15.8 C
London
Friday, August 18, 2017
Home Tags Anti-theft

Tag: anti-theft

"Stealing a smartphone is no longer worth the trouble."

When you can get a seriously full-featured, security-conscious password manager for free, what would entice you to pay? How about even more features, and no limits on existing features? LogMeOnce Password Management Suite Ultimate 5.2 pulls out all the stops, removing limits on the number of shares and beneficiaries, and adding advanced features that include anti-theft and an unusual selfie-based two-factor authentication system. A few quirks in its mobile editions are still being ironed out, but overall, it's a feature-packed password powerhouse.

At $39 per year, LogMeOnce Ultimate costs the same as Dashlane 4.0. Sticky Password goes for $29.99 per year, and LastPass for just $12. But this big, sprawling utility has a ton of features, including some I haven't seen in any competing product.

The free edition doesn't impose any limits on the number of saved passwords, or of synced devices. If you're interested in the product but not sure if you want to pay for it, go ahead and install the free edition, and familiarize yourself with its impressive capabilities. You can upgrade to Ultimate any time the free edition's limits begin to chafe.

Shared Features

The free LogMeOnce Password Management Suite Premium 5.2 is loaded with features, enough that it outperforms many competing products that aren't free. I'll summarize its capabilities here, or you can read my full review of the free edition for more details.

LogMeOnce runs strictly as a browser extension, so it's not limited to a specific platform. If your browser supports extensions, you can use it on Windows, macOS, or even Linux. There are also apps for Android and iOS.

Just about every password manager starts off by asking you to define a strong master password, something that you can remember but that nobody could guess. LogMeOnce now offers password-less authentication as its default. To set this up, you pair your smartphone or mobile device with your LogMeOnce account. Now when you log in on your desktop, you verify when prompted on the mobile device, using a PIN, a fingerprint, or what the company calls PhotoLogin.

Those who've upgraded to Ultimate get more information along with the request for PIN, fingerprint, or PhotoLogin. Swipe left to see the requester's email address, GPS location, IP address, and more, or swipe right to view the location on a map. If you get an unexpected login request, this data may help you figure out who's trolling you.

For PhotoLogin, LogMeOnce snaps a photo with the webcam and sends it to the device. You simply verify that the photo is what you expected. If the computer has no webcam, you can compare a visual one-time password that's sent along with the photo. It's also possible to use PhotoLogin on the mobile device itself, but this isn't quite as secure. It involves you verifying that you are seeing the photo you just snapped; it's a bit self-referential. When I mentioned this to the developers, they quickly modified on-device PhotoLogin to also require entering a PIN.

The free edition captures logins (which it calls applications) as you enter them, and offers to play back your saved credentials when you revisit the site. It also includes a catalog of almost 4,500 known websites. Choose one of these and you can be sure that LogMeOnce will handle it, even if it uses a non-standard login page. However, if you somehow manage to find an oddball login that's not in the catalog, you can't just capture all form fields the way you do with LastPass or Sticky Password Premium. Clicking the browser toolbar button displays all your saved websites. Clicking one of them navigates to the site and logs in.

The password generator defaults to creating 15-character passwords, using all character sets, which yields a very tough password. It also rates any password you type, estimating how long it would take to crack. By default, you must change your master password every three months, without re-using previous passwords. Those using Ultimate can change the password expiry time, in a range from one month to one year.

You can use Google Authenticator, or a workalike such as Duo Mobile or Twilio Authy, for two-factor authentication. Other options in the free edition include receiving a one-time passcode via email, SMS, or voice call. In an unusual move, LogMeOnce charges two credits for each SMS authentication and four credits for each voice call. Those using Ultimate get an allowance of 50 credits per month, with the option to purchase more, $10 for 1,000 credits. I'll cover the Ultimate edition's additional two-factor options below.

An interesting feature called Mugshot gives you a look at anyone who tries to log in on a lost or stolen phone. On any failed login attempt, it snaps photos with the front and rear cameras and sends them to your online dashboard, along with the device's GPS location and IP address. Using this information, you may be able to locate and recover the device. Upgrading to Ultimate gets you a more complete anti-theft system.

LogMeOnce stores personal, address, phone, and company data, for use in filling Web forms. You can save multiple instances of each data type. New since my last review, it also saves and fills credit card data. Like Dashlane, it helpfully displays the saved cards as images, using the color and bank name you specified. It doesn't have the flexibility of form-filling whiz RoboForm Everywhere 7, but it does the job.

Like LastPass and Dashlane, LogMeOnce can display a list of all your passwords, with a strength rating for each, and a flag for any duplicates. In addition, its report page offers several other views on your security, some of which aren't functional in the free edition. If you find you've got weak or duplicate passwords, just click the link next to each one to go change it. For many popular websites, LogMeOnce can even automate the password change process, something few competing products manage.

LogMeOnce includes the ability to securely share passwords with other users. You can choose whether the recipient gets to see the shared password, or just to use it for logging in. There's also an option to define a beneficiary who will receive either your whole account or a specific password in the event of your death. The free edition allows one whole-account beneficiary, five password beneficiaries, and five shared passwords. In the Ultimate edition, there are no such limits.

A productivity dock along the bottom of the screen displays a baker's dozen of live icons that expand when you mouse over them. You can use these icons to quickly reach important features like mugshot or security scorecard. That is, you can if you've paid for the product. Those using the free edition just get a reminder that the productivity dock is only for paid users.

Selfie Two-Factor Authentication

Upgrading to Ultimate unlocks several additional options for two-factor authentication, the most unusual of which is Selfie-2FA. It works like this. You log in to the browser extension, either with the default password-less authentication or a master password. LogMeOnce snaps a webcam photo and sends it to the mobile device you've specified for Selfie-2FA. If the received photo matches what you expected, you simply tap to authorize. MasterCard is exploring a similar type of selfie-based authentication.

What if you're using a desktop device with no webcam? In this case, LogMeOnce sends a generic image with a visual one-time password at the bottom. If the OTP on your mobile device matches the one on your browser, you simply tap to authorize. It's less tech-sexy than using a selfie, but it totally works.

My LogMeOnce contact pointed out that you can make it even harder for an attacker to beat this system by being unpredictable. Just keep changing which of your devices is the one authorized to respond to Selfie-2FA.

Those who've paid for the program can prepare a USB flash drive for use as a physical second authentication factor. There's also an option to add an X.509 Certificate as an authentication factor, but this is more logical in a business setting.

You can enable as many of the two-factor options as you wish, and log in using whichever is logical at the time. For example, if you logging in on a mobile device with no socket for your USB authentication key, you could opt to receive a code via SMS or email, or get a code from Google Authenticator. True Key by Intel Security also offers multiple authentication options, but goes further by letting you require more than just two of them for authentication.

Device Management and Anti-Theft

The free edition receives the GPS location of any failed login attempt, but the paid edition lets you check device location whenever you like. The Device Map page in the Security section displays the location of all your registered devices. Clicking on a device gets you more information, along with a button that remotely logs out of any active LogMeOnce session on the device.

The separate Device Management page lists all the devices you've configured for use with LogMeOnce. If you've lost or replaced a device, you can remove it from the list, thereby disconnecting it from your account. You can flip a switch to define whether each mobile device can accept password-less login requests.

When you select a device from the list, other actions become available. You can send a request to locate a mobile device. A Details tab displays a huge amount of information for iOS devices, quite a bit less for Android devices. However, for Android devices only, you can view a list of installed apps.

The Commands tab appears for both Android and iOS devices, but the available commands differ. You can remotely cause an Android smartphone to ring at top volume, handy in case you've simply misplaced it, and you can lock it remotely using the system lockscreen. You can even change the lockscreen password remotely before locking it down.

On both Android and iOS, you can send a message, perhaps something like, "I've seen your mugshot, phone thief, and I'm coming for you!" But don't get too excited about this feature. Unless you've enabled viewing notifications on the device's lockscreen, the only way a phone thief could read the message would be by logging in to LogMeOnce, which shouldn't be possible.

That brings me to the final command, available on iOS and Android, the Kill-Pill. This dramatically named feature simply wipes all personal LogMeOnce data. I sent the Kill-Pill command to my Apple iPad Air and watched as LogMeOnce reverted to the initial setup screen, with no sign of my email address or any other configuration data. Oddly, sending the same command to my Nexus 9 never worked; it timed out repeatedly in my testing. My company contact confirmed that while the feature works on most Android devices, it doesn't yet work on a Nexus 9. Gotta love Android fragmentation!

Using a trusted mobile device as part of the authentication process is becoming more and more common. Like LogMeOnce in password-less mode, oneID skips the master password in favor of device-based authentication. You can configure True Key to use other forms of authentication, including a trusted device, in place of a master password. But LogMeOnce is the only product I've seen that adds anti-theft features to protect the security of that trusted device. It's a smart move.

Enhanced Reporting

Even the free edition of LogMeOnce lists all your passwords ordered by strength, rates your total security status, and displays what it calls a hybrid identity score. If you've paid, you also get an overall password strength rating, with a breakdown of statistics such as the number of passwords of at least 15 characters, and the number that contain at least one of each character type.

The Live PasswordTracker chart is another paid-only feature. It takes two weeks to get a baseline for reporting, so I didn't see its full capabilities. For starters, it charts a solid line that's your overall password strength each day. If you're using the product correctly, that line should only go up. It also charts what the company calls a heartbeat line. Solid line segments represent days that you used LogMeOnce, dotted segments days that you did not. The line's height above the axis is based on the strength of the passwords you used on that day. The purpose of the chart is to encourage you in proper password hygiene, replacing weak passwords with strong ones and always relying on the password manager to keep track.

A Few Oddities

In testing the free edition, I glossed over the few little quirks I ran into, given the fantastic features that you get for free. Running into those same quirks—and a few new ones—in the paid edition, I'm slightly less forgiving.

LogMeOnce is a work in progress, in a good way. While working on this review, I confused the PhotoLogin feature with what was then called Photo-2FA. Overnight, the developers renamed it to Selfie-2FA, to avoid confusion. Because I mused about the possibility of an unauthorized person picking up a phone that was left unlocked, they changed the local-only PhotoLogin to also require PIN entry. This is an agile team, indeed.

On the other hand, I also ran into some oddities that aren't yet fixed. I couldn't make the Kill-Pill personal data erasure work on my Android device. To use Selfie-2FA from my all-in-one desktop PC, I had to crank the webcam brightness to the max, so high that Skype images appeared washed out. On an iPad, the iOS edition runs in the dated 2x mode, just a blown-up version of the iPhone edition. And even though a paid account should be ad-free, the "Go ad-free" link still appears, and I saw ads on some mobile screens. Pending updates for the Android and iOS apps should fix at least some of these oddities. Overall, though, this utility's breadth of features and its inclusion of innovative, security-focused features overshadows these few quirks.

Passwords Plus

LogMeOnce Password Management Suite Ultimate takes the vast feature set of the free LogMeOnce password manager and kicks it up to the next level. I haven't seen another product offering selfie-based two-factor authentication, or a built in anti-theft system. It lacks the ability to manage password for applications, but it checks just about every other box. On the flip side, you get almost all of these features in the free edition, and for some the vast array of features may prove off-putting.

LastPass Premium comes the closest to matching LogMeOnce's breadth of functionality, though with the latest edition LogMeOnce has taken a significant lead. For those who are more into simplicity and ease than a prodigious number of features, Dashlane 4 does everything you could want, with flair. LogMeOnce joins these two as an Editors' Choice for commercial password managers.

Back to top

PCMag may earn affiliate commissions from the shopping links included on this page. These commissions do not affect how we test, rate or review products. To find out more, read our complete terms of use.

Passwords are terrible. We all hate them.

But we're stuck with them until something better comes along.
Still, it seems like adding insult to injury when the first thing a password manager does is ask us to create and remember...a master password! The folks at LogMeOnce feel your pain.

As long as you have a smartphone or mobile device available, LogMeOnce Password Management Suite Premium is perfectly happy without a master password. Just be sure to keep that smartphone well secured.

This free password manager rivals LastPass in its broad feature set, and it outperforms most of its for-pay competitors.

Like LastPass, LogMeOnce is totally free, with no limit on the number of saved passwords or on the number of devices you use.

Certain advanced features aren't available in the free edition; gaining access to those requires that you purchase LogMeOnce Password Management Suite Ultimate. Other features have limits not found in the paid edition.
Still, this free password manager is more feature-rich than most of its paid competitors.

Speaking of those competitors, LogMeOnce has the ability to import passwords from LastPass 4.0, Dashlane, Roboform, and 19 others.
If you're looking to make a change, importing from your old password manager certainly makes it easy. LogMeOnce can also import passwords stored in Chrome, Firefox, and Internet Explorer. KeePass is the import king, with the ability to import password data from more than 40 competitors.

Password-Free Authentication

You begin the process of signing up for a LogMeOnce account by entering your first name, last name, and email address. You also choose a security question and answer. Here, as always, it's extremely important to pick something that nobody could figure out by Googling you or eyeing your social media. Rather than accept one of the predefined questions, add something that has meaning to you, and only you.

Now comes the big choice. You can choose to create a passwordless account, or one that uses a master password.

For testing, I started with the default passwordless account, and installed the necessary browser plugin.

The account creation wizard sent a text to my Apple iPhone 6 with a link to install the LogMeOnce app. Once I entered my email address in the app, the Web page displayed a QR code for pairing.

To finish off the process, I defined a six-digit PIN.

You can use LogMeOnce on any computer, but you do have to install the browser extension first. Once you've done that, LogMeOnce sends an authentication request to your smartphone (Android or iOS).
If the phone supports it, you can log in with a fingerprint.
If not, that six-digit PIN does the job.

Bear in mind that a hacker couldn't do anything with the PIN alone.

Authentication requires knowing the PIN and having possession of the smartphone.

Because LogMeOnce is totally browser-based, it's not limited to a specific platform.
It works just the same on Windows and macOS devices. You can even use it under Linux (something I haven't tried). And it's available in the app store for both Android and iOS devices.

PhotoLogin

There's also an unusual authentication option called PhotoLogin. When logging in on the smartphone itself, this feature simply snaps a photo of whatever is in front of the phone.
If the photo matches what you expected to see, you tap to log in.

Using this feature to authenticate your login from the browser-based version is a premium-only feature.
Indeed, when I tried, it simply showed a generic image, with the message "Upgrade to paid edition for actual data." However, when I tapped to accept, it still unlocked my account in the browser.

While PhotoLogin seems akin to facial recognition, it really isn't. You, the user, verify that the picture you are seeing is what you just snapped.
Someone who picks up your phone while it's not locked is equally free to verify the photo, and thereby get full access to your passwords.

The premium edition has additional protection and verification features for PhotoLogin and the related Selfie-2FA (two-factor authentication) feature.

If you're going to use this feature with the free LogMeOnce, you need to take some precautions.

Enable a strong PIN for the lockscreen, or better yet, fingerprint-based authentication.
Set your phone to always require the lockscreen.

And never set it down without turning it off.
If that seems too tough, you can always go back to using a master password.

It's worth mentioning that True Key by Intel Security can authenticate without your master password.
Indeed, if you've defined enough biometric and other authentication factors, you can reset a forgotten master password. You can't create an account with no master password, the way you can with LogMeOnce, but you can configure True Key to unlock based on factors other than the master password.

Adding Applications

LogMeOnce comes with numerous short videos explaining all its features. On viewing a few of these, you'll quickly realize that by "applications" this product means what other products might call accounts, passwords, or logins.

As with LastPass, Dashlane, RoboForm Everywhere 7, and most competing products, LogMeOnce notices when you log in to a secure site and offers to save your login credentials as an application. You can assign the new application to one of seven predefined groups at capture time.

Creating new groups is a premium-only feature.

Note, though, that there's another option for adding an application. LogMeOnce comes with a catalog of close to 4,500 known websites.
If a site is in the catalog, you know that LogMeOnce can handle it, even if it uses a non-standard login page. LastPass and Sticky Password Premium take a different approach to nonstandard logins, allowing the user to simply capture data from all fields.

When you add an app from the catalog, it prompts you to enter the corresponding username and password.

By default, new apps use Single Sign-On, meaning that LogMeOnce will log in automatically.

Turning this setting off means that login won't happen until you click.
If you choose to enable Single Log-Out, logging out of LogMeOnce also logs you out of the site.

For each application, you can accept the catalog image, use the website's own icon, or add a custom image.

If you revisit a site that's already in LogMeOnce, it offers to fill in your credentials, displaying a menu if you've saved more than one set. You also get ads on-screen here; the premium edition has no ads.

As with most competing products, you can click the browser toolbar button for a list of available logins. Just click one to go there and log in.
If you've saved a ton of sites, you can find the desired one quickly by typing in the search box.

Each letter you type narrows the list.

LogMeOnce stores passwords for websites only, not for other programs.

The only free password manager I've evaluated that handles passwords for programs is KeePass 2.34, which doesn't include the usual password capture and replay for websites.

Password Calculator and Password Policy

When you create a new account, you can use LogMeOnce's password calculator to generate a strong password.

By default, it creates 15-character passwords using all character types.

That's better than Symantec Norton Identity Safe, which defaults to 8 characters.

The default in Enpass Password Manager 5 is an impressive 18 characters, but KeePass tops that with 20 characters.

They call it a password calculator because it calculates the approximate time required to break whatever password you type into it.

For example, it estimates three hours to crack "Password," but 78 days to crack "Password!" with an exclamation mark.

As for its own generated passwords, well, don't try cracking those unless you have 157 billion years to spare.

The point of setting a password policy is to encourage good security habits.

By default, your master password expires every three months, and must be replaced with a new master password you've never used before. You can eliminate or soften the restriction on previously used passwords, allowing reuse after three or five other master passwords.

Those using the premium edition can change the expiry time to as short as one month or as long as one year. Of course, this applies only if you've added a master password to your LogMeOnce account.

By default, LogMeOnce requires that a master password consist of at least eight characters, containing uppercase letters, lowercase letters, and digits.
If do choose to use a master password, I suggest you make it a strong one, well beyond the minimum requirements.

Those using the premium edition can set a password policy for website passwords as well.

Two-Factor Bonanza

When you're using password-less authentication, you've already got a form of two-factor authentication. Nobody can log into your account unless they also possess your smartphone.

But if you're looking for additional security, LogMeOnce has a ton of options.

The two-factor authentication page implies that you must establish a master password to use two-factor protection, but I found that I could use multiple factors along with passwordless authentication. You can use Google Authenticator, or a Google Authenticator work-alike such as Duo Mobile or Twilio Authy, as a second factor. Making the connection is as simple as snapping a QR code with your mobile device.

Like True Key, Zoho Vault, and others, LogMeOnce can send a one-time password via text message, for a second authentication factor.
It can also send that one-time password as a voice call.

But unlike any other product I've seen, LogMeOnce charges you for the privilege of using voice or SMS authentication.
In the US, voice calls cost four credits and text messages cost two. You purchase credits in bundles of 1,000 for $10.

Additional two-factor options become available in the premium edition.

These include Selfie-2FA (photo-based security), authentication using a prepared USB drive, and (for geeks only) authentication using an X.509 certificate.
If you enable multiple two-factor options, your master password plus any one of the other factors unlocks the account.

While not precisely related to two-factor security, LogMeOnce's Mugshot feature also helps secure your account if someone else gets hold of your device. On a failed login attempt, this feature snaps photos with the front and rear cameras and transmits that information to your account, along with the device's location and IP address. Note that the premium edition includes a full-scale set of anti-theft features.

Identity Profiles

Filling passwords into login pages isn't much different from filling personal data into Web forms. Like many other password managers, LogMeOnce lets you define personal information profiles for Web form filling. You can even update personal data from your Facebook profile.

This utility's collection of personal data isn't as extensive as some, but it covers the basics, and you can create multiple instances of personal, address, phone, and company data. Personal data consists of first and last name, email address, birthday, and gender (just male or female, not the dozens of choices you get with Tinder).

And you can identify each phone number as cell, home, fax, work, or other.
I was pleased to see that the multiple phone entries correctly filled the matching fields, and that it filled an Age field by calculating from the profile's birthdate.

New since my last review, LogMeOnce now lets you save credit card details in its Secure Wallet.

Cleverly, it detects the card type based on the number you enter. Like Dashlane 4, it creates a card image using the background of your choice, with the cardholder name and issuing bank. When you click in a credit card field on a Web form, you choose from the clear visual representations of your cards.

Sharing and Inheritance

When you point the mouse at an app in LogMeOnce's Cloud Dashboard, you see icons for sharing, beneficiary, and automatic password change.
I'll discuss automatic password changing in a bit.

You can share any of your passwords with another LogMeOnce user, using the recipient's email address.

The free edition allows five shares; there's no limit in the premium edition.

As with LastPass and Dashlane, the recipient can use the login but can't see the password.
If you choose to make it an open share, the password is visible, but still can't be changed.

There's also an option to set an expiry date, but only in the premium edition.

Defining someone as the beneficiary is a different matter.

The beneficiary gets access to your data only after a specific waiting period, much like the similar feature in Dashlane. You can define one beneficiary for your entire account, and set a beneficiary for up to five specific apps.

A premium account can have unlimited beneficiaries.

There's also an option to require proof of death before LogMeOnce releases the data.

Password Reporting and Changing

When you start using a password manager, the first thing you do is get all of your existing passwords into the collection.
It's easy enough to let the password manager generate strong passwords for any new accounts you register.

But sooner or later, you really must go back and fix any weak or duplicate passwords.

The Security Scorecard page gives you an overview of your security status as well as what it calls a hybrid identity score.

The latter is based on a handful of specific criteria, among them whether you're using two-factor authentication and whether you've watched the training videos.

Clicking for details on master password strength or overall password strength triggers an invitation to upgrade.

Really, the most important part of this report is at the bottom, which lists all your passwords, from weakest to strongest, and also flags any duplicates. Like LastPass and Dashlane, LogMeOnce can automate the password change process for many common websites.

There's also a separate page that just lists the passwords that it can change automatically, with a big button to change them all.

Another page in the Reports section displays any data captured by the Mugshot feature.

This includes the front and back photos, the IP address, and the location at which the failed login took place. LogMeOnce also provides a list of activities, as well as what it calls productivity charts, different views of how you use the product.

Premium-Only Features

New since my last review, a colorful Productivity Dock across the bottom of the dashboard offers quick access to important features.

As you point to icons in the dock, they expand, much as on the macOS desktop.

And if you're using the free edition, the expanded icon displays a tooltip noting that you must upgrade to use the dock. You can access a similar collection of items in the Smart Menu connected to your account picture at top right, so you're not totally missing out. You can even turn off display of the non-functional dock.

The Devices tab under Security lists all your devices, and lets you delete a device that you no longer use.

A map across the bottom lets you locate a missing device…but only if you're a paid user.

For those who've put up the money, LogMeOnce offers a full set of anti-theft features, among them remote locate, lock, and wipe, the ability to display a message on the missing device, and an option to make it ring at top volume, in case you've simply mislaid it.

When you get a notification on your mobile device that someone wants to log in to your account, you had better hope that someone is you. Users of the premium edition get a ton of information along with the login request, things like the associated email address, date/time stamp, IP address, and even GPS coordinates.

Still a Knockout

Despite the word Premium in its name, LogMeOnce Password Management Suite Premium is completely free, and it outperforms many of its for-pay competitors. New features like PhotoLogin and Secure Wallet make it even more of a winner.

Granted, the wealth of features means there's a lot for a new user to learn, but a growing collection of training videos helps with that process.

Along with the free LastPass, LogMeOnce is a five-star Editors' Choice free password manager.

Back to top

PCMag may earn affiliate commissions from the shopping links included on this page.

These commissions do not affect how we test, rate or review products.

To find out more, read our complete terms of use.

Many security suite product lines form a simple progression, at least on the Windows platform. It goes like this: basic antivirus, entry-level suite, feature-rich mega-suite, and cross-platform multi-device suite. With ESET Multi-Device Security 10, you can install the antivirus or entry-level suite on Windows, but not the mega-suite. It also offers a choice of antivirus or suite on macOS devices. As for Android, you can install mobile security, parental control, or both. In fact, this suite shines under Android more than it does under Windows or macOS.

For $84.99 per year, you get six licenses to install ESET protection on your Windows, macOS, and Android devices. At the $99.99 per year level, you get 10 licenses. Kaspersky offers a bit less for $99.99, just five licenses. For $89.99 per year, Norton gives you 10 licenses plus 25GB of hosted online storage for your backups, and McAfee LiveSafe lets you protect all your devices, without limit. ESET's pricing fits right in with these products, and the fact that you get six licenses at the base subscription rate makes it a better deal than many. Also, the previous edition's requirement that one-half of your licenses go to Android devices has been lifted.

To start, you click a link in the activation email, which also contains your license key. In most cases, you'll start by installing ESET on a Windows device, but the download page offers you the choice of Windows, macOS, or Android. Additional installations require either the activation code or the username and password supplied along with the activation code. Unlike F-Secure, Symantec Norton Security Premium, Bitdefender, and others, ESET does not let you manage licenses using an online account. Rather, My ESET is the place to go for antitheft, Android parental control, and social media scanning.

Windows Protection

If you choose to download protection for Windows, ESET Multi-Device installs ESET Internet Security 10. This suite's antivirus gets good scores in our tests and in independent lab tests. It includes a Host Intrusion Prevention System, a secure browser, and a simple spam filter. The firewall's program control is old school, however, either doing very little or spewing popups. Furthermore, the parental control is limited, and it fared poorly in our antiphishing test. For full details, read my review of this suite.

ESET's mega-suite, ESET Smart Security Premium 10, adds a number of advanced features not found in the entry-level suite. These include a password manager based on Editors' Choice Sticky Password Premium, an encryption system that creates secure virtual drives or secure mobile storage, and an anti-theft system for Windows devices. Smart Security Premium also uses an unusual pricing model, with no multi-license bundles. But, once again, ESET Security Multi-Device does not let you access these premium features.

F-Secure, Bitdefender, Kaspersky, and most other cross-platform suites assume that you'll want a full security suite on Windows. ESET gives you the option to install ESET NOD32 Antivirus 10 rather than the full suite, if that's what you prefer. To do so, you download and install the product as usual, then enter the license key you received with the activation email.

ESET on Mac

On a Mac, ESET Multi-Device likewise gives you a choice. You can install the ESET Cyber Security (for Mac) antivirus, or the ESET Cyber Security Pro suite. Note that there's no protection offered for iOS devices.

The Mac antivirus scans for malware on demand, on access, and on schedule. It also scans incoming POP3 and IMAP email messages for dangerous attachments. On the chance that your Mac might act as a carrier for non-Mac malware, it scans for Windows and Linux threats as well.

To keep you safe online, the Mac product includes Banking Protection as well as protection against malicious and fraudulent websites. You can also invoke its social media scanner to check for potentially dangerous links.

This suite's firewall aims to block malicious network attacks, and to control network usage by apps. Firewall experts can block specific services, ports, and IP addresses, but ordinary users shouldn't meddle with such firewall rules.

ESET's Parental control on the Mac is similar to what it offers for Windows, which means it's fairly limited. For each child, you can configure it to block websites matching specific categories, or just accept the default blocking categories for your child's age. It also logs attempts to reach blocked websites. That's the extent of parental control.

Security for Android

ESET Mobile Security provides a full range of expected Android security features. To get started, just install it from the Google Play Store. As with the Windows product, the installer requires that you actively choose whether to block Potentially Unwanted Applications (PUAs). PUAs are not as risky as malware, and you may have even given permission for their installation, but they tend to do annoying things, like bombard you with ads.

The installer offers a free trial of the app's premium features. These include anti-theft, automatic updates, antiphishing, scheduled scanning, and more. Don't bother with the trial, as you already have a license for the premium edition.

Activating that license is a bit awkward. You can do it by typing the registration code from the activation email, but that code is 20 characters long. There's also an option to activate using your username and password. I tried typing the username and password from my ESET account online; it failed. As it turns out, what it wants here is the random username and password assigned to you in the activation email.

ESET's antivirus component scans for malware immediately after install. Real-time protection watches for active malware. You can set up a scheduled scan, or (and this is clever) set it to scan any time it's charging.

Anti-theft isn't enabled by default, because it requires that you change your Android settings to make ESET a Device Administrator. You also must link this installation to your online My ESET account. Uninstall Protection prevents a thief from just turning off ESET.

The Proactive Protection feature snaps a screenshot after a failed unlock attempt. After a specified number of failed attempts (two, by default) a countdown starts in the background (15 seconds, by default). If the countdown finishes before the correct code is entered, the device goes into lockdown, just as if you had locked it remotely. A Good Samaritan who found your lost device could click a contact button to see your email address.

By logging in to the My ESET online portal, you can manage anti-theft remotely. When you mark a device as missing, ESET locks the device and starts monitoring, periodically sending the device's location, and snapping photos using the camera. You can trigger a loud alarm to help find a nearby device. And if you lose all hope for recovery, tapping the Wipe button erases all of the device's data.

Bitdefender Mobile Security and Antivirus (for Android) offers a similar set of anti-theft tools, but adds one unusual item. Once you pair your device with an Android Wear watch, you get a warning if you walk away leaving the device behind.

The anti-phishing component only works with browsers that support its integration. Tapping its button displays a list of supported browsers on your device. On the Nexus 9 that I used for testing, only Chrome appeared in the list. Avast Mobile Security blocks malicious sites in a wide variety of browsers.

Security Audit is disabled by default; you should turn it on. It warns if you're connected to insecure Wi-Fi, and if you've enabled debug mode, or installation of apps from unknown sources.

More importantly, Security Audit checks all your apps and reports how many of them have specific potentially risky permissions: using paid services, tracking your location, reading identity information, accessing messages, and accessing contacts. For each category, you can tap to see a list of programs. On my clean test device, only Speedtest triggered a warning—it needs to know your location to pick the closest server.

After I installed ESET's own Parental Control, described below, it triggered all five Security Audit warnings. Of course, that makes perfect sense; parental control is a kind of invasion of privacy. Note that the similar auditing feature in Norton Security and Antivirus (for Android) takes the concept to the next level, offering warnings about iffy apps before you even download them.

All of my Android test devices are tablets. On an Android smartphone, more options become available. If a phone thief changes out the SIM card, ESET can send the new SIM card details to a trusted friend that you've specified. You can also enable the device to receive remote lock, locate, wipe, and siren commands through SMS.

On a smartphone, ESET's SMS and call filtering lets you control who can call and text you. You make the rules, for specific numbers, for masked numbers, or for numbers not in your contacts list. Rules can apply to calls, SMS messages, or MMS messages. You can also set each rule to apply during specific times or date ranges. I imagine you could use this to block calls during the night but allow calls from your most important contacts.

The similar feature in Avast logs the content of blocked text messages, but just dumps blocked calls to voicemail. Bitdefender's Android app does many things, but call and text blocking isn't among its features.

The Security Audit component adds a couple entries for a smartphone. Specifically, it checks to be sure that data roaming and call roaming are not active.

Norton, Bitdefender, and Avast are our Editors' Choice products in the Android security realm. However, ESET covers most of the same features; it's a good choice for Android protection.

Android Parental Control

ESET's Parental Control app for Android is completely separate from the basic Android security app. In fact, you must use one of your licenses to activate the parental control system. However, once you've done so you can install it on as many Android devices as you wish.

Parental control on Android is significantly more feature-rich than on Windows. See my review of ESET Parental Control (for Android) for full details. I'll summarize here.

The same app that enforces the rules on a child's device can be used to make the rules on a parent's device. In fact, you can log in to the parent app from your child's device, if necessary. You can also manage and monitor the system from the My ESET console.

ESET blocks access to websites in categories you've defined as inappropriate. You can optionally have it log access to such sites without blocking them. It handles secure (HTTPS) websites, so kids won't evade its reach using a secure anonymizing proxy.

The Application Guard feature blocks the use of inappropriate apps, naturally. For apps defined as Fun & Games, it imposes a daily limit, and also lets parents define a weekly schedule for when such apps are allowed.

From the parental control home page, you can see an overview of the child's website and app usage, as well as a location map, and can click on the overviews for detailed reports. A few features work only from the app. Parental Message is perhaps the most important of these. It lets parents send a text message that locks the device until the child responds. That will teach them to ignore you!

On its own, the ESET parental control app is impressive, provided that you only need to cover Android devices. It comes close to our Editors' Choice product for Android parental control, Norton Family Parental Control (for Android).

Uneven Security

ESET Multi-Device Security 10 lets you use a single license to install protection on your Windows, macOS, and Android devices, but it doesn't offer consistent protection across all platforms. Its Android support is the best of the lot, with a full-features antivirus and anti-theft component plus a parental control app that rivals the best. If you're an all-Android household, this could be a good choice.

On Windows, antivirus is ESET's best feature—other components like firewall and parental control don't come up to the same mark. In addition, Windows users don't get the premium features found in ESET's top-of-the-line suite. The Mac product does give you more than just antivirus, but it lacks many features found in the other platforms.

If you need top-notch security for your Windows, macOS, and Android devices, consider Symantec Norton Security Premium. You get 10 licenses for less than what ESET costs, along with 25GB of online backup storage. Don't want any limits? Your McAfee LiveSafe subscription is good for every device in your household, even iOS devices. These two are our Editors' Choice products for cross-platform multi-device security.

Back to top

PCMag may earn affiliate commissions from the shopping links included on this page. These commissions do not affect how we test, rate or review products. To find out more, read our complete terms of use.

F-Secure Safe (2017)

With the proliferation of devices and platforms these days, an old-fashioned local security suite just won't do the job. You need something that can protect all your devices, preferably with a central management console.

F-Secure Safe is such a servic...

ESET Smart Security Premium 10

With the latest updates, security suite maker ESET shook up its product line a bit. ESET Smart Security Premium 10 takes the top spot as ESET's security mega-suite, while the new ESET Internet Security 10 serves as the company's entry-level suite. Thi...
There are security suites that contain every feature you can think of, and then there are suites that contain way, way more components than you'd expect.

Bitdefender Total Security Multi-Device 2017 falls into the latter category; it's what I like t...
Only a handful of brands have as much weight in the security suite as Symantec's Norton.

The 2017 edition of Symantec Norton Security Deluxe continues a long tradition of top-notch security, as confirmed by independent labs and my own hands-on testing and evaluation.
Installed in Windows, it's a top-tier security suite, and Mac users also get a suite, not just an antivirus.

As for the Android edition, it's an Editors' Choice.
Support for iOS is pretty limited, but that's typical. Overall, the suite is excellent, but it's just shy of an Editors' Choice award. A $79.99 per year Norton subscription lets you install Norton's security products on up to five Windows, Android, macOS, or iOS devices. Webroot charges the same for five licenses, while Trend Micro lists for $89.95.

For about the same as Trend Micro's price, you can install McAfee's top-level security software on all the devices in your household. Oh, and for that rare individual who just has one device, Norton Security Standard protects a single PC or Mac for $59.99 per year. You'll find that all of these prices are frequently discounted, sometimes deeply. As with many cross-platform multi-device suites, Norton's online console is central to managing and installing protection. You start by creating your account and entering your license key.

At that point you can download and install Norton Security for your Windows system. You can also extend protection for up to four other devices.
I'll go into detail about protection on other platforms later in this review. Appearance-wise, there's not much change since last year.

The main window still features four panels devoted to Security, Identity, Performance, and More Norton.

Clicking a panel slides down the whole panel row, revealing additional icons related to the panel you clicked.

For example, when you click Security, you get icons for Scans, LiveUpdate, History, and Advanced. Most of the new developments are invisible. New Protection LayersKeeping up with the very latest malware innovations requires expertise, study, and analysis. Having researchers perform that analysis can take too long, so a couple of years ago Symantec launched an initiative focusing on machine learning.

According to my Symantec contact, the team "consists of 10 PhDs and two research Engineers from top schools, with combined 100+ years of experience in applied machine learning." That's quite a brain trust. Symantec has always taken a layered approach to system protection.

At the network level, Norton fends off attacks and blocks contact with malicious websites.
If a malicious file makes it onto your disk, the antivirus scan may wipe it out. Other factors such as file prevalence and behavior-based blocking come into play. The current product line adds several new layers to the protection mix. Proactive Exploit Protection actively prevents exploit techniques such as heap spray and ROP (Return Oriented Programming).

Threat Emulation handles malware that has been encrypted, packed, or obfuscated by running it in a controlled environment and evaluating it after it self-decrypts, much like Check Point ZoneAlarm Extreme Security 2017's similar feature.

And a predictive machine-learning algorithm aims to catch even the freshest and most innovative malware. These new layers aren't visible to the user (or even the expert).

But they help Norton keep malware out of your system. Shared AntivirusAfter a brief hiatus, Symantec again offers antivirus product, Symantec Norton AntiVirus Basic.

Feature-wise, the suite's antivirus protection is identical. However, where users of the standalone antivirus must rely on FAQs and forums for support, the suite adds a full range of tech support, and a Virus Protection Promise—if Symantec's tech support agents can't rid your system of pesky malware, the company will refund your money.

But as far as features go, the suite's antivirus protection is identical. Read my review for all the juicy antivirus details. Norton doesn't participate with all of the independent testing labs that I follow, but those that do include it give it high marks.
In the three-part test performed by AV-Test Institute, it got top marks for malware protection and low false positives, though it slipped in performance, taking 5 of 6 possible points.
Its total of 17 points is good, but Trend Micro Maximum Security, Bitdefender, and Kaspersky managed 18 of 18 possible points in the latest test.

There's nothing second-rate about a perfect AAA rating from Simon Edwards Labs, though.

And Norton is one of a very few products to pass two tests performed by MRG-Effitas.
Its aggregate lab score, 9.7 points out of a possible 10, beats all others except Kaspersky Total Security. Norton also did very well in my own hands-on tests.
Its detection rate of 97 percent and malware-blocking score of 9.7 are among the best, though Webroot did manage a perfect 10 points. When I tested Norton with 100 very recent malware-hosting URLs, it blocked 98 percent of the malware downloads.
In some cases, its Web-based protection kept the browser from even visiting the malicious URL, but mostly the Download Insight feature eliminated the malware payload. Only Avira Antivirus Pro 2016 has done better in recent tests, with 99 percent protection. I use Norton as a touchstone for measuring antiphishing success, reporting the difference between the tested product's protection rate and Norton's. Webroot, Bitdefender Internet Security 2017, and Kaspersky are the only recent products that have done better than Norton.

And of course it's significantly more accurate than the phishing protection built into Chrome, Firefox, and Internet Explorer. Other Shared FeaturesDespite the word Basic in its name, Norton's standalone antivirus offers a lot more than just the basics.
It doesn't include full firewall functionality, but in testing, its Intrusion Prevention component did an impressive job blocking exploit attacks, stopping them at the network level and identifying many of them by name. You'll also find a complete antispam component that filters POP3 email accounts and integrates with Microsoft Outlook. A Norton Insight scan lists all the files on your computer, along with the trust level for each, prevalence among Norton users, and impact on system resources.

The antivirus scanner uses Norton Insight results to avoid scanning known and trusted files.

The Norton Safe Web browser extension uses red, yellow, and green icons to flag safe, iffy, and dangerous links in search results. You can click through for a full report on just why a given site got the rating it did. The Symantec Norton Identity Safe password manager is free for anyone to use, but having it integrated with your Norton protection is convenient.
It handles all basic password manager functions and syncs across all your devices, though it lacks advanced features like two-factor authentication and secure password sharing. Several of the shared features aim to improve your system's performance. Using the startup manager, you can reversibly disable programs from launching at startup, or set them to launch after a delay.

The File Cleanup tool wipes temporary files that waste space.

There's even a disk defragger, in case you don't have Windows optimizing disk fragmentation in the background. See How We Test Security Software Intelligent FirewallAs noted, the standalone antivirus includes a powerful Intrusion Prevention tool, a feature more commonly associated with firewall protection. With the suite, you get a complete two-way firewall. The built-in Windows firewall completely handles the task of stealthing your PC's ports and preventing outside attack.

Any firewall that aims to replace the built-in needs to do at least as well. Norton passed my port-scan and other Web-based tests with flying colors. What you don't get with the Windows firewall is control over how programs access the Internet and network.

Don't worry; Norton won't bombard you with confusing queries about what ports and IP addresses a given program should be allowed to access.
It handles such matters internally, automatically assigning network permissions to the vast number of known and trusted programs in its online database. When Norton encounters an unknown program attempting Internet access, it cranks up the sensitivity of its behavior-based malware detection for that program, and keeps an eye on its connections.
If the program misbehaves, Norton cuts its connection and eliminates it.

This isn't quite the same as the journal and rollback technology that McAfee and Webroot SecureAnywhere Internet Security Complete apply to unknown programs, but it's effective. I always do my best to disable firewall protection using techniques that would be available to a malware coder. Norton doesn't expose any significant settings in the Registry, so that route is out.

Both of its processes resist termination.

And its single Windows service can't be stopped or disabled.
It's worth noting that this isn't always the case.
I completely disabled all processes and services for ThreatTrack Vipre Internet Security Pro 2016, for example.

And while the majority of McAfee's 14 processes and 13 services resisted attack, quite a few succumbed. Excellent Android ProtectionNorton's standalone antivirus is PC-specific. With the suite, you can cover your Mac, Android, and iOS devices as well.

Click More Norton in the program's main window, then click the Show Me How button to get started.
Sign in to your Norton account and enter the email address used on the device you want to protect. Unlike the similar feature in McAfee LiveSafe, you don't have to choose the platform.

Clicking the emailed link on the device automatically selects the proper download. On an Android device, you get Norton Security and Antivirus (for Android).

Along with Bitdefender Mobile Security and Antivirus, this product is an Editors' Choice for Android security. Please read our review of that product for a deep dive into its features.
I'll summarize here. Note that the Android app has gotten a significant user interface redesign since our review, and more new features are due in the coming weeks. Immediately after installation, the antivirus runs an update and a scan. You also must activate the app for Device Administration in order to make use of its anti-theft features, and give it Accessibility permission so it can scan apps on Google Play. Norton scans for malicious and risky apps, as expected. More interestingly, its App Advisor works inside Google Play, checking every app you tap and reporting the risk level.

Tap the small notification at the bottom to see details of App Advisor's findings. Norton's extensive set of anti-theft features can be triggered either by logging in to the Web console or by sending coded SMS commands. Naturally you can use it to locate, lock, or wipe the device, and the scream feature helps find a misplaced device at home. When you lock the device, it displays a contact message of your choice, so someone who finds your lost device can arrange to return it. The Sneak Peek feature lets you remotely (and silently) snap a photo of whoever is holding the device. When you lock a lost or stolen device, it automatically snaps a photo every 10 minutes, and reports its location every five minutes. You can also remotely back up your contacts before resorting to the Wipe command, which performs a factory reset. There's a link to install the free separate App Lock app, and another to install a trial of the Norton WiFi Privacy VPN (Virtual Private Network).
It offers call blocking on Android smartphones.

And you can extend protection to another device directly from within the Android app. Suite for macOSIt's fairly common for multi-platform suites to give macOS short shrift, but Norton doesn't follow that trend. Norton Security on a Mac is a full security suite, not just antivirus. My Norton contacts say that the definition file size is down by two thirds in the current edition, which means faster scans and lower memory usage. As expected, the antivirus component scans files on access, on demand, and on schedule.
It can also scan inside ZIP files.

The full-scale firewall blocks dangerous network connections and controls how programs access the network.

The related Vulnerability Protection feature blocks port scan attacks and attacks attempting to exploit system vulnerabilities. Norton's Safe Web website reputation monitor installs in Chrome, Firefox, and Safari, marking up search results and optionally blocking access to dangerous sites, just as with the Windows edition. Phishing protection is likewise parallel to what you get with Windows. The File Guard feature aims to protect your most important files from unauthorized modification. You can set it to guard up to 250 specific files.
It doesn't protect an entire folder the way Trend Micro's Folder Shield or Bitdefender's Data Shield do.

Files under guard can't be opened, moved, copied, or deleted. You can optionally let system processes like Finder and Spotlight manage guarded files.
If you want to manipulate or modify a file that's under guard, you simply enter your password in the popup notification. Find Your iOS Devices You may want to think twice about using up one of your five licenses to protect an iOS device, as the feature set on iOS is seriously limited. Norton does offer to back up your contacts, just as it does under Android. You can use the Web portal to locate your iOS device.

And you can trigger a loud alarm to help find a nearby device.
Is it under the sofa? Or in that scruffy guy's backpack? But that's the extend of anti-theft. You can't lock or wipe the device, and you certainly can't snap a sneak peek photo. The iOS version does offer one unusual feature.

As long as you're using a device with microphone and speakers, say, a laptop or another mobile device, you can make an Internet call to the lost or stolen device. Note, though, that this won't work if the device is locked with a PIN or passcode. That's the extent of mobile security on iOS devices. No Performance WorriesAround 10 years ago, Norton had a reputation for being a resource hog, offering security at the expense of performance.

The developers quashed that reputation by spiffing up the suite's performance, and they continue to work toward less and less performance impact. I check performance using three tests that measure boot time, the time to move and copy a ton of files between drives, and the time to zip and unzip that same collection of files.
I average the results of multiple tests with no suite installed, then install the suite and average another round of testing. Norton's results were outstanding, quite a bit better than last year's.

They were so outstanding that, just to be sure, I uninstalled the product and repeated the whole process.

The results were the same within a few percent. Norton had no measurable effect on the boot time test or zip/unzip test.

The file move and copy test took 16 percent longer with Norton watching over the test system, well below the current average of 24 percent.
It's pretty clear that you don't have to worry about Norton dragging down your system's performance. Overshadowed by PremierAntivirus protection in Norton Internet Security Deluxe is excellent, with very high marks in my hands-on tests and in independent lab tests.
Its phishing protection is so good that I use it as a touchstone for evaluating other products.

Add a self-sufficient, tough firewall and a straightforward antispam tool and you've got a fine suite for your Windows devices. Norton's Android security product is an Editors' Choice, and it offers more under macOS than many.

Granted, it doesn't do a lot on iOS devices, but they do tend to need less protection. The main reason this product isn't an Editors' Choice for cross-platform multi-device suite is that its big brother, Norton Internet Security Premier, is significantly better.

For just $10 more, Premier gets you twice as many licenses, plus some significant added features.
It's a seriously better deal, well worth an Editors' Choice. Our other top pick in this category, McAfee LiveSafe, doesn't offer quite the stellar protection that Norton does, but a single subscription lets you install protection on every device in your household. Sub-Ratings:Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.Firewall: Antivirus: Performance: Privacy: Parental Control: n/a Back to top PCMag may earn affiliate commissions from the shopping links included on this page.

These commissions do not affect how we test, rate or review products.

To find out more, read our complete terms of use.
Which kind of security suite you choose depends on what kinds of devices you need to protect.
If you're strictly a PC household, a traditional Windows-centric suite should do fine.

But if you use multiple platforms, you're better off with a cross-platform suite like Trend Micro Maximum Security.
It offers an impressive feature set on Windows and Android, but less so for macOS and iOS devices. For $89.95 per year you can install Trend Micro security on up to five PCs, Macs, smartphones, or tablets.

That's up from three licenses in the previous edition.
If five seems insufficient, you can pay $10 more for Trend Micro Premium Security, which gives you 10 licenses but is otherwise identical to the suite reviewed here.
Symantec Norton Security Premium's pricing is similar, except that besides adding five more licenses, the top-of-the-line suite includes 25GB of hosted online backup and a full premium license for Symantec's parental control system. During the installation process, you must create a Trend Micro account to activate the software.

From this account, you can download the appropriate software for the device you're currently using, or send an email with a download link for a different device.

The online console very clearly shows which devices you've protected and how many licenses remain. On a PC, the suite's main window is almost indistinguishable from that of Trend Micro's entry-level suite, or from the standalone antivirus.

A big round Scan button sits in the center, below a row of icons for Device, Privacy, Data, and Family. You'll find a couple of new items on the Data page, and the window that appears when you click Protect Another Device offers Windows, Mac, iOS, and Android.

Trend Micro's password manager is also included, but as a separate download. Shared AntivirusFor Windows systems, antivirus protection is the same throughout the Trend Micro product line. Read my review of Trend Micro Antivirus+ Security for a full discussion of Trend's antivirus technology. To counter the uptick in ransomware attacks, Trend Micro includes Folder Shield, a component that bans unauthorized programs from making changes in your Documents folder.

The company also maintains a ransomware hotline that's free for anybody who needs help. Trend Micro's scores from the independent testing labs are mixed.
It earned a perfect 18 points in the latest test by AV-Test Institute, as did Kaspersky and Bitdefender.
Simon Edwards Labs certified it at the AA level, the second-best of five certification levels. However, it failed one of two tests performed by MRG-Effitas (to be fair, many products fail these tests). Out of three tests by AV-Comparatives, Trend Micro took a just-passing Standard rating in one and a second-best Advanced rating in the other two.
Its aggregate lab test score, 8.7 of 10 possible points, is good, but Kaspersky Total Security and Norton managed 10.0 and 9.7 points respectively. In my hands-on malware blocking test, Trend Micro detected 97 percent of the samples and earned 9.7 of 10 possible points, exactly the same as Symantec Norton AntiVirus Basic.

But in a separate test that challenges each antivirus to block downloads from malware-hosting URLs, Norton exhibited a 98 percent protection rate, better than Trend Micro's 89 percent. Norton is my touchstone for antiphishing success.

Trend Micro's detection rate was just two percentage points below Norton's which is better than the vast majority of competitors. ZoneAlarm tied Norton, though.

And Webroot SecureAnywhere Internet Security Complete, Bitdefender, and Kaspersky all scored higher than Norton on this test. The antivirus boasts a wealth of bonus features.
It marks up links in search results and social media, identifying them as safe, iffy, or dangerous.

A firewall booster component works alongside Windows Firewall, with the particular aim of foiling botnets.

The antivirus even includes a full-blown spam filter.

And of course, all of these features are found in Trend Micro's suite products. See How We Test Security Software Shared Suite FeaturesOne step up from basic antivirus, Trend Micro Internet Security adds a number of security components, some more effective than others.
I'll briefly summarize here. You can read my review for more information. I wasn't impressed by the parental control system.
It keeps kids from accessing websites matching 32 content categories.
It does filter HTTPS sites, but I found some secure anonymizing proxy sites that weren't caught.

Connecting through such a site eliminates Trend Micro's ability to control and monitor access.

Trend Micro has the unusual ability to cover up naughty images in search results, but it's not completely effective. You can put a daily cap on Internet usage, set a weekly schedule for when kids are allowed online, and even schedule use of individual programs.

A simple report lets parents view which sites were blocked.

That's the extent of parental control.
Some competitors, Check Point ZoneAlarm Extreme Security 2017, Norton, and Kaspersky in particular, offer a much wider set of features. A security scanner checks your social media accounts (Facebook, Google+, LinkedIn, and Twitter) for settings that might be giving away too much personal data, and for insecure browser settings.

Data Theft Prevention blocks transmission of user-specified private data, though it doesn't work on HTTPS sites.
Secure Erase wipes out sensitive files beyond the possibility of forensic recovery.

And PC Health Checkup attempts to improve system performance by wiping out junk files.

Advanced optimization features include managing startup programs and finding space-wasting duplicate files.

That's it for shared features. Next I'll look at features only found in Trend Micro Maximum Security. Password ManagerTrend Micro Password Manager 3.7 costs $14.95 per year as a standalone product, but you get it for free as part of your Maximum Security subscription.
It's not outstanding as a password manager, but it does the job. My review goes into detail about just what this product does and doesn't do. To get the password manager on your devices, you go to the online portal and download it separately.
In a similar situation, McAfee's suite links to True Key by Intel Security. The password manager has the ability to import passwords that are insecurely stored in your browsers, remove them from the browsers, and turn off browser-based password capture. However, the only competitor it imports from is LastPass 4.0 Premium. As expected, the password manager captures credentials as you log in to secure sites, plays back saved credentials when you revisit a site, and lets you pick from a toolbar menu to both navigate to a saved site and log in. However, it doesn't handle non-standard logins. When you're signing up for a new account, you can use the password generator to gin up a strong, random password. Trend Micro does rate password strength, but it's too permissive.

Any password of eight characters or more containing all four character types is rated maximally strong.

Do you consider "1Monkey!" a super-strong password? Neither do I.

By the same token, if the Password Doctor analysis tool declares that one of your passwords is weak, that means that it most definitely needs to be changed. You have to make the change yourself; there's no automatic password updating like you get with LastPass and Dashlane 4. Like many password managers, Trend Micro lets you record personal information for use in filling Web forms.

This feature is limited to a single profile and just one instance of each field.
In testing, I thought it was broken, as it failed to fill in details at two huge online retailers. When I did get it to work, its form filling was spotty. Bonus features include a secure browser for financial transactions, a slightly odd keylogger-foiling utility, and the ability to sync passwords across Windows, macOS, iOS, and Android devices.
It's a decent password manager, just not an outstanding one. Cloud Storage ScannerAntivirus protection scans all of your local files, but these days your files may live in the cloud.
If you link the Cloud Storage Scanner with your OneDrive account, you can scan those files too.

The process happens totally in the cloud, so you just start it and walk away.

This year's edition adds support for Dropbox, and even includes the Dropbox-specific ability to scan new and changed files every 15 minutes. I gave this feature a whirl and got an interesting surprise—it found several dozen malware-infested files! Fortunately, they weren't active.

During another review I enabled storage of backups in my Dropbox, and some of my malware samples got backed up because they were in a folder on the desktop. During the scanning process, all of your PDFs, Office documents, and executables get sent (securely, of course) to a Trend Micro server for scanning.

According to the explanatory text, "Trend Micro deletes the temporary files after every scan to help preserve your privacy." It's probably fine, but those with an enhanced paranoia level may want to forego using this feature. Encrypted VaultKeeping your most sensitive files encrypted is just plain smart.

A malefactor who hacks into your computer remotely or steals your laptop still won't be able to get at those particular files.

Bitdefender Total Security 2016, Kaspersky, and McAfee LiveSafe are among the security suites that let you store files in an encrypted vault.

These three let you create multiple vaults for different purposes, but each vault's size is fixed at the time you create it. Trend Micro works a bit differently.

There's just one vault, but it doesn't have a predefined size. When it's open, it acts more or less like any other folder, with a few exceptions.

Dragging a file into the vault always moves it; you can't force a copy by right-dragging or holding down Ctrl.

Dragging a file out of the vault always copies it.

The only way you can copy a file into the vault is using the venerable keystroke combos Ctrl+C to copy it and Ctrl+V to paste it inot the vault. Why is that important? If you just move the file, it's as if you copied and then deleted it.

But that leaves the file subject to forensic recovery. You need to copy into the vault and then use Trend Micro's file shredder to securely delete the original.
I like the fact that when you transfer files into Kaspersky's vault, it offers to automatically delete the originals. On the plus side, Trend Micro lets you remotely seal the vault in the event your device is lost or stolen.
Sealing the vault forces a reboot, and when the device has restarted, the vault isn't even visible.
If you get the device back, you can remotely unseal the vault. Extensive Android Support Installing Trend Micro on an Android device gets you a well-rounded collection of security features.
It starts with the security scan, of course, but this scan does more than just look for malware.
It also identifies apps that pose a security risk for other reasons.

These include unreasonable permissions, code errors that could allow access by malware, and unsecured communications, among other things.

A scan runs automatically as soon as you've installed the app.
If it finds any issues, you'll see a notification prominently displayed at the top of the screen. Loss or theft of your Android device is actually more likely than getting hit with malware.

Trend Micro offers a full range of anti-theft features, managed through an online console.

There are a few settings you'll configure on the device itself. You can specify a message to be displayed after you remotely lock the device, and you can choose whether a remote wipe just clears your personal data or performs a full system wipe. From the online console, you can check the device's position, remotely lock it, or wipe all data. You can also trigger a loud alarm, handy if you've misplaced the device somewhere in your home.
If the battery is just about to die, the device sends a last-gasp position notification to the Web console, similar to the Signal Flare feature in Lookout Mobile Security Premium (for Android). The App Manager shows you how much storage each of your apps is using and offers a quick way to uninstall any of them if you're running low.

As on other platforms, Safe Surfing blocks malicious and fraudulent websites.

The handy Wi-Fi Checker warns when you've connected to an unsecured hotspot, and shows how to make your device stop connecting to it automatically. I installed Trend Micro on a Nexus 9 to see it in action.
Its security scan found two risky apps, so I removed them.

The System Tuner claimed that I should be able to use the device for 50 hours and 13 minutes on its current charge, which I found extremely optimistic.

From this screen you can put the device in Power Saver mode or set it to automatically go into that mode when the battery drops below a certain percentage.

The Smart Power Saver mode manipulates Wi-Fi and Bluetooth to minimize battery drain.

For example, it can stop the device from seeking a Wi-Fi connection after a certain time with no Wi-Fi discovered. The System Tuner also reports on how much of the device's memory is in use, along with a list of apps and their memory usage. You can shut down memory-hungry apps or click a button to optimize available memory. As with the Windows edition, you can scan social media for security risks. However, on Android this only works with Facebook.

Trend Micro can alert you to dangerous links in instant messages, but only if you use Line or WhatsApp. Parental control is available on Android, but it's not the same as under Windows. Parents can choose to block use of specific apps, if desired.

There's a content filter, but you can only choose an age range, Child, Preteen, or Teen.

That's about the extent of it.
It's nothing like ZoneAlarm's powerful parental control (licensed from Net Nanny), which has you create a child profile online and then apply that profile to any number of devices. Independent of the mobile security app, you can optionally install an Android edition of the password manager, and sync it with your other devices. Limited Mac Support You can use one of your licenses to install Trend Micro Antivirus on a Mac, but as the name suggests, this is antivirus protection, not a full security suite. On the bright side, like the Windows-based antivirus it includes more than just the basics. Trend Micro's ransomware protection applies to the Mac edition, along with the expected antivirus, antiphishing, and protection against Web-based threats. You get spam filtering, and it marks up search results and social media links to show you whether they're safe, iffy, or dangerous. As with the Windows version, a privacy scanner checks your social media settings to make sure you're not exposing too much private information.
It also checks settings in your browser, ensuring they're configured for maximum security.

Finally, unlike the Windows edition, Trend Micro's Mac antivirus includes a parental control system. You can also install a Mac edition of the password manager, syncing data with your other devices. Some Support for iOSGiven that licenses for this product are a finite resource, you may not want to use up one by installing protection on an iOS device.

Trend Micro Mobile Security doesn't offer many features on iOS, in large part because iOS is so thoroughly locked down.

There's no security scan, and the anti-theft features are limited to locating the device and sounding an alarm.

To get the benefits of Trend Micro's website reputation system, you must use the internal SafeSurfing browser.

There is an option to back up your contacts, but not other data. There are some features not found in the Android edition.

Trend Micro can track your Cellular, Roaming, and Wi-Fi data usage.

The social-network scan coves both Facebook and Twitter.

But that's about it.

Tapping More Tools takes you to a page where you can install the password manager. Tiny Performance Hit When I tested Trend Micro Internet Security for impact on performance, it exhibited almost none.

Trend Micro Maximum Security, with its additional features, displayed just slightly more of an impact, but it's still way lower than most competitors. To check for impact on boot time, I run a script that waits for ten seconds in a row with CPU usage no more than five percent, meaning the computer is ready for use.
Subtracting the start of the boot process, as reported by Windows, yields a measure of boot time.
I averaged multiple runs on a clean test system, then installed Trend Micro on that system and averaged another set of runs.

Boot time came in just 5 percent longer with the suite installed, well below the current average of 17 percent. In my file move and copy test, Trend Micro's presence caused the script to take 13 percent longer, which is also less than the average for current products.

And in the zip and unzip test, like the entry-level Trend Micro suite, it didn't cause any slowdown. While it's not quite as light on resources as Webroot, Trend Micro's performance impact just isn't something you need to worry about. Good, Not BestWith a subscription to Trend Micro Maximum Security, you can protect up to five devices—10 if you pony up an extra $10.
Its support for Windows and Android is comprehensive, but you get less on a Mac and still less on an iOS device. McAfee LiveSafe follows a similar pattern, offering its best protection on Windows and Android. However, for the same price as Trend Micro, McAfee lets you install protection on every device in your household.

That unlimited licensing is a big part of the reason McAfee is an Editors' Choice for cross-platform multi-device suite.
Symantec Norton Security Premium is our other Editors' Choice.
It includes top-notch password management and parental control.
Its Windows antivirus and Android security products are both Editors' Choice in their fields. Sub-Ratings:Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.Firewall: n/aAntivirus: Performance: Privacy: Parental Control: Back to top PCMag may earn affiliate commissions from the shopping links included on this page.

These commissions do not affect how we test, rate or review products.

To find out more, read our complete terms of use.
The true purpose of a security suite isn't to secure your computer.
It's to protect you, your privacy, and your data. With customer protection in mind, McAfee Internet Security (2017) installs on all of your devices. However, most of what it offers comes with McAfee's antivirus, and the additional suite-specific components don't add enough value, especially if you don't need antispam or parental control. At $79.99 per year, McAfee looks like it's right in line with the competition, price-wise.

Bitdefender and Kaspersky charge the same, within a nickel or so.

But look again. With a Bitdefender or Kaspersky subscription you can install protection on three PCs. McAfee is unlimited, and lets you protect every Windows, macOS, iOS, or Android device in your household. In fact, the Home screen in this product is a list of all the devices you've protected, along with a button that scours your network to find unprotected devices and bring them into the fold.

A panel at the top summarizes the status of your current device, and clicking Manage Security opens the local installation's main window. The main window looks, for the most part, like that of McAfee's antivirus.

Both have four squarish green-edged panels representing Virus and Spyware Protection, Web and Email Protection, McAfee Updates, and Your Subscription.

To the right of these, the antivirus displays smaller panels for Data Protection and for PC and Home Network Tools.

Those appear in this suite too, along with Parental Controls and the True Key password manager.
It should look reassuringly familiar to existing users. Shared Antivirus FeaturesAs is often the case, this suite's antivirus protection is precisely the same as that of the corresponding standalone antivirus, McAfee AntiVirus Plus.

That review goes into greater detail than the summary that follows. Lab Test Results ChartAntiphishing Results ChartMalware Blocking Results Chart McAfee's scores in independent lab tests are generally mediocre.
It received an A-level certification from Simon Edwards Labs, which sounds good until you realize that AA and AAA are even better. Of three tests by AV-Comparatives, it earned one passing grade and two grades a notch above passing.

The three-part test by AV-Test Institute maxes out at 18 points; McAfee got 16, and in particular scored only 4.5 of 6 points for protection.

Finally, in the banking Trojan test and all-types tests by MRG-Effitas, it simply failed. My lab test score aggregation algorithm yields 7.9 of 10 possible points for McAfee. Kaspersky took a perfect 10, while Norton and Bitdefender Internet Security 2017 came out at 9.7 and 9.3 respectively. This year's McAfee products use an entirely new antivirus detection method called Real Protect. Real Protect is focused on behavior, so as to catch even zero-day malware. Like Webroot SecureAnywhere Internet Security Plus, when it sees an unknown file behaving suspiciously, it starts journaling that file's actions and queries the cloud for advice.
If cloud-based analysis red-flags the file, McAfee rolls back all of its actions.

The new engine has been rolling out piecemeal over the last few months, so we can't know whether these tests included the new engine. Perhaps McAfee will score better going forward. In my own hands-on malware-blocking test, McAfee scored 9.2 of 10 possible points. However, among the samples it missed were two well-known ransomware threats.
I watched one of them as it busily encrypted documents on the test system, without a peep from McAfee about its behavior. Webroot scored a perfect 10 against this same malware collection. McAfee also protected against 85 percent of the 100 malware-hosting URLs I threw at it, mostly by diverting the browser from the dangerous URL.

The average score among current products is 75 percent, so McAfee is above average here. I score phishing protection by matching a product's detection rate against that of Symantec Norton Security Premium and of the protection built into Chrome, Firefox, and Internet Explorer. Last year, McAfee came very close to matching Norton's score.

This year it lagged 44 percentage points behind Norton.

Chrome and Internet Explorer beat out McAfee, as well.

Don't turn off your browser's phishing protection! Other Shared FeaturesThere's a lot more to the nominally standalone antivirus; hence "Plus" in the name.

For starters, it includes a firewall.
In testing, the firewall correctly stealthed all ports and fended off Web-based attacks. Rather than bombard the user with queries about network permissions, it handles program control internally. When I tested its ability to withstand direct attack, I found that I could terminate and disable more than half of its essential Windows services. The WebAdvisor component identifies dangerous downloads and steers the browser away from malicious or fraudulent sites.
In addition, it marks up search results with icons identifying safe, iffy, and dangerous links.

This edition adds protection for typosquatting, and it works. When I entered www.paypla.com it asked if perhaps I really wanted PayPal. Using the My Home Network feature, you can set up a trust relationship between any and all of the PCs on your network that have McAfee installed.
It doesn't even have to be the same version of McAfee. Once you've taken that step, you can use one PC to remotely monitor others, and even remotely fix configuration problems. Mac and mobile support is the same across all of the McAfee product line. Mac support is little more than antivirus, firewall, and WebAdvisor.

There's no antivirus under iOS, but you can do things like locate and wipe the device, back up contacts, and capture a photo of someone who found or stole your phone. On Android, you get a full-featured security utility with antivirus, app ratings, anti-theft, call and text filtering, and more.

And once again, there's no limit on how many devices you can add. Other shared bonus features include the QuickClean tune-up tool, a vulnerability scanner, and a secure deletion file shredder. You can also access a number of security-related online resources directly from the program. See How We Test Security Software True Key Password ManagerWith your McAfee subscription you also get a license for the True Key password manager. Read my review for a full description of this password manager and its unusual collection of authentication options. True Key's biggest claim to fame is its comprehensive multifactor authentication choices.
It does support the expected strong master password, but you have many other options. You can have it send an email each time you log in.

Clicking a link in the email allows login to proceed. More conveniently, you can associate a mobile device with True Key, and authenticate by swiping a notification. Even better, if you're using a device with a camera, you can authenticate using facial recognition, and if a finger print reader is available, you can add that, too.
If you worry that James Bond might spoof facial recognition with a photo of you, just enable enhanced facial recognition, which requires turning your head. Most password managers warn that if you lose your master password, you're hosed; you have to start over.

That's actually good, as it means that the company can't access your data even if subpoenaed.

True Key retains that same zero-knowledge benefit, but doesn't leave you in the lurch if you forget the password.

As long as you've enabled Advanced authentication, which requires a trusted device plus two other factors, you can authenticate using all the other factors and then reset your master password. True Key is a separate download, but getting it installed is easy.

After you run the installer, it adds itself as an extension to Chrome, Firefox, and Internet Explorer.

At this time, it can import passwords stored insecurely in the browsers.
It can also import from LastPass 4.0 Premium and Dashlane 4. As with most password managers, True Key captures credentials as you log in to secure sites and plays back saved credentials as needed.

The first time, it actively walks you through the process. You can also click on tiles for Google, Facebook, PayPal, and so on, entering your credentials directly.

Clicking the TrueKey toolbar icon doesn't bring up a menu the way it does with many other products. Rather, it displays the main True Key window, from which you can launch any of your saved sites. You can save personal details in the Wallet, but True Key doesn't use these to fill web forms.

The main reason to do this is that the Wallet items sync across all your devices.

The same is true of secure notes. Here's a rare feature.
If your PC has a forward-facing camera, you can configure it to unlock your Windows account using True Key's facial recognition.

True Key doesn't have advanced features like secure sharing, automatic password updates, or password inheritance, but it's far ahead of the pack when it comes to multi-factor authentication. Tepid Parental ControlsOne bonus you get by upgrading from McAfee's antivirus to this suite is a parental control system, but it's limited.

For each child's Windows account, you can choose content categories for blocking, set a schedule for Internet use, and view a report of activity for each child or all children.

That's the extent of it. The reviewer's guide for this product notes that parental controls may not work properly in a virtual machine.

That's unusual.
I made a point of testing on a physical system to give it a fair shake. To get started, you set a password, so the kids can't just turn off monitoring.

The configuration window lists all Windows user accounts and invites you to configure parental control for each one that belongs to a child.

As with previous versions, setting up parental control for a child's account that has Administrator privileges triggers a big warning.

And yet, many parents do give older children Administrator accounts, so as to avoid constantly having to jump and supply an admin password any time the child wants to install a new game. Most other parental control systems don't have this limitation. To configure the content filter, you first choose one of five age ranges.

Doing so pre-configures which of the 20 content categories should be blocked. Rather than the usual list with checkboxes, McAfee displays a list of blocked categories and another list of allowed categories, with arrow buttons to move items back and forth between the lists. I couldn't disable the content filter with the three-word network command that neutered parental control in Total Defense Unlimited Internet Security and Alvosecure Parental Control . However, I found quite a few truly raunchy sites that the content filter didn't block. McAfee replaces naughty content in the browser with a warning message that explains why the page was blocked.

For HTTPS sites, or in unsupported browsers, it displays that warning as a popup, leaving the browser to show an error message.

The kids won't get past it by using a secure anonymizing proxy. Note, though, that Check Point ZoneAlarm Extreme Security 2017 goes even further, with the ability to filter content even over an HTTPS connection. In addition to categories, McAfee offers to block sites with "inappropriate images or language" from appearing in child's search results.

A similar feature in Trend Micro Internet Security covered up many such images. However, I couldn't find a single instance where McAfee did anything to block erotic images in search. The time scheduler is as awkward as ever.
It does let you create a weekly grid-style schedule of Internet access, in half-hour increments. Most parental control systems that use a scheduling grid let you block out rectangles on the schedule by dragging.

For example, with one drag you could block from midnight to 6am every day of the week. McAfee's system forces you to drag on just one day at a time.

The grid is so tall that you can only select about seven hours at a time, and it doesn't auto-scroll when you hit the edge.

This feature could be so much easier to use! On the bright side, time-scheduling doesn't rely on the system clock, so the kids can't fool it. The simple parental report lists all domains blocked, along with their categories.
It also logs all attempts to use the Internet when the schedule doesn't allow it. And there you have it.

That's the totality of parental control in this suite.
It's limited, awkward, and not entirely effective.
If you actually need a suite that includes high-end parental control, look to ZoneAlarm, Kaspersky Internet Security, or Norton. Broad-Spectrum Spam FilterWith so many users getting spam filtered by the email provider, the value of local spam filtering is on the decline.

But if you're one of that diminishing group whose email provider doesn't offer spam filtering, a local filter can be essential. McAfee's spam filter integrates with Outlook, Windows Mail, and Windows Live Mail.
In these email clients, it adds a handy toolbar and automatically tosses spam messages in their own folder. You can still use it if you're a fan of Eudora or The Bat!, but you'll have to define a message rule to sift out the spam. McAfee filters spam from POP3 and Exchange email accounts.
It doesn't handle IMAP accounts in your email client the way ZoneAlarm does. However, in an unusual twist, it has the ability to filter webmail accounts directly. Webmail filtering was a pretty amazing feature when first introduced years ago, but these days it's hard to find a webmail provider that doesn't implement its own spam filtering. You can view messages filtered out by this feature right in the application and, if necessary, rescue any valid mail that was misfiled. There are quite a few options for configuring the spam filter.

To start, there are five levels of protection, from Minimal, which allows more spam but doesn't throw away valid mail, to Restricted, which blocks all messages unless the sender is on your Friends list.
I'd advise leaving it set to the default Balanced level. You can define custom spam filtering rules, but I can't imagine why any user would take the time to do this.

The Friends list identifies addresses or domains that should always reach the Inbox. You can manually edit this list, add friends from the email client toolbar, or add all your contacts to the Friends list.

There's also an option to automatically block messages written using character sets for languages you don't speak. Just to see how it works, I set up filtering for the Yahoo mail account I use in testing. When I filled in the address, McAfee automatically selected the correct mail server and port. However, after I entered my password and tried to add the account, McAfee reported that it was the wrong password. In fact, the password was correct, but Yahoo rejected the login and sent me an email warning about an attempt to connect by a "less-secure app." In order to let McAfee do its job, I had to dig into Yahoo settings and enable access by less-secure apps. If you do need spam filtering at the local level, McAfee can handle it. Where many products limit protection to POP3 accounts, McAfee can filter Exchange accounts and even pull spam from your webmail. Minor Performance HitDuring my extensive testing, I didn't get any feeing that McAfee was slowing me down.

That's not surprising; these days its uncommon for security suites to exhibit a noticeable performance impact. My hands-on test did reveal some actions that took longer with McAfee installed. Most of us don't reboot often—perhaps never except when an update requires it. My boot-time test showed just a 3 percent increase in the time from the start of boot until the system was ready for use, so if you do have to reboot, you'll hardly notice McAfee's presence. Performance Results Chart Given that the new Real Protect real-time antivirus scans files when they try to execute, not on just any file access, I expected minimal impact in my file move and copy test.

This test repeatedly times a script that moves and copies a mammoth collection of various-sized files between drives.
I was surprised to see a 44 percent increase in the time required for this test. On the bright side, another test that zips and unzips the same file collection didn't have any measurable impact. While there's some variation in the results of this test, a couple products come out on top. Webroot and Trend Micro exhibited almost no slowdown in the performance test. Stuck in the Middle With YouFor $20 per year more than McAfee's antivirus, McAfee Internet Security gives you innovative password management along with parental control and antispam features that you may not even need.

Everything else—firewall, remote management, support for macOS, iOS, and Android, and more—is present in the antivirus.

For another $10 you could upgrade to McAfee's top-of-the-line suite.

This suite remains stuck in the middle, with no compelling reason to buy it rather than one of McAfee's other products. Other than the cross-platform bonus, this suite is comparable to Bitdefender Internet Security 2016 and Kaspersky Internet Security.

These two suites earn fantastic scores from the independent testing labs, their components are capable across the board, and they offer a comparable smorgasbord of bonus features.

They're our Editors' Choice winners for entry-level security suite. Sub-Ratings:Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.Firewall: Antivirus: Performance: Privacy: Parental Control: Back to top PCMag may earn affiliate commissions from the shopping links included on this page.

These commissions do not affect how we test, rate or review products.

To find out more, read our complete terms of use.
University of Birmingham researchers published a paper highlighting the insecurity of remote keyless entry systems. A keyless car entry system used in Volkswagen vehicles for two decades can easily be hacked, according to a new report. Computer security experts at the University of Birmingham in England this week published a paper highlighting the insecurity of remote keyless entry systems. The feature—found in most VW Group vehicles manufactured since 1995—relies on a few global master keys.

A nearby hacker can simply eavesdrop on and clone the driver's key fob, and voila!—they gain unauthorized access to the car. "Our findings affect millions of vehicles worldwide and could explain unsolved insurance cases of theft from allegedly locked vehicles," the research team, led by computer scientist Flavio Garcia, said in a paper. Vulnerable vehicles include Audi, VW, Seat, and Škoda models sold over the past two decades; a VW spokesman, however, told Reuters the current Golf, Tiguan, Touran, and Passat models are safe from harm. "Volkswagen takes the security of our customers and their vehicles very seriously.
Volkswagen's electronic and mechanical security measures are continuously being improved," a company spokesman told PCMag. "The findings obtained will serve to further improve the security technology. ... While legitimate research on auto security is important and necessary, hacking into vehicles is a malicious, criminal act." Owners of affected vehicles should be wary of unlocking their car doors remotely. Using cheap, off-the-shelf equipment, the wireless hack can be executed from about 20 yards away. Leaving no physical traces, it poses "a severe threat in practice," the researchers said. Garcia and fellow University of Birmingham lecturer David Oswald are scheduled to present their paper today at the Usenix security conference in Austin. In 2013, Volkswagen thwarted an attempt by Garcia and his team to publish a paper detailing how certain anti-theft car immobilizers were vulnerable to hackers, Reuters reported.

The research was made public last year, after the authors agreed to pull certain details that explained how to carry out an attack. Garcia and a different set of researchers in November disclosed their latest findings to VW Group, Reuters said. Editor's Note: This story was updated at 11:55 a.m.

Eastern with comment from Volkswagen.
Retail security AI company Everseen reduces this loss by up to 90% Company reveals it is working with five out of the top 10 global retailers London/New York, 3rd August 2016 - Everseen, the retail security AI company, today announces that it has secured funding from MARCOL and other investors, to tackle the growing problem of product loss and shrink in the global retail industry.

Everseen uses advanced video analysis and artificial intelligence to reduce non-scans at the checkout by up to 90%, a problem that costs retailers $40bn a year globally according to the Centre for Retail Research.When goods are not scanned at the checkout, retailers’ supply chain systems do not see that a particular item has left the inventory.
It’s only when stock checks happen that this loss is discovered.

By then it’s too late to see where it occurred and retailers have mistakenly assumed this loss is through customers or staff stealing from the shelves. UK and US retailers alone invested $15bn in 2014 in measures to deter theft in-store (outside of the checkout) but some of this investment is misplaced. “Retailers are losing $40bn a year through shrinkage at the point of sale. Products non-scanned are not only impacting profits but also creating supply chain issues leading to out of stock products. Non-scans can be intentional or unintentional and are generated by customers, employees through operational errors and process non-compliance,” said Professor Joshua Bamfield from the independent research group, The Centre for Retail Research. “At the moment, retailers are almost certainly haemorrhaging revenue through their POS and are probably completely unaware of how it is happening, how they prevent it and the scale of the problem.” Everseen, which works with five of the top 10 global retailers, has proven that 95% of the issues at the checkout are non-scans.

The problem is more acute at self-scan checkouts with up to 10 times more non-scans when compared to manned checkouts.

The company estimates that 90% of all non-scans at the checkout can be identified by using its video analysis and artificial intelligence system approach.

By visually recognising such events using existing CCTV feeds and linking them to checkout transaction data, Everseen can identify precisely when, where and why the activity took place.

A video of the incident can then be shared with store staff in real time. Current measures to prevent non-scanning are rudimentary at best, with CCTV systems only being checked when suspicions are raised, which means the bulk of non-scanning activity is missed.

By some estimates only 5% of irregular activity at the checkout is captured through traditional point of sale analysis systems. “The majority of retailers simply don’t know where these losses are coming from.

Because of this they’re acting blind – trying to prevent losses but without any real direction.

By understanding how these losses are occurring, and how to prevent them, retailers can improve their profits by 5-15%,” said Alan O’Herlihy, Founder and Chief Executive, Everseen. “We’ve spent a number of years developing the technology and uncovering what is tantamount to the DNA of a non-scanning event. With growing interest from retailers across the globe, over the next few months we are looking to partner with leading IT companies to service our retail customers worldwide.

This investment and MARCOL’s resources and support in general will help us accelerate our global expansion.” “In today’s highly competitive world, profit margins in the retail industry are tight and shrinkage is a serious problem,” said Pii Ketvel, CEO MARCOL Capital Europe, who led the MARCOL investment. “For retailers, this solution can have an immediate, positive uplift on profitability. Our due diligence has shown that this solution has the potential to completely transform the market.

Everseen allows retailers to move more quickly to self-service check-outs by making the user experience better, whilst helping the retailers to reduce their losses.

By combining Everseen’s very impressive technology with MARCOL’s financial and other resources we’re giving Everseen the tools necessary to bring this remarkable technology to a global audience and to change the face of retailing.” - Ends - Notes to EditorsA video demonstrating Everseen’s system is available here: https://www.dropbox.com/s/6f4lakrxl0bxguv/video%20cut.mp4?dl=0 About EverseenEverseen, the retail security AI company, was founded in 2008 by Tech Entrepreneur Alan O’Herlihy.

Catalysed by leading Phd and research scientists at its R&D centre based in Timisoara, Romania, Everseen is an innovator in the retail technology space, using video as a sensor and artificial intelligence to develop its point of sale non-scan detection anti-theft solution.

Everseen is headquartered in Blackpool, Cork, Ireland and has sales offices situated in the US, UK and Spain.

Everseen has received significant investment from a high profile investor base which includes the Irish government body Enterprise Ireland and most recently MARCOL. For more information, see www.everseen.com About MARCOLMARCOL, formed in 1976 by partners Terence Cole and Mark Steinberg, is an international multibillion dollar investment business with interest in Finance, Health Care, Technology, Real Estate, Retail, and Hotels. MARCOL’s investment strategy includes both buy-outs and supporting existing businesses and their owners and managers in expanding their businesses. Whilst open to opportunities wherever they can be established, MARCOL focuses on sectors where it has proven expertise and track record, primarily in Europe and the US. MARCOL continuously seeks investment opportunities where growth potential can be sustained and enhanced by investment and active management. MARCOL also has considerable restructuring and work-out experience helping owners and their existing financiers to preserve and recover value. Employing a core team of over 100 investment professionals collaborating across its investment disciplines, MARCOL has offices in London, Luxembourg, Berlin and Paris. For more information, visit www.marcol.com About the Centre for Retail ResearchThe Centre for Retail Research provides authoritative and expert research and analysis of the retail and service sectors in Britain, Europe and globally.

The Centre, originally a higher-education research group, has been independent since 1997.
Its Director is Professor Joshua Bamfield. Their work is based on understanding retail and consumer trends, analysing the main drivers of retail change and making accurate forecasts. The Centre's research and views are quoted widely. Radio and TV stations include: the BBC's Today Programme, BBC 24, CNN, Sky News, Channel 4 News, ITV, BBC News, Sky and TV stations in The Netherlands, Czech Republic, and Germany. Our reports are carried by major newspapers including The Times, Financial Times, The Economist, Time Magazine, Daily Mail, The Sun, Frankfurter Allgemeine, The Financial Daily/ Financieele Dagblad (Amsterdam), Täglicher Marktbe (Germany), Expansion (Spain), The Irish Independent, Irish Post, the Times of India, Washington Times, and International Herald Tribune. For more information, visit www.retailresearch.org UK media contactsCCgroup for EverseenSuzannah Archibald /Alex SowdenT: +44 203 824 9200E: everseen@ccgrouppr.com