token.
Using a token generator is much more safe than using traditionalpasswords, as they generate a time based one-time valid
token-number which is then used to sign a transaction.
Phishing of useraccounts and passwords might still be possible, but
of less use, as the token code is only valid for a short time, and
one-time only.
Compared to the token of my bank account, PayPals token is a little
bit smaller, and uses a button to activate itself other than
pulling the left side on the other token.
The number of digits is equal, but usually a secondary secret PIN
is used to complete the code.
For example you may need to enter: tokencode+PIN or PIN+tokencode,
or even PIN1+tokencode+PIN2(or a displayed session number)
Finally PayPal also delivers a nice laminated note with a top ten
of essential security behaviour rules, as well as a shart manual on
usage of the token, and helpdesk information.
All in one: I really appreciate PayPal going this direction, what a
great idea, I just hope lots of banks will follow PayPals example
on how security can be increased efficiently, as there is a big
demand for this on the customer side, but only a few banks or
transaction providers offering such a service.
Get your token now from PayPal’s special offer: “Der PayPal
Sicherheitsschlüssel.” (search on PayPal.com for offerings in
your language/country)