Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to  
PayPal offers a key to secure transactions
Published: 2007-06-18

Online payment service PayPal, a subsidiary of eBay, rolled out on Friday a second factor for authenticating users online -- a key fob that generates a pseudo random security code every 30 seconds.

Following a beta program launched at the RSA Security conference in February, the service is now available for both eBay and PayPal customers, the companies said in a statement. The security token, produced by security-services firm VeriSign, generates a pseudo-random six-digit number every 30 seconds that can be authenticated through VeriSign's Identity Protection service.

"The PayPal Security Key allows customers to take their privacy and security into their own hands to help protect their eBay and PayPal accounts against unauthorized access," Michael Barrett, chief information security officer at PayPal said in a statement announcing the offering.

PayPal, and its parent company eBay, generally top the list of brands targeted by phishing attacks. In November, a fan of the band Linkin Park allegedly hacked the PayPal and cell-phone accounts of lead singer Chester Bennington. Other security measures taken by PayPal, includes using both DomainKeys and SenderID to help the largest e-mail providers weed out phishing attacks. The company boasts that its fraud rate, 0.41 percent, is lower than the credit card industry.

Other banks and services have already adopted similar measures. Financial services firm E*Trade, for example, offers a SecurID key made by RSA to its banking and brokerage clients.

Customers can sign up for the service with PayPal and will have to pay a one-time fee for the security key, initially $5.

Posted by: Robert Lemos
    Digg this story   Add to  
Comments Mode:


Privacy Statement
Copyright 2009, SecurityFocus