![[image]](http://mowser.com/img?url=http%3A%2F%2Fwww.google.com%2Fimages%2Ficons%2Fui%2Fgprofile_button-16.png)
PayPal is planning to start blocking users to access its services if they have older versions of their browser that do not support anti-phishing features. This decision is part of the big strategy that the famous on-line payment system provider is pushing in order to protect users from phishing attacks that would compromise their account.
According to Sophos, PayPal and its owner eBay were the two most popular phishing targets in 2006 with the 75% of all the phishing e-mails sent.
At first PayPal tried to solve the problem by reimburse the victims for the amount they lost, but eventually this practice was far from be effective and so the company started to work with individual ISPs to create filters against phishing e-mail so they would not reach the users’ mailbox; these filters were based on digital signatures bundled into the PayPal genuine messages in order to prove that these messages were sent in fact from PayPal itself.
But since security plans are never enough, PayPal also started another strategy to protect their users: in order to educate them in the mater of self-protection, PayPal will start to block them if they still use older versions of their browsers and they will be notified that they are required to upgrade to the latest version if they want to continue use the service.
The browsers will be divided in three tiers:
For most people this blocking will not be a problem since those browser upgrades are free and usually delivered by automatic-update systems. At first there were concerning for Apple Safari since it does not includes either an anti-phishing feature and the support for “Extended Validation (EV) certificatesâ€, but Friday Paypal stated that it will not ban Safari 2.0 on Tiger until Apple ships the successor to Mac OS X 10.5.
Regarding this plan PayPal states: “In our view, letting users view the PayPal site on one of these [older] browsers is equal to a car manufacturer allowing drivers to buy one of their vehicles without seatbelts.”
PayPal has yet to specify a timetable for when it would switch-on this browser blocking system.
PayPal’s logo is copyrighted by PayPal.
Links
PayPal’s Home Page: http://www.paypal.com;
PayPal’s “Safer Web Browsers Overview” guide: https://www.paypal.com/cgi-bin/webscr?cmd=xpt/cps/securitycenter/general/SaferBrowsers-outside;
Edited on 21/04/08: I have updated this article to reflect the PayPal position on Apple Safari.
![[image]](http://mowser.com/img?url=http%3A%2F%2Fcdn.silicongadget.com%2Fwp-content%2Fplugins%2Fqr-code-tag%2Fdata%2Fqrct-9ff1134c6d5c1dde69d0b7ebbbaa7aed.png)
![[image]](http://mowser.com/img?url=https%3A%2F%2Fssl.gstatic.com%2Fimages%2Ficons%2Fgplus-32.png)
![[image]](http://mowser.com/img?url=http%3A%2F%2Fsc.msn.com%2F44%2FG%2CUCH%257BZBSS3%257BOS%257BSE469LG.gif)
