The practical goal of application hardening is to make online frauds and data thefts extremely complex and costly, and lower the return on investment (ROI) of hacking. The profit of e-criminals is driven by their ability to deploy successful and scalable attacks to thousands of computers, which becomes practically impossible against an architecturally hardened application, simple to use but hard to hack.
The H-Browser is a hardened Web browser designed for securing Internet transactions. At the same time, the H-Browser feels and operates as any standard Web browser, without requiring users to change their typical browsing experience.
Critical sections of the H-Browser executable code are modified (virtualized) at the level of the original processor commands, converting these into new byte code unknown to the operating system’s processors. This forces hackers to operate in unknown territory, having to develop new tools for analyzing and decompiling the H-Browser virtualized byte code.
The details of the internal virtual machine change (polymorphism) across different builds of the H-Browser executable code so that successful attacks are blocked before they can spread further. This prevents the scalability of malware attacks.
An attack vector is defined as an elemental constituent of malware, necessary to enable at least one essential component of a malicious attack procedure. In other words, attack vectors are the building blocks of financial malware which are needed to carry out the online fraud.
The Proactive Security Updates (PSU) allows both preventing and responding to malware attacks. Once malware is launched against a hardened application, the attack will be effective only until the target code contains the exploited vulnerabilities. The PSU practice can be applied preemptively to frustrate ongoing hacking efforts and prevent scalable attacks. This underlines the core strength of application hardening, inasmuch the application’s architectural design and multiple protection layers allow engaging the e-criminals even before they have deployed any attack. Differently from standard maintenance updates of non-hardened software, the PSU are designed to keep the application equipped with the strongest protections using knowledge acquired from security research and constant monitoring of malware in the wild. The PSU represent a true shift in the delivery of value to customers of security solutions, whereby forces in the battle with e-criminals can be finally rebalanced by requiring them to work hard and again for any practical gains.
Back to Top
- Zero-footprint: no special drivers or admin privileges needed
- Available as a software-only downloadable application or integrated with smart security tokens
- Protected against all major attack vectors exploited by financial malware
- Certified for use against Man in the Browser attacks by IndenTrust, the global leader in identity solutions for financial institutions
- Localized in English, French, German, Italian, and Spanish. Additional languages available upon request.
- (Optional) User Interface customized based on corporate branding guidelines
- (Optional) Integrated with the H-Server cloud-based management console for Proactive Security Updates
Back to Top
Successful hacking always leverages flaws in both the underlying technology as well as in our understanding of the transaction process. The short videos provided in this section try to fill this gap by describing how typical e-banking sessions are hacked and the key vulnerabilities exploited in each case.
We'd love to hear from you: let us know if you experienced any of such attacks and if you have any others to report.
Back to Top
ResourcesAchieving good practical security requires the collaboration of informed users: basic knowledge of online security practices can go a long way to avoiding the majority of online frauds. Here you can find some resources of growing complexity to guide you through what our products do and why they provide outstanding practical security.
- Winning at the Hackers Game
- Is e-banking on both PC and mobile platforms possible without inviting e-Criminals to a feast?
- The Tenets of e-Banking Security
- Is e-Banking Security about Technology, Marketing, IT Budget or... End Users?
- Security, Privacy and Efficiency of Internet Banking Transactions
- Practical Security
- How e-Criminals pick their Targets
Back to Top
|Processor||IBM PC or compatible with Intel base processors
Intel Pentium 4 800-MHz or higher
(Intel Core 2 Duo or higher recommended)
|Memory||512 megabytes (MB) of RAM (2GB recommended)|
|Operating System||Microsoft® Windows® VISTA all versions
Microsoft® Windows® 7 all versions
Microsoft® Windows® 8 all versions
Microsoft® Windows® 8.1 all versions
Microsoft® Windows® 10 all versions
Mac OSX 10.7.x and higher
|Display||1024 x 768 resolution, 65 536 colors minimum
(32-bit color recommended)
Back to Top