AVLab.pl Analysis of modules for protection of online banking and payments – 2026 edition

[Adrian Ścibor]

Hello community!​

We have prepared the 2026 banking test. In the test scenarios we developed, we checked technical compliance for detecting attacks based on the methodology.

Software we tested:

1. AVAST Premium + Bank Mode
2. BITEDEFENDER Total Security + Safe Pay
3. COMODO Internet Security Pro + Secure Shopping
4. ESET Home Security Premium + Safe Banking & Browsing
5. F-SECURE Total + Bank Mode
6. G DATA Internet Security + (not available)
7. KASPERSKY Plus + Safe Money
8. MICROSOFT Defender + (not available)
9. MKS_VIR Internet Security + Safe Browser
10. NORTON 360 (not available)
11. QUICK HEAL Total Security + Safe Banking
12. TREND MICRO Maximum Security + Pay Guard

The PDF report consists of the following chapters:​

• Why does online payments protection matter?
• Methodology
• Test scenarios overview (description and MITRE table)
• Basic information on tested security suites
  • Settings of the tested solutions
• Results
• Our conclusions from the test
  

The details are available here​

Analysis of modules for protection of online banking and payments – 2026 edition » AVLab Cybersecurity Foundation

Using solutions recommended by the AVLab Cybersecurity Foundation can significantly reduce the risk of a successful cyber attack.

avlab.pl

Please feel free to comment. I will try to answer any questions you may have

 

[Jonny Quest]

Again F-Secure, as was with the last test I've also found the general browsing protection to be very reliable as well.

 

[LinuxFan58]

@Adrian Ścibor are you allowed to publish the "harden" tweaks for others (users) to benefit of are they under some sort of non disclosure because malware writes could benefit from it?

 

[Adrian Ścibor]

@Adrian Ścibor are you allowed to publish the "harden" tweaks for others (users) to benefit of are they under some sort of non disclosure because malware writes could benefit from it?

Everything is transparent.

The changes that has been made in the test are described in the PDF as well + our doubts in the Conslusion section.

 

[Miravi]

Again F-Secure, as was with the last test I've also found the general browsing protection to be very reliable as well.

Very impressive results for F-Secure, indeed. ESET required hardening only to come close.

 

[ErzCrz]

Interesting test as always @Adrian Ścibor Just for info, Comodo's Secure Shopping is no longer being updated/supported. It does work on some systems but not all and not been updated for some time. Good to see it's still effective for those who can use it.

 

[simmerskool]

@Adrian Ścibor > left field question / comment: since I also have a Apple 2025 Mini with M4 chip, ChatGPT 5.2 tells me my most secure device for online banking is the Mini. Is that something you can comment on, and for banking test, any point in including macOS computer for that specific test in the future.

 

[annaegorov]

Very impressive results for F-Secure, indeed. ESET required hardening only to come close.

I thought you guys said they were slipping, and only the business end was still good? Maybe I misunderstood.

 

[Jonny Quest]

I thought you guys said they were slipping, and only the business end was still good? Maybe I misunderstood.

One area of testing (in default mode) does not a AV make, don't change or jump ship if you're happy with what you're using.

I've personally had very good success with F- Secure, it will stay on some of (not all) my devices, as it has been for about 3 years. But at times, I do get curious and buy or try something else

And just for another point of reference.
Thread 'F-Secure Internet Security v25.2' App Review - F-Secure Internet Security v25.2

 

[Antimalware18]

It also notes in the PDF that for Eset the firewall in interactive mode allowed the user to stop sending data to the attacker, for a home novice user this would most likely not be the setting, but for a user that does have knowledge and has the firewall in interactive mode would this count as a better test?

 

[Jonny Quest]

Which when looking at it more, including some of the changes made according to the PDF, is an average, novice user going to know as @Antimalware18 pointed out, to make the changes, and still maybe not get the fullest banking protection available?

From the main page, asterisk:

Test results reflect attack outcome, not malware classification.
Security suites were initially tested in their default configuration. If specific protections were disabled by default, they were enabled to evaluate the feature. When detection did not occur under default settings, alternative configurations were tried.

 

[simmerskool]

@Adrian Ścibor ps if you get a reply from vendor, eg, Eset about it clipboard swapping with its Safe Banking, please post it here or perhaps summarize it. fwiw chatGPT explained why clipboard swapping is not a threat in macOS (or that's what it presumes -- love to see you test it if possible)

 

[Adrian Ścibor]

Interesting test as always @Adrian Ścibor Just for info, Comodo's Secure Shopping is no longer being updated/supported. It does work on some systems but not all and not been updated for some time. Good to see it's still effective for those who can use it.

Comodo SS also has a problem with scaling fonts and pop-ups on a 4K screen in bank mode. But it's not just Comodo, it's Avast too, I think. This has been reported.

@Adrian Ścibor > left field question / comment: since I also have a Apple 2025 Mini with M4 chip, ChatGPT 5.2 tells me my most secure device for online banking is the Mini. Is that something you can comment on, and for banking test, any point in including macOS computer for that specific test in the future.

Mac Mini, like any Mac, is a secure system until you install a script/tool that runs in the background with admin privilages and pretends to be something else.

Pay attention to programs and scripts that are not from the Apple store.

It also notes in the PDF that for Eset the firewall in interactive mode allowed the user to stop sending data to the attacker, for a home novice user this would most likely not be the setting, but for a user that does have knowledge and has the firewall in interactive mode would this count as a better test?

This applies to many firewall programs, such as G Data and Norton. In the case of Eset and Kaspersky, you can use HIPS, not just a firewall.

In general, this may be a weak point of many AV programs with firewalls and their default settings. On the one hand, settings must be adjusted for thousands or millions of users, and on the other hand, at the expense of poorer protection.

 

[Khushal]

congrats to all winners:

• AVAST Premium + Bank Mode
• COMODO Internet Security Pro + Secure Shopping
• F-SECURE Total + Banking Protection
• KASPERSKY Plus + Safe Money
• MKS_VIR Internet Security + Safe Browser
• NORTON 360

 

[rifteyy]

Is ESET's Safe Banking & Browsing actually supported for Opera? There is a source from 2020 that says it isn't and it isn't mentioned anywhere on their website that it is supported.

https://forum.eset.com/topic/14888-opera-banking-protection/

Safe Banking & Browsing | ESET Internet Security 19

ESET Safe Banking & Browsing offers secure online transactions by launching supported browsers in a protected mode, ensuring financial data safety.

help.eset.com

 

[Divine_Barakah]

Is ESET's Safe Banking & Browsing actually supported for Opera? There is a source from 2020 that says it isn't and it isn't mentioned anywhere on their website that it is supported.

https://forum.eset.com/topic/14888-opera-banking-protection/

Safe Banking & Browsing | ESET Internet Security 19

ESET Safe Banking & Browsing offers secure online transactions by launching supported browsers in a protected mode, ensuring financial data safety.

help.eset.com

I believe the supported browsers are Chrome, Edge, Brave and Firefox.

 

[Adrian Ścibor]

Is ESET's Safe Banking & Browsing actually supported for Opera? There is a source from 2020 that says it isn't and it isn't mentioned anywhere on their website that it is supported.

https://forum.eset.com/topic/14888-opera-banking-protection/

Safe Banking & Browsing | ESET Internet Security 19

ESET Safe Banking & Browsing offers secure online transactions by launching supported browsers in a protected mode, ensuring financial data safety.

help.eset.com

Eset is tested in our other Advanced In-The-Wild Malware Test series on a regular basis, so we know that Opera with Chrome engine is supported.

 

[ForgottenSeer 114717]

Very impressive results for F-Secure, indeed.

In a different set of tests by another AV test lab, F-Secure can and had done very poorly.

When F-Secure did participate in MRG Effitas testing in the past it always did poorly.

Labs can easily design tests that will show default allow security software for what they really are, but then the vendors will freak out and cry "Foul! Unfair!! Unfair!!".

All testing is done in the interests of the vendor, and not the consumer. All testing and its results are marketing tools. There is the argument that test results inform the public about what they are getting for their money, but that is fundamentally not true. That "in the public interest" wording is merely strawman marketing.

To this day AMSTO members cannot agree on what is fair testing and not one bit of it covers robust protections against a small army of attackers. The standards are a joke - like a slightly out of date browser. In almost every lab test, there are vendors that object and complain ("challenge") about the results. Some will make such a fuss that the lab will not publish the results or the vendor itself will not allow the results to be published.

I thought you guys said they were slipping, and only the business end was still good? Maybe I misunderstood.

F-Secure and WithSecure share the same code base. Separate companies on paper, but in reality they're operationally still a single company.

Both switched to Avira SDK.

Both have terminated personnel and eliminated positions since the de-merger.

Both counted on things going better, but the de-merger benefits have not materialized.

F-Secure is 90+% reliant upon ISP and Channel Partner sales channels. WithSecure has very limited success in the enterprise and government markets.

One day, F-Secure and WithSecure will be brands probably owned by GenDigital or some other group. The only reason it has not happened yet is that both companies are dogs with fleas.

 

[Adrian Ścibor]

When F-Secure did participate in MRG Effitas testing in the past it always did poorly.

As far as I know, their test does not use banking modes.

 

[LinuxFan58]

As far as I know, their test does not use banking modes.

Wel yes and no, not a banking test but something they call a banking simulator test