In response to my friend’s recent PayPal phishing adventure (see previous post), I decided to garner additional protection by upgrading my PayPal account to include their security key offering. This feature provides additional authentication to the usual login ID and password process. The security key offering consist of a six-digit generated number via your cell phone or key device. The idea is that your account shouldn’t be easily compromised since a thief would need physical access to the key. Unfortunately, I think PayPal also provides alternate methods of bypassing the need for the key.
This all leaves me with questions regarding the value of my PayPal account. I can only think of two transactions out of about 50 this year that made PayPal the only purchasing option. Would my financial transactions be just as protected if I simply provided my bank or credit card information to online sellers? If your PayPal information is compromised, does it really matter that your official bank and credit card information is still a secret to the thief, who still has your money?
PayPal has a short Phishing Challenge test designed to educate their members. I passed the test with flying colors, but somehow I’m not reassured that I could really recognize a true PayPal email from a good fake one. I do have to admit, however, that PayPal appears to be trying hard to both educate consumers and fight fraud with their numerous security tools. Their use of Iconix email ID, for example, identifies legitimate registered vendor emails. I’m just not really sure of the value or the possibility of install plugins or any other client software on all the computers that I might use for online shopping.
My next step is to set up mobile alerts with my bank to ensure I have a better handle on payments from my account. This might turn out to be too annoying given my habitual use of my credit card to support a Starbucks addiction. It’s unfortunate that the response to safe online transactions is to inundate us with more online transactional information. We all know that there’s a saturation point where it will be just too much information to process or just too much energy needed to safely buy online.
There will always be someone out there who’s bent on using their skills to do harm at our expense. All we can do is give to keep challenging them. Who knows perhaps these honed skills will be used for good some day.
