PayPal quietly announced last week its PayPal Security Key, introducing two-factor authentication (something you know and something you have) to PayPal and eBay. A key chain device very similar to the popular SecurID product used by many corporations to protect VPNs and email, it randomly generates a new number every 30 seconds that is required when you log into your account (here’s a demo). So even if someone manages to phish your PayPal or eBay user ID and password they should still be unable to log in and buy that Peyton Manning jersey that surely will be worth gold in just a few days.

Is it 100% safe? Nothing ever will be. TameBay points to an article by Bruce Schneier that talks about means to defraud a shopper despite two-factor authentication. But it is still a step in the right direction for both eBay and consumers. I have used two-factor authentication before and the peace of mind is definitely worth it (although it’s annoying to have to look for your keys before logging in). And it’s a significant advantage for eBay as a marketplace. Being able to tell consumers “we’re the safest shopping destination in the world” is pretty powerful.

No news on when PayPal will officially be launching the key (I tried to order mine but when I followed the “Getting Started” link it simply said that it’s not yet available) or how they’ll be driving wide adoption. It’s only $5.00 to purchase but it may be in eBay’s interest to ship these to their PowerSellers and most active buyers for free.

Share This