Internet users in the UK now have the option of using VeriSign Identity Protection on their PayPal account as an extra layer of security to protect their online identity. VeriSign is enabling PayPal’s customers to log in to their accounts by receiving a one-time-password via text message (PayPal SMS Security Key) or by using a security token (PayPal Security Key).
Users of the ‘PayPal Security Key’ and ‘PayPal SMS Security Key’ can now access their online accounts in a secure manner through a VIP security credential that generates an OTP for every sign-on. During an online session, this password is entered into the user log-in interface along with the user’s usual account name and password. When PayPal verifies the OTP and matches it to the user, clients achieve strong — or two-factor — authentication.
PayPal’s support of strong authentication through SMS messaging means that consumers who want the protection online can use the device of their choice — the physical Security Key token or a mobile device for generating the OTP needed to access their accounts.
Consumers whose devices support SMS — and who subscribe to SMS services from their mobile providers — can receive PayPal OTPs without having to download any special software. In addition to the token and SMS functionality that PayPal has chosen to use, the VIP Authentication Service supports a wide range of authentication credentials, including stand-alone tokens, software tokens for mobile phones and credit card-size form factors.