The Month: PayPal launches a Verisign One-Time Password Token

January 31, 2007

PayPal has introduced two-factor authentication, with the soft launch of a Verisign One-Time Password Token. The fob generates a one-time use password every 30 seconds, which can then be used to gain access to PayPal and eBay services in addition to a traditional username and password. The two brands are among the most regularly phished by scammers.

Owners of a business PayPal account will get the token for free, whilepersonal users will have to pay $5 (£2.50). The token willinitially be available in the US, Germany and Australia, with UK usershaving to wait to gauge the popularity of the device.

The UK banking sector has been mulling two-factor authentication forsome time, with trials being conducted by Barclays, LloydsTSB andAlliance & Leicester.

Also this month, Swedish bank Nordea is probably wishing it had adoptedsimilar technology, after a reported loss of around £576,000. Thetheft involved the haxdoor.ki Trojan. Victims mistakenly downloaded theTrojan after receiving a spoofed email from the bank encouraging them todownload anti-spam software.

prestitial ad