Back in early 2007, online payment service PayPal introduced the PayPal Security Key, a key fob similar to VPN keys that generates a new six-digit code every 30 second. The idea is that to access a PayPal account, users need not only the login information but also the current six-digit key, providing a two-factor authentication system that offers additional protection against fraudulent use and phishing schemes.
Now, PayPal is expanding the idea with the Security Key program by enabling users to receive temporary six-digit keys via SMS. The idea is that, prior to logging in to their PayPal accounts, users can request a six-digit security code via text message. Users then enter the codes to access their PayPal accounts. The codes are being provided by VeriSign’s Messaging and Mobile Media Division, which claims to be able to deliver messages to more than 2.4 billion wireless subscribers in 150 countries; for now, the PayPal SMS Security Key feature will be available in the U.S., Australia, Austria, Canada, and Germany.
“PayPal was built from the ground up with security in mind, and we’ve always been committed to using cutting-edge technology to protect our customers’ accounts,” said PayPal chief information security officer Michael Barrett, in a statement. “Now, we’re taking the additional protection provided by two-factor authentication and delivering it to something most people don’t leave home without—their mobile phones.”
Users must activate their mobile phones for use with PayPal’s SMS Security Key service.
