As of the last three years there has been a noticeable trend in the computer troubleshooting and repair industry; and a particular piece of software called Trusteer Rapport has been causing some odd behavioral problems on machines that we repair. Everything from slowness to Windows deactivation to 0xA BSODs all being caused by either the installation or attempted removal of this software. So what is it, where does it come from and should you use it are all questions that we will try to answer here.
What is it?
Trusteer Rapport is security software designed to protect confidential data, such as account credentials, from being stolen by malicious software or via phishing. The software includes anti-phishing measures to protect against misdirection and has the purported capability to prevent malicious screen captures. It attempts to protect users against the following forms of attacks: Man-in-the-browser, Man-in-the-middle, session hijacking and screen capturing.
On installation, Rapport also tries to remove existing financial malware from end-user machines and to prevent future infection. Trusteer Rapport is advertised to be compatible with Microsoft Windows (XP-SP2 and higher) and Mac OS X and can be downloaded free of charge. Financial institutions offer the software free of charge with a view to making online banking safer for customers.
Where does it come from?
Originally headquartered in Tel Aviv Isreal, Trusteer was purchased in October 2013 by IBM for $1 billion and headquarters were relocated to Boston, Massachusetts. Since then IBM has poured a considerable amount of resources into diversifying Trusteer’s product line and now offers several consumer security products, seemingly, all for free.
Various financial institutions are currently distributing the software to their customers via internet banking services in an attempt to lower the amount of fraud currently being perpetrated. Banks promoting the software include Bank of America, Société Générale, INGDirect, HSBC, NatWest, The Royal Bank of Scotland, CIBC, Ulster Bank, First Direct, Santander, Standard Bank of South Africa, Scotiabank, BMO, Banco de Chile, The Co-operative Bank, Guaranty Trust Bank Plc (GTBank), Ecobank. and Davivienda.
Considering the fact that the Trusteer company pulled in only $80 million in revenue in 2012, its hard to understand why a company like IBM, whose interest has traditionally been corporate and government contracts and not the consumer market, would invest so much into a consumer security company with very little to gain. It would be logical to assume, given recent events in computer security around the world, that IBM is worried less about consumer security and more about exploitable and highly profitable assets Trusteer possesses.
Should you use it?
In a word, NO. There exists several NO moments when considering the use of this product. The first of which is how the software protects its users. On installation the software warns the user to shut off any antivirus detection software as it may prevent Rapport from installing correctly. This is a major red flag when installing “supplemental” security software. It means that the software at least behaves like and possibly conducts the same activity as malicious software. On a closer examination it would appear that Rapport alters hundreds of files in the OS in an attempt to circumvent almost all MS Windows APIs (just try checking system file signatures after Rapport’s installation). Something that no security software attempts to do due to operating system stability issues. Stability issues and resource management are the main complaints about this product. A quick Google search makes this painfully clear.
To add security insult to stability injury, the software collects keystrokes and online financial credentials, encrypts them, then stores them on a server somewhere for use in analyzing online financial activities. They do this, they claim, to identify and prevent fraudulent online financial activity that is committed using your information. With the ever increasing amount of data breaches occurring, even in some of the largest and well funded corporations, its hard to justify allowing any company to store such data and utilize it on a considerably wide range of activity, no matter the reason.
Trusteer’s product line is also provided free of charge to consumers through licensing conducted by large financial institutions. Trusteer’s revenue is provided solely by large corporations and special interest groups and not by the consumer, which in turn means that its not the consumers best interests but corporate interests that drive the development of the products.
The software also installs self defense methods in the event another piece of software attempts to remove it. In some cases it has been seen that trying to remove this software using its built-in removal method has resulted in corrupting drivers, rendering network adapters useless, deactivating Windows licensing, blue screen errors and failure to boot. It would be wise to contact either Trusteer support or other technical professionals if one were so inclined to attempt removal.
Finally there is the proprietors themselves. IBM has been at the very least associated with such crimes as violation of import/export laws, numerous claims of monopolistic practices, knowingly exposing employees to toxic chemicals resulting in high employee death rates, and aiding the Nazis in WWII through its subsidiary in Germany at the time, Deutsche Hollerith Maschinen Gesellschaft (German Hollerith Machine Corporation aka Dehomag). Not entirely the best characteristics to have when marketing yourself as protecting the consumer. Trusteer is no stranger to the courtroom either. In late 2010, a company called BlueGem discovered that Trusteer had copied almost line for line BlueGems “Intel Compatibility Code” project into their own, which amounted to copyright infringement. The case was later dismissed as frivolous.
Conclusion?
If your banking website offers you premium protection with this product please save yourself the trouble and decline immediately. If you happen to already have it installed on your machine please contact Trusteer support or your particular IT to remove it.