January 16th, 2007 by ketyung
PayPal is one of the most widely accepted payment methods by online stores, eBay and for individuals to transfer cash. Due it to its popularity, it’s also one of those getting most phishing troubles! If you do not know what phishing means, here is a little explanation.
Phishing is by far the most common method used for online fraud. Phishing involves sending out legitimate-looking emails that seem to come from a trustworthy website or institution. Phishers normally would create a fake website, which looks like the homepage of a reputable company, e.g PayPal. Then they send out tons of emails to consumers to lure them to login to thier (PayPal) account, in order to capture thier login information for financial again. Phishing not only causes a big loss of to the consumers and also to the company!
In order to overcome the phishing problem, PayPal has come out with a hardware solution, i.e the PayPal Security Key. This security key generates a unique one-time-use key code every 30 seconds, which you use along with your username and regular password to log into your account.
This way, even if phishers get your login and password, they won’t be able to log into your paypal account without the frequently changing hardware-generated key.
Perhaps you would say phishers would have setup thier fake website to capture your hardware-generated key, but even so, they have only up to 30 seconds to use it. It’s unlikely that phishers can learn the key-gen algorithm, if so, you are really out of luck!
I guess the algorithm should work in this way, your hardware key generator is in sync with the key generator at PayPal’s server side, which is mapped to your account and this pair of keys are being generated every 30 seconds. Once you enter the key code during sign-in, it has to match up with the server-side-generated key code.
How much does it cost? There is a one-time non-refundable fee of $5.00. After that, there’s no monthly fee or recurring charge. PayPal users shall get one immediately (including myself!) as it adds extra level of security and protects you from phishers.
Technorati: PayPal,phishing,security,key,shop online,gadget
Leave a Reply