Simon’s Backup Weblog

Two Factor Your Paypal

Posted in Uncategorized by Simon Bisson on February 9, 2007

Paypal is introducing another way of avoiding being phished: two factor authentication. For $5 you’ll get a keyfob that generates authentication codes that are valid for only 30 seconds at a time. You’ll need the code from your fob (once you’ve registered it) every time you make a transaction through Paypal.

You won’t be forced to get one (yet) – it’s an optional add on to your account.

That way, if someone phishes your code, they’ll only have 30 seconds to use it – and as most of the damage is the people who get sold your log-in, down the phising chain, that’s a good start. Though I suspect we’ll end up with multiple

It’s a similar process to RSA‘s SecureID tags, though according to my sources at RSA the PayPal tags aren’t using RSA’s technology. It’ll be very similar, after all, it’s all driven by the mathematics…

It’s also something geeky to hang off your key ring. Though I don’t really fancy the obvious future where we end up having to carry fobs for all our main ecommerce sites, and for our online banking…

I suspect they’re only available in the US at the moment, as I don’t seem to be able to buy one…


One Response to 'Two Factor Your Paypal'

Subscribe to comments with RSS or TrackBack to 'Two Factor Your Paypal'.

  1. megadog said,

    “…Though I don’t really fancy the obvious future where we end up having to carry fobs for all our main ecommerce sites, and for our online banking…”

    The obvious answer being the third-party trust-mediator. Who in return for a fee (to cover the cost of insuring themselves against claims of mal-use and to make a fair profit on the whole deal) let you authenticate to them and in turn will present valid authentication to third-parties.

    The logical extension of this being the emergence of private transactionally-authenticated securities [we already have the idea in Second Life’s Lindens] – I’d really like to also see the emergence of Microsoft Dollars (Bill’s Dollars not Dollar Bills?) and other free-market alternatives to State-backed transactional currencies. Who’ll be the first to offer off-planet financial transactions where the ‘value’ is stored on a satellite well beyond the reach of those troublesome nation-state tax-authorities?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: