Tuesday, April 22, 2008

PayPal to block unsafe browsers

If you're a PayPal user still using an older browser without anti-phishing tools, you may want to consider upgrading soon. As you probably know, PayPal is one of the most frequently spoofed sites on the Web, and the company is prepared to block unsafe browsers soon as part of a large anti-phishing effort, according the BBC.

It appears there's still an "alarming" number of PayPal customers who use really old versions of Internet Explorer, so the company wants to ensure these users don't fall victim to scam emails that appear to come from the company. Michael Barrett, PayPal's chief information security officer, said that in order for a browser to be considered safe by PayPal, it must support Extended Validation (EV) certificates that turn the address bar green when the browser visits a legitimate site. Without this certificate, browsers like Safari could be blocked out and users will have to turn to newer versions of Firefox or IE to conduct PayPal transactions.

Safari didn't make PayPal's list of recommended browsers last month because it lacked a built-in anti-phishing filter and didn't support EV certificates—we'll see if PayPal's anti-phishing request will prompt Apple to take some action. The company hasn't said when it plans to launch this browser blocking initiative, but it did say it plans to warn users with older browsers at least once before blocking them out.

No comments: