Let's Fix PayPal #1026
Comments
|
I'll go ahead and unlock this now. |
|
Note that Paypal France does not seem to support TFA: in the account preference, when choosing "security key" (Clé de sécurité), is says it is currently not available ("La clé de sécurité n'est pas disponible actuellement. Réessayez ultérieurement.") |
|
@gberche-orange Thanks for letting me know. According to a tweet from PayPal, they only support certain countries (see #1072). |
|
Paypal as an online payment processor and bank and ough to support 2FA internationally. We do need to keep the pressure up on them as they are getting too sloppy for their own good. |
|
At the German website of PayPal only SMS authentication is available so I contacted the support and asked when 2FA by App will be available.
Translated into English:
I asked when it will be available but received the answer that they can not tell me when it will be implemented. |
|
@OLLI-S pretty much every single business will give you such a vague answer. Unfortunately, that's nothing unusual. :( |
|
@mxxcon I know, they won't tell us any details so they can't be nailed when they have a delay. |
|
Just an fyi, as of PayPal's policy changes today, I'm now seeing software token as an option when configuring my U.S. account MFA. |
|
Will take a look at the German policy...
Josh Sleeper <[email protected]> schrieb am Do., 4. Apr. 2019, 15:00:
… Just an fyi, as of PayPal's policy changes today, I'm now seeing software
token as an option when configuring my U.S. account MFA.
This was *not* the case less than a week ago when I wrote their support
contact about being frustrated over the same issue, so it's a pretty recent
change.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#1026 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AXUYh3ZAL6r5C4AHzCrh039uG4Vn8ewdks5vdfdZgaJpZM4DypMi>
.
|
|
I logged in at Paypay.com/de and went to the account settings.
|
|
Exactly what I was going to say, @OLLI-S ... FINALLY we can have a Software Token/Authenticator App on Paypal! Even in Germany ... dances frantically. |
|
PayPal seems to be "fixed" as far as TOTP is concerned. |
Get ready for the longest description of an issue yet. There are currently about 14 issues/PRs related to PayPal. Let's face it, their 2FA is broken. It's inconsistent, it's not user-friendly, there aren't adequate docs, and there are many loopholes (but I will give them a chance to fix them first). Let's fix it!
Todo
(A bullet point means in progress.)
Key
A dash through a property indicates that it is not applicable.
A question mark next to a property means the status is unknown.
A bullet point means the status depends on certain conditions.
When applicable, a screenshot will be provided below or next to the property.
Status
Desktop
Account Page
Checkout
Mobile (Webapp)
Responsive Account Page
This is the new design. It is the same as the desktop account page (with the option to login with phone number and PIN added), and therefore inherits its login compatibility.
Responsive Checkout
This is the new design. It is the same as the desktop checkout, and therefore inherits its login compatibility.
Old Checkout (Typically used for donations.)
Physical Store
POS System (PIN Pad)
? Login
? SMS
? Software/Hardware
PayPal App Check In
This is inherited from the main PayPal app on whichever device you use.
iOS
Main App
PayPal Here App
API (PayPal in other apps)
Checking to see if this 2FA can be bypassed...
Android
Main App
PayPal Here App
Checking to see if this 2FA can be bypassed...
API (PayPal in other apps)
? Login
? SMS
? Software/Hardware
Checking to see if this 2FA can be bypassed...
Windows Phone
Main App
PayPal Here App
Windows 8/8.1/10
PayPal Here App
This is inherited from the Windows Phone PayPal Here App, as it is a universal app that works on all Windows platform devices.
Help
Don't help me just yet... When I am done, I will need some help with wording and finding more information.
The text was updated successfully, but these errors were encountered: