May 16, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« How Microsoft Views the Future of Security | Main | Stemming Cybercriminal Cash Flow »

April 18, 2008
PayPal to Ban Unsafe Browsers

In what I find is a very interesting decision (leave it to the financial sites to lead the way for cutting edge security), Paypal has announced that it will start banning unsafe browsers, saying that allowing customers to continue making online transaction with unsafe browsers "is equal to a car manufacturer allowing drivers to buy one of their vehicles without seat belts."

According to eWeek, Paypal, which is one of most often imitated sites in phishing attacks, is in the process of blacking any transaction using a Web browser that doesn't have anti-phishing protection.

PayPal, one of the brands most spoofed in phishing attacks, is working on a plan to block its users from making transactions from Web browsers that don't provide anti-phishing protection. PayPal, which is eBay owned, said that they will no longer support browsers that do not have blocking for identity theft-related Web sites or use EV SSL (Extended Validation Secure Sockets Layer) certificates.

In a white paper that details the five-pronged plan, PayPal specifically mentioned a specific group of customers who continue to use old and 'unsafe' browsers. "At PayPal, we are in the process of reimplementing controls which will first warn our customers when logging in to PayPal of those browsers that we consider unsafe. Later, we plan on blocking customers from accessing the site from the most unsafe—usually the oldest—browsers," he declared.

Among the 'unsafe' browsers mentioned were old and no-longer-supported versions of Internet Explorers, as well as Apple's Safari browers, which has no anti-phishing protection, and does not support EV SSL certificates. And while EV SSL certificate is not completely fail safe, PayPal believes it does offer a fairly easy and quick safe and unsafe site visual when surfing sites on the Web (and would likely be improved upon). In a separate announcement, both Firefox and Opera browsers have announced their intention to start supporting EV SSL.

Now let's hope PayPal doesn't start banning people that continually make tacky purchases on eBay. Which reminds me, I wonder how much that purple Elvis Lava Lamp is selling for now?

Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/3376

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
ebizQ Web 2.0 and the Enterprise
Your E-mail Address:
PepsiAmericas: Realizing Real-Time Communication
a refreshing approach to ESB and data integration
Date: May 28, 2008
Time: 13:00 PM ET
(17:00 GMT)
REGISTER TODAY!
Accelerate Agility and Lower Costs by Virtualizing and Governing Your SOA
Date: May 29, 2008
Time: 12:00 PM ET
(16:00 GMT)
REGISTER TODAY!
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map