avc-community Welcome, AV-Comparatives partners and friends!

This is a place of sharing and exchanging information, the hub of the AV-Comparatives community, where we keep in touch with our partners and friends. We’d like to thank you all for your past, present and future support and for helping us emphasize the importance of independent testing of security software.

Safe online banking

It’s all right to say that safe online banking starts with safe offline banking. Your bank will never ask for your PIN number, and this stays the same with online banking. It is never too much when it comes to emphasize the importance of not giving away your credit card details to anyone else. Extra vigilance is required when entering it at an ATM or self-banking machine. Some fraudulent tactics involve card copying using an illegal recording of you entering the PIN number, so always hide this action from view by concealing the ATM keyboard when entering the PIN (stay close to the screen and shield the keyboard with your other hand). Beware of anyone staying too close to you when you access the ATM, which is not just an impolite attitude but can be a suspicious sign. A fraudster does not need your PIN number in order to manipulate it online. The card number, cardholder name and the CSC (card security code) are sometimes sufficient for making online purchases that will be charged to your account. To avoid this, supplementary security protocols like TANs and 3D-Secure were implemented.

Additional security measures

When using your card for online payments, there are supplementary security protocols such as 3-D Secure. While not specifically ill intended, online stores that do not use secure websites (identifiable by the “https” instead of “http” in beginning of the address) and additional security layer make you credit card more vulnerable to malicious manipulation. Some banks do not even provide insurance against online thefts for cards that were not enrolled in an additional security protocol. “Cardholders who are unwilling to take the risk of registering their card during a purchase, with the commerce site controlling the browser to some extent, can in some cases go to their bank’s home page on the web in a separate browser window and register from there. When they return to the commerce site and start over they should see that their card is registered. The presence on the password page of the Personal Assurance Message (PAM) that they chose when registering is their confirmation that the page is coming from the bank. This still leaves some possibility of a man-in-the-middle attack if the cardholder cannot verify the SSL Server Certificate for the password page. Some commerce sites will devote the full browser page to the authentication rather than using a frame (not necessarily an iFrame, which is a less secure object). In this case, the lock icon in the browser should show the identity of either the bank or the operator of the verification site. The cardholder can confirm that this is in the same domain that they visited when registering their card, if it is not the domain of their bank” (http://en.wikipedia.org/wiki/3-D_Secure).

Online banking safety tips

Phishing and pharming are the most common ways to fish out information that would eventually put a hole in your pocket. See Learn how to identify phishing e-mails. Cross-site scripting and keylogger/trojan horses are also known attacks to online banking safety.

Use a firewall, anti-virus and anti-spyware software.

Make sure your anti-virus, anti-spyware, firewall and OS and third party applications are always up to date. Install security updates frequently.

Keep your PIN, passwords, personal identification question confidential. Regularly change your password. Do not store the password on a sticker on the desktop. Do not store it in a document on the PC. Do not use easy to guess passwords. Use passwords consisting of numbers, upper and lower case letters, symbols, preferably 10 or more characters (example: r€Tw33I@ll).

Always log-out after using your account. Never leave the computer unattended while logged into your account. Use public networks with caution. Enhance the security by clearing the browser’s cache after logging out.

Look for the closed lock icon signaling you are on a certified secure website (identifiable by the “https” instead of “http” in beginning of the address). Additionally click the lock icon to check if the certificate corresponds to the site you are viewing.

Keep in mind the general rules. A bank will never ask you to provide it with your PIN or passwords. Nor will it give away money in a contest you never entered or any other circumstances. Scammers sometimes try to trick people into making a real payment by claiming “it’s just a test”.  Established businesses do not release secure applications and then ask you to test them. Take extra measures while traveling and using public computers. Use vigilance: remember the process you normally go when online banking and be suspicious if it differs from last time. Use a pop-up blocker or be wary of any unexpected or out of place looking pop-ups that appear during a transaction. Manually enter your bank address instead of clicking an e-mail link to log-into your bank account.

Contact your bank immediately if you notice any transactions you did not authorize.

About AV-Comparatives

AV-Comparatives is an independent organization offering systematic testing that checks whether security software, such as PC/Mac-based antivirus products and mobile security solutions, lives up to its promises. Using one of the largest sample collections worldwide, it creates a real-world environment for truly accurate testing. AV-Comparatives offers freely accessible results to individuals, news organizations and scientific institutions. Certification by AV-Comparatives provides an official seal of approval for software performance which is globally recognized. Currently, AV-Comparatives' Real-World Protection Test is the most comprehensive and complex test available when it comes to evaluating the real-life protection capabilities of antivirus software. Put simply, the test framework replicates the scenario of an everyday user in an everyday online environment – the typical situation that most of us experience when using a computer with an Internet connection. AV-Comparatives works closely with several academic institutions, especially the University of Innsbruck’s Department of Computer Science, to provide innovative scientific testing methods.
If you plan to buy an Anti-Virus, please visit the vendor's site and evaluate their software by downloading a trial version, as there are also many other features and important things for an Anti-Virus that you should evaluate by yourself. Even if quite important, the data provided in the test reports on this site are just some aspects that you should consider when buying Anti-Virus software.

AVC Analyzer

undroid