PayPal has introduced a keychain device designed to protect customers from account theft.
The PayPal Security Key is a small key fob which automatically generates a new six-digit code approximately every 30 seconds.
When users log in to their PayPal accounts, they are asked to enter the code from the key fob.
The initiative is part of an effort by PayPal to thwart spyware and phishing attacks that attempt to use a stolen password to access a user's account.
When the Security Key technology is in place, an attacker can not access an account without knowing the current combination on the keychain. The device costs US$5 and the service is free.
"We think this key fob is a good idea, especially considering that PayPal is such a prime target for phishers," said security firm F-Secure.
PayPal and its parent company eBay are two of the most popular targets for phishing attacks.
PhishTank, an organisation dedicated to monitoring and tracking phishing operations around the world, has listed the two sites among its top three most popular targets for the past three months.
PhishTank logged 2,223 valid phishing operations in December 2006 that targeted PayPal and 1,020 that targeted Ebay. Attacks on the two sites comprised roughly 29 percent of all phishing operations recorded by PhishTank for December.
PayPal claims key victory against fraud
By Shaun Nichols on Jan 16, 2007 9:20AM