eBay's PayPal to Thwart Phishing Scams with New Device

Subscribe to our 2 FREE Newsletters!

Web AuctionBytes

eBay Live 2008 Recap

News!

Pictures!

Podcasts!

Blog!

Sponsor

Home

Subscribe

Blog

Podcasts

Forums

AuctionBytes TV

ABU Back Issues

COOL TOOLS

Calendar

Collectors' Links

eBay Promo History

Bookshelf

Fraud Resources

Auction Site Fees

Auction Management

Payment Services

Storefronts Chart

Sniping Chart

Consignment Services

Drop-Off Store Laws

Ecommerce Resources

Photo Tips

Marketing Inserts

Bill the Postman

Yellow Pages

Classifieds

AUCTIONBYTES

Our Writers

Write For Us

Partners

Press

Advertising

About Us

Link To US

Auctionbytes-NewsFlash, Number 1449 - January 10, 2007 - ISSN 1539-5065 Previous Story | | Next Story

eBay's PayPal to Thwart Phishing Scams with New Device
By Ina Steiner
AuctionBytes.com
January 10, 2007

PayPal is beta testing a new tool to help keep user accounts secure. The PayPal Security Key is a small electronic device that account-holders may order from PayPal. The device, small enough to attach to a keychain, generates a unique six-digit security code about every 30 seconds. Users enter that code when they log in to their PayPal or eBay account with their regular user name and password. Because the numbers on the device change continually, the code used to sign in expires, providing a higher level of security.

The PayPal Security Key uses Verisign's two-factor authentication system (http://www.verisign.com/products-services/security-services/unified-authentication/index.html). The two companies have a history of working together. In 2005, PayPal acquired VeriSign's payment gateway business. At the time, the companies said the acquisition was part of a strategic alliance that called for the two companies to collaborate on payment services and security initiatives for ecommerce. Last year, PayPal and eBay signed support for VeriSign's Identity Protection program (VIP).

PayPal members who want to use the enhanced security feature must order online - once the feature is available - and pay a one-time non-refundable fee of $5. The fee is waived for PayPal Business accounts, and there is no recurring charge. A PayPal spokesperson could not say whether companies who allow multiple employees access to their accounts would be allowed to have multiple keys.

PayPal, its parent eBay, and other ecommerce and financial institutions are frequently the targets of scammers who try to trick users into revealing their user names and passwords. Phishing emails have been sent to PayPal as early as 2002, when AuctionBytes first wrote about the problem.

PayPal has not officially announced the new security system, though there is a link to a page describing the new feature on its Security portal page. PayPal has been beta testing the system with employees for the past month, and will begin testing the system with a small number of users in the U.S., Germany and Australia over the next month or so.

https://www.paypal.com/eBay/securitykey

Thread on OTWA discussion board where users have been discussing the new feature:
http://www.otwa.com/community/showthread.php?t=49196

Email this story to a friend.

Previous Story | | Next Story

Related Stories

Discuss this story in our forums.

	Ecommerce Podcasts


Site Index Copyright 1999-2008. Steiner Associates LLC. All rights reserved