PayPal Warns of Unsafe Browsers
In an effort to thwart anti-phishing schemes and protect its customers from online fraud, PayPal outlined their security strategy in a paper (PDF) at last week’s RSA conference.
"It’s critical to not only warn users about unsafe browsers, but also to disallow older and insecure browsers," said Michael Barrett, PayPal’s chief information security officer, in the paper. "Letting users view the PayPal site on one of these browsers is equal to a car manufacturer allowing drivers to buy one of their vehicles without seatbelts."
The two features that Barrett said browsers must have to be considered safe by PayPal were an ability to block known or suspected phishing site, and support for Extended Validation (EV) certificates. EVs, which are given to companies only after more stringent background checks than the commonplace SSL (Secure Socket Layer) certificates, are supposed to reassure users that the online site is legitimate. Browsers that support EVs typically shade the address bar green as a signal that the site is safe. (Source: ComputerWorld)
Browsers with EV support include Internet Explorer 7, Firefox 3 (beta) and Opera 9.5. As a rule of thumb, you are better off with the latest version of abovementioned browsers. For iPhone fans, Apple’s Safari for Mac and Windows needs to play catch up so as to be endorsed by PayPal as well.