maybe what you heard is that many anti-virus suites, including some of the top brands, inject a digital certificate into secure connections, so they can scan the connection and verify that you are actually getting to the banking site you want.
There is some debate about this practice, because it can actually break the certificate chain. But at the present time, better with than without. It is an accepted practice in security software.