Best answer by HowardR
I wanted to provide you with some more information that will hopefully help you to understand what specifically is being tested for and how.
The first test shown in the screenshots is SpyShelter's screenshot test. As TripleHelix has pointed out the reason that WSA fails this test is due to the fact that in order to execute the test (ie clicking on the Test1a button) the protected browser will by default be in the background, it is not the active window. If the browser is not the active window the Identity Shield does not (cannot) protect it for a number of reasons. First it is infeasible for the Identity Shield to detect the position of the browser in the background. Is it minimized? Is it on a second screen, open but not active? Is it partially obscured? All of these things would be difficult if not impossible to detect. Secondly screen-grabbers are designed to only try to screen-grab when the browser (or another program that could potentially be displaying sensitive information) are the active window. If they were designed to randomly, or systematically take screen shots of the system when those programs are running but not necessarily in the foreground the malware programmer would have a mountain of screen shots to parse for any potentially useful information. This is very impractical and as a result malware in the wild simply does not try to pull information from browsers that are not active. If you were to run a screenshot test where the screenshots are taken with the browser active (Zemana's test is much more realistic for this reason) you would find that the Identity Shield blocked the screen-grab and therefore passed the test.
The second test shown is the clipboard test. In this test it does not matter whether or not the browser is the active window when the test is initiated because it doesn't really start until text is entered and then copied. The Identity Shield is not designed to pass this test because it is not intended to protect the clipboard. The information that was entered is not pulled by the test until you copy it (if it was pulled before the text was copied the program would fail the keylogging test which it does not). Once you have copied the text it has left the protected browser and is entered into a application that is not being protected by the shield (clipboard) which is where it is pulled from. If you frequently copy and paste passwords and other sensitive information like credit cards we suggest the use of our password management feature which enters the sensitive information without copying and pasting it, thus defeating this type of attack.
I hope this information explains things a little better. Let me know if you have any further questions.