“How would you describe “A watchguard against online threats?“
Would it be as:
One that detects suspicious activity when an unknown program tries to watch what you type while you log into an online bank account. Then goes ahead to block the program, warn you of the threat, and stop the session to protect your information?
One that identifies when an account is being logged into with a correct password, but from a different location, time zone, or device. Then pauses access to ask for extra verification and blocks the login until the user’s identity is confirmed?
One that notices money being transferred from an account with incredible speed, followed by the account being logged out of almost immediately, and raises an alarm. Identifying these rapid actions as suspicious, and immediately alerts the bank?
One that notices several attempts to log into an account fail, followed by a sudden, perfect login, and denies further access. Then, identifying this pattern as a sign of a forced entry blocks the account to prevent unauthorized use?
One that spots multiple failed attempts to use a bank card and immediately blocks further attempts. Recognizing the repeated errors as a security risk and stopping any additional transactions to protect the cardholder from fraud?
One who notices an online account being logged into using untrusted Wi-Fi, and reports the login as suspicious, and alerts the organization to request for extra verification?
If you described “A watchguard against online threats” in these ways, then you are on the same page with GATEMARK’S description of the phrase.
If you asked if such a watchguard existed, we at Gatemark would respond with a resounding: “YES!”
We would go on to recommend IBM Trusteer as the watchguard to help detect abnormalities and online threats.
………
IBM Trusteer: Analysis of Technical Limitations and Strategic Shifts.
Research Summary
IBM Trusteer, often described as a “watchguard” against online threats, is designed to provide active security layers that monitor user sessions and prevent unauthorized data exfiltration.
According to GATEMARK, this role includes detecting keyloggers, identifying suspicious login locations, and flagging rapid fund transfers.
However, the practical application of this suite, specifically Trusteer Rapport, reveals significant downsides that have led many institutions to reconsider its use.
Downsides such as;
Technical and Performance Impact.
The most pervasive drawback is the severe performance degradation often referred to by users as a “oat anchor” effect.
The software requires high CPU and RAM utilization (at least 100MB of available physical memory) to perform invasive kernel-level monitoring.
This frequently causes browser lag, input delays in professional software like Excel, and “malware-like” system sluggishness.
Critical system instabilities are particularly prevalent on modern operating systems.
On Windows 11, the core driver “Rapporthades64.sys” has been identified as a primary cause of total boot failures and profile corruption, in some cases rendering brand-new devices unusable.
Furthermore, the software is incompatible with modern security features such as Windows “Memory Integrity”.
Operational Friction and Compatibility.
For corporate environments, the requirement for administrative rights to perform frequent updates creates a high volume of helpdesk tickets.
The software is notorious for conflicts with mainstream antivirus suites such as Malwarebytes and Norton, sometimes forcing users to lower their overall security posture just to satisfy banking requirements.
In virtualized environments like Citrix or RDS, Rapport can cause high CPU usage for all users on a server, leading many IT departments to sign waivers to opt out of the requirement.
Privacy and Strategic Outlook.
Trusteer’s behavioral biometrics monitor granular user actions, including typing rhythms, mouse fluidity, and even the angle at which a smartphone is held. This level of surveillance has raised significant privacy concerns regarding the depth of data collected and shared across a global intelligence network of millions of devices.
Strategic trends indicate a retreat from this model. Major tier-one banks, including NatWest, RBS, and Coutts, have withdrawn sponsorship for Trusteer Rapport, citing the shift to mobile-first banking and the increased effectiveness of native browser protections. Critics argue that modern browsers now provide comparable anti-phishing benefits without the intrusive system footprint of legacy endpoint agents.
Sources:
http://* https://www.ibm.com/products/trusteer
https://en.wikipedia.org/wiki/Trusteer
http://* https://www.ibm.com/think/topics/behavioral-biometrics
http://* https://www.g2.com/products/ibm-ibm-trusteer-rapport/reviews
https://www.ibm.com/products/trusteer](https://www.ibm.com/products/trusteer
https://www.reddit.com/r/sysadmin/comments/idmcs4/if_you_are_a_bank_and_your_website_needs_a_secure/
Thanks for reading!
Loved this post and would love to learn more? Click below to subscribe.
