Just read the first few lines of that PDF and what I noticed already was this
The test was carried out to verify the protection effectiveness, which is provided by so‐called “secure browsers” against hackers attacks and data thefts, when making e‐payments and
browsing websites, which security is confirmed by the SSL certificates..
Eh, using a ssl certificate doesn't mean that security is confirmed.
Using a SSL/TLS certificate can help to secure thing, but things need to be setup and used properly.
Unfortunate it happens a lot when this is not the case.
Just to name some things Polonus and I see frequently are :
- Expired certificate(s) used.
- Chain issues
- Old protocols still used
- Server still vulnerable to poodle attack
etc.
Am I better protected against burglars when I put multiple locks on my front door?
Sure you are, but all those locks on the front door mean nothing if you leave the back door and windows open.
Would you be able to identify whether Pay Mode was activated for Test 5 and 6?
[QUOTE]Test 5: It was checked, whether malicious software can register
keystrokes on a keyboard, when logging into a bank website.
Test 6: It was checked, whether it’s possible to take
screenshots by a malicious software, when logging into a bank
website.
[/quote]