Whitelisting

  • 29 June 2016
  • 7 replies
  • 380 views

Userlevel 2
Badge +15
A client is required by their bank to run IBM Trusteer Rapport Securty software in order to login to their business online banking account. A Chrome plugin for this application recently failed due to WebRoot Identity Protection Application Protection blocking a DLL used by the program. After an hour spent attempting to whitelist the DLL, then the entire application folder, I contacted WebRoot support.
 
In the end, support was not able to get the DLL whitelisted successfully, and it has been necessary to turn off Identity Protection altogether in order for the plugin to run, allowing access to the online banking site (required for direct deposit processing for payroll).
 
Has anyone else run into these kinds of unresolvable issues with whitelisting? Leaving Identity Protection off for any length of time is not an option really, yet at the moment it's the only way to get any protection and have the ability to process payroll for this small municipality.

7 replies

Userlevel 7
Badge +56
Unfortunately the way the ID shield is designed it does interfere with some other software in a way that is impossible to fix without just turning it off.

On the plus side, the ID shield is simply attempting to do what the IBM Trusteer Rapport Security software is doing, which is protect you against phishing attempts. That's possibly why the two are conflicting, since they're both trying to jump in and protect your browser sessions against malicious sites or activity. So in reality you're not losing anything by having the ID shield off as the IBM software is already guarding that method of intrusion.
Userlevel 7
Badge +33
Hi,
 
i would advise removing the Trusteer Rapport software altogether from the system as it's known to cause all sorts of issues with browsing and rendering of sites when mixed with other AV software, not just Webroot's.
 
That "requirement" is simply a scare tactic used by the banks and it's absolutely NOT required to get onto any banking sites that I am aware of. I have clients that log into very large Mutual Fund sites etc... and they were given the same song and dance about Trusteer Rapport.
 
Webroot's identiey shield will provide better protection against banking threats anyway.
 
MRG Effitas did a comparison of the two and in almost all tests, Webroot has come out on top.

I've personally given up supporting Trusteer Rapport on browsers due to all the problems with slow page rendering, sites not loading at all etc.... Remove the trusteer software and the problems go away.
 
Here's the link to the article:
 
https://www.mrg-effitas.com/wp-content/uploads/2015/07/Webroot-SecureAnywhere-Versus-Trusteer-Rapport-Comparative-Analysis-2015-Q2.pdf
Userlevel 2
Badge +15
@ wrote:
 
 
That "requirement" is simply a scare tactic used by the banks and it's absolutely NOT required to get onto any banking sites that I am aware of. I have clients that log into very large Mutual Fund sites etc... and they were given the same song and dance about Trusteer Rapport.
 
No, it's a requirement. The login process checks for the presence and functionality of the Rapport plugin. If it's not up and running, there is no login, we're re-directed to another page explaining the requirement for Rapport. This bank may be the only one in the universe doing it, but it's doing it, and we have to deal with it.
 
And it wouldn't be an issue if it were simply possible to tell WebRoot that the application is okay.
 
 
Userlevel 7
Badge +56
If that's something you have to have running for compliance reasons then there's not much you can do about that. Just know that having the ID shield off isn't going to harm Webroot's ability to do all the other protection necessary, and Rapport covers the phishing and web browser stuff that ID shield would normally do. Due to the way the ID shield is designed it unfortunately can continue to see an application as a problem even if we whitelist it, due to what that application is trying to do. And in this case since Rapport is intervening in the web browser session, Webroot's ID shield is always going to pick that up and try to suppress it. We've asked for an ability to control that more fully but it hasn't been something that has been a high enough dev priority yet since the workaround of turning off the ID shield exists.
Badge +1
This is not a scare tactic. Rapport is used for banks to comply with certain regulations. It is legit software created by a legit, badass group of Israelis who sold it off to IBM. I don't know where this scare tactic BS comes from, but it should be installed. I have not had it render webpages weird. If the bank configures it correctly, it only does things to companies running Rapport.

Trusteer Rapport is required software to use our bank’s website. We need an easy way to manage this.

Userlevel 7
Badge +24

We should be able to resolve this and whitelist that DLL. 

 

Have you tried contacting support to see what they can provide as a solution?

https://www.webroot.com/us/en/business/support

 

 

Reply