known malware (virus, spyware and keyloggers).
This approach depends on scanning of the PC against known malware signatures and works well with malware that has already been identified and profiled. However, such software have the following limitations:
a. It performs badly against zero day attacks. It cannot detect new malware as it does not have the signature.
b. Scanning for malware can take up a lot of resources and slows down the PC.
c. Anti-virus protection has to be globally applied to the whole PC, and is not transaction specific. Therefore, it cannot employ the strongest level of protection during a transaction so as not to compromise usability.
2. Securite adopts a completely differently approach to protect the system.
It defines the whitelist of allowed operations to run during a transaction and blocks everything else. This approach addresses all the shortcomings of Anti-virus:
a. It is transaction aware. i.e. It applies the maximum possible protection during a particular Internet transaction.
b. It employs blocking technology instead of scanning which requires less resources and is faster.
c. This whitelist approach does not require constant updating of malware signatures and is effective against zero day attacks.
|
| |
Do I need Securite if I have a security token already?
Yes! Even if you have a security token, it does not prevent information being captured real-time and leaked for misuse. It also does not prevent phishing websites from stealing your information and staging what we call a "man-in-the-middle attack" where information is being relayed automatically to a real website from a phishing website in real-time. Securite will complement a security token system even more by preventing the information to be stolen in transit and the lock-down ensures that it cannot be captured and leaked.
|
| |
What are the Securite Protected Websites?
Securite protects the end user computer and the transfer of data through the Internet. When the user chooses to install Securite, Securite is active for transactions done at the websites listed in the Securite Directory service, or signed up with Securite service.
Currently Securite Home Edition 2.0 is protecting Singapore's 100 most accessed websites [Details]
|
| |
Is Securite the bank's vendor?
This is a trial service by Securite. We are working on a commercial arrangement with the banks. Currently, Securite is a 3rd party, and the banks do not own or have a commercial relationship with Securite or ANTlabs.
|
| |
What are the information recorded by ANTlabs when I visit a website since ANTlabs would know that I have visited a Securite enabled website?
On every installation of the Securite client, a unique numeric identifier is assigned to the client. When the user surfs to a new site, this unique identifier is sent back together with the requested URL to the Securite Service to determine if it is a protected whitelisted site or a blacklisted site. No personal identifiable information is exchanged between the client and ANTlabs at all times.
In addition, the information sent back to ANTlabs is used mainly to allow the Securite client to perform its task to secure the user's transaction. General website level statistics may be generated for performance tuning and troubleshooting purposes, but no analysis of individual user's surfing patterns and behavior will be carried out. You may refer to our privacy statement www.securitelive.com/privacy.html for more information.
|
