Security Strategy, Plan, Budget

Security tokens coming for eBay’s PayPal customers

Internet auction company eBay will offer its PayPal customers a key fob token over the next few months to enhance the security of the online payment service.

The two-factor authentication tool will generate a new one-time password, in the form of a six-digit number, whenever the user presses the button on the token. The PayPal customer will input the code each time they login to the site, as well as their existing password, enhancing the security for eBay customers, according to the auction firm.

"If a fraudulent party somehow got hold of a person's username and password, they still would not be able to get into the account because they do not have the six-digit code," a PayPal spokeswoman said.

"This is by no means a silver bullet that is going to stop fraud. It is just another layer of protection," she added.

The device, which uses VeriSign technology, will be free for eBay consumers with a business account, but will cost around £3 ($5.83) for personal PayPal account holders, the e-commerce company said.

After several months of testing the system, the token is now available to consumers in the United States, Germany and Australia. It is expected to be rolled out across the U.K. over the next few months.

"Of course it is not 100 percent foolproof, but it is still a large step forward for PayPal, which can offer their customers who use it a safer online experience," said Mike Davies, a marketing director at VeriSign.

Studies show that eBay and PayPal are the most targeted websites by phishers. This was confirmed earlier this month, when the Google blacklist of phishing sites, compiled by SPI Dynamics researcher Michael Sutton, found that almost half of all attacks of this kind targeted the two companies.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.