The Trusted Knight Solution

Designed to Protect

trusted knight is user friendly and works immediately

Trusted Knight Protector™ was designed to minimize any impact or disruption of users. Trusted Knight Protector™ is simple to install, does not degrade the performance of customer devices, does not adversely impact the stability of customer devices, and requires absolutely no user interaction. Trusted Knight Protector™ is installed as an application on customers’ Windows-based PCs to support all common browsers (Chrome, Firefox, IE, Opera, and Safari). There are no hardware or software requirements for PCs using Trusted Knight Protector™. Trusted Knight Protector™ fully defends against those crimeware attacks responsible for the overwhelming majority of financial losses. Trusted Knight Protector™ defends all common browsers against the latest crimeware attacks. Trusted Knight Protector™ even defeats the SMS-Proxy-in-the-Mobile attack that compromises mobile devices being used for out-of-band authentication of web-based financial transactions.

the trusted knight

design approach

Trusted Knight provides security software solutions focused on defeating crimeware attacks. Crimeware has become so sophisticated that
traditional detect-and-remove strategies of antivirus are no longer a viable approach. The staff at Trusted Knight recognized the inadequacies
in available security technology in addressing crimeware attacks and designed a new approach to defeat crimeware attacks. Instead of attempting
to detect or remove crimeware, the Trusted Knight team designed solutions that disable crimeware functions to eliminate crimeware’s ability to
collect information. Without that browser-entered data, the criminals are unable to perpetrate crime.

attacks prevented 

Using patented technology, Trusted Knight offers full feature protection against four common methods of key
stroke logging and browser manipulation.

hook (API) icon-img-4

These key loggers hook keyboard APIs inside a running application. The key logger registers for keystroke events, as if it was a normal piece of the application instead of crimeware. The key logger receives an event each time the user presses or releases a key. Windows APIs such as GetAsyncKeyState() and GetForegroundWindow() are used to poll the state of the keyboard or to subscribe to keyboard events. Trusted Knight works by establishing itself at a Ring 0 level and protects the browser by intercepting and unhooking these types of calls.

form grabbing icon-img-4

Form grabbing-based crimeware log web form submissions by recording the web browsing on submit events. These happen when the user interacts with the website to provide inputted data to the web server by clicking “OK,” “Submit” or a similar button. This records form data before it is passed over the Internet. Trusted Knight works by establishing itself at the Ring 0 level and engages active browser submission events and clears (beforenavigate), (onsubmit) and other common browser submission type calls. This leaves the form grabber recording empty data.

kernal & hypervisor icon-img-4

A program on the system gains elevated access and hides itself in the operating system, then starts intercepting keystrokes through the operating system kernel. This method is difficult both to establish and to counter. Such key loggers reside at the kernel level and are very difficult to detect, especially for user-mode applications that do not have elevated access. They are frequently implemented as rootkits that subvert the operating system kernel and gain unauthorized access to the hardware, making them very powerful. A key logger using this method can act as a keyboard device driver for example, and thus gain access to any information typed on the keyboard as it goes to the operating system. Trusted Knight works by establishing itself at the Ring 0 level in the operating systems API stack and bounces any malicious kernel level hooking from the chain. It also prevents cycle based interrupt attacks by providing encrypted data from driver based installations.

memory injection icon-img-4

Memory Injection (MitB)-based key loggers alter memory tables associated with the browser and other system functions to perform their data collection and manipulation. Altering the memory tables or injecting directly into memory are used by crimeware authors who are looking to bypass Windows UAC (User Account Control). Trusted Knight protects the browser by correcting the memory table alteration to eliminate memory based attacks. Correcting and maintaining the memory table also breaks other key functions of crimeware preventing advanced activity on the compromised system