Simon Bisson (sbisson) wrote,
Simon Bisson

Two Factor Your Paypal

Paypal is introducing another way of avoiding being phished: two factor authentication. For $5 you'll get a keyfob that generates authentication codes that are valid for only 30 seconds at a time. You'll need the code from your fob (once you've registered it) every time you make a transaction through Paypal.

You won't be forced to get one (yet) - it's an optional add on to your account.

That way, if someone phishes your code, they'll only have 30 seconds to use it - and as most of the damage is the people who get sold your log-in, down the phising chain, that's a good start. Though I suspect we'll end up with multiple

It's a similar process to RSA's SecureID tags, though according to my sources at RSA the PayPal tags aren't using RSA's technology. It'll be very similar, after all, it's all driven by the mathematics...

It's also something geeky to hang off your key ring. Though I don't really fancy the obvious future where we end up having to carry fobs for all our main ecommerce sites, and for our online banking...

I suspect they're only available in the US at the moment, as I don't seem to be able to buy one...
Tags: encryption, paypal, security
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 1 comment