April 18, 2008

PayPal to Ban Browsers without Anti-phishing Technology

This is another step in the right direction to make the web a safer place.....

Online payment service PayPal plans to block users from making transactions from Web browsers that don't provide anti-phishing protection.

http://www.eweek.com/c/a/Security/PayPal-Plans-to-Ban-Unsafe-Browsers/

http://news.bbc.co.uk/2/hi/technology/7354539.stm

In a white paper that outlines a five-pronged action plan aimed at slowing the phishing epidemic, PayPal Chief Information Security Officer Michael Barrett said there's a "significant set of [PayPal customers] who use very old and vulnerable browsers" and made it clear that any browser that falls into the "unsafe" category will be banned.
"In our view letting users view the PayPal site on [an unsafe] browser is equal to a car manufacturer allowing drivers to buy one of their vehicles without seatbelts."

So if you're a browser maker that doesn't provide any anti-phishing protection and doesn't support the use of EV (Extended Verification) SSL certificates, then you better get an update out soon!

Entry categories: Security
Posted by Jorgen Thelin at April 18, 2008 10:41 AM - [PermaLink]