Online Banking Testing

Online Banking Testing2018-05-22T10:45:26+00:00

A trusted and leading mark of quality

Our Online banking award is one of our core certifications. It has been instrumental in raising our clients’ attention to the fact that many vendors’ protection against data exfiltration was useless against financial malware.

Online Banking Testing

We test over twelve months beginning in Quarter 2 and ending in Quarter 1, at which point (or shortly after) we publish our results. As with all of our certification testing, we work with vendors, offering feedback and helping them to improve their product as we go.

Early in our online banking work we recognised that although many vendors protect their clients’ browsers from data exfiltration, the techniques employed were not effective against financial malware. Since then MRG Effitas has been at the forefront of online banking efficacy testing, and is the only testing house in the world providing tests that map 100% against in-the-wild threats.

In our banking tests we focus on in-the-wild financial malware and use cloud-based testing systems to create botnets that map identically to those we find in the real world. We cannot test using in-the-wild botnets because it’s a criminal offence to do so in the UK, so we use IBM technology to host malware in a safe environment. We can create from scratch our own financial malware, reverse-engineer existing threats and modify them slightly.

Our tests comprise existing malware and real botnets. We can assess whether protective software detects existing malware and whether data exfiltration occurs against the browsers, and are able to anticipate future threats and advise our clients against particular types of attack.

Contact us
   or   
View all Services

Case Study: Webroot

Webroot has worked with MRG Effitas over the past several years due to their unique capacity to test efficacy functionality that goes beyond simply blocking a threat. While Effitas does understand that prevention is important, they were the first to introduce testing that looked at detection of specific malicious behaviors by using malware simulation tools to replicate what behaviors were being encountered in the wild.

Read more