Kaspersky Internet Security 2013 gets MRG Effitas seal of approval for financial data security
27 Nov 2012
Comparative Tests, Product news
- MRG Effitas, an independent organization which specializes in testing IT security solutions that protect financial data, assessed 15 popular antivirus products, including Internet Security class products
- The products were expected to prevent the theft of data entered on a payment system website
- Kaspersky Internet Security 2013 successfully completed all the tasks and blocked all attempts to steal financial information
- The advanced protection for financial data provided by Kaspersky Lab’s new Safe Money technology assured impressive test results
How the tests were performed
MRG Effitas sought to test the ability of popular security solutions to protect against malware designed to steal financial data. For testing purposes, experts created three programs that emulated the behavior of widespread threats such as Zeus and SpyEye. The platform used for testing was the 64-bit version of Windows 7 Ultimate with Service Pack 1 installed.
In each of the three tests, MRG Effitas experts emulated an attempt to steal user data entered on a website supporting SSL – a protected data transfer protocol used by most banks and by many popular online services.
In the first scenario, experts downloaded malware from a special website using Internet Explorer. Next, they executed the downloaded emulator, opened the payment system website in a browser and entered personal data using a hardware or virtual keyboard. The latter was used if it was available in the security solution being tested. Emulators for the second and third testing scenarios were created by MRG Effitas engineers specifically for the new study. The developers intended these emulators to easily circumvent standard antivirus protection. These malicious programs were loaded into the system from a USB drive. They gathered all the stolen information on the computer’s hard drive, waiting for the cybercriminals’ request.
For purposes of these tests, a positive result was defined as the security solution preventing the interception of financial data, even if the malicious object was present on the hard drive in stealth mode. However, if a security solution prevented an emulator from being loaded on the computer or blocked the emulator’s operation, the experts also counted this as a success. Those security solutions which were unable to prevent the theft or clearly alert the user to the danger were deemed to have failed the test.
Kaspersky Internet Security 2013 was one of only two antivirus solutions that blocked all the financial data theft attempts. Most other products only passed the first – the easiest – test. Two more security solutions detected the malicious emulators using traditional antivirus technologies only, which does not guarantee full protection in all the real-life situations which users may encounter. It should be noted that only four products out of 17 successfully passed a separate test for dedicated solutions designed to protect financial data. Kaspersky Lab’s excellent result was largely thanks to the new Safe Money technology developed by Kaspersky Lab experts in order to provide comprehensive protection of users and their financial data against advanced cyberthreats.
Nikita Shvetsov, Vice-President Threat Research Unit, Kaspersky Lab
"Every day, more and more people across the globe use electronic payment systems and tools providing remote access to their bank accounts. These people want to know they are protected from financial cyberthreats, and they are counting on antivirus software for that. The results of independent testing conducted by MRG Effitas clearly show that our solution, Kaspersky Internet Security 2013, which includes the new Safe Money technology, meets users’ needs and provides reliable protection of financial data."