Logins and passwords are normal practice to let a valid user identify themselves.
But there are times where this is not a strong enough security and two-factor security adds another layer, thereby making it much more difficult for anyone else to access your account.
Two factor security means that in addition to the password, another security code of some form is needed. In the case of PayPal, that second code is a pin number sent to your mobile phone.
For anyone to access your PayPal account they would need both your password and your mobile phone.
Two factor security is available on many online services and banks e.g. Facebook. Google, Apple etc. We’re using PayPal as an example.
How to Setup 2 Factor Security in PayPal
PayPal call this Security Key.
- Log into your PayPal account.
- If your mobile phone number has already been verified by PayPal then that step is complete, otherwise you will need to key in your mobile number and verify it for PayPal. This is done through the Account page off the Profile and Settings menu
- To activate PayPal Security Key go to Profile – Profile and Settings – Account Settings – Security and you can start the process.
Once completed, you will always need that phone when you want to access PayPal but you will be more secure.
Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.
The title of the email is “Important Update: Upgrade Your Browser”
The message starts with a warning in large letters.
Action required to continue accessing PayPal.co.uk.
This could easily be a scammer’s email trying to get you to click on a link supposedly to PayPal but in fact to a scammer’s page.
However, these warnings are real. The email is from PayPal and the links are to PayPal pages.
Why the warning?
There is a standard called “The Payment Card Industry Data Security Standard (PCI DSS)” and it is an information security standard for organizations that handle credit cards from the major card schemes.
They have upped their security requirements from 30th June 2018 and payment takers including PayPal want to meet that new standard.
The message from PayPal says upgrade your browser but you have to click to get more detailed information on what needs to be changed.
PayPal want to ensure everyone using PayPal in the UK uses TLS 1.1 or better still TLS 1.2 rather than the original TLS 1.0 in their browser. TLS is about how the data is encrypted.
How to Upgrade
This is different for each browser but for Chrome means going to Settings then System then Advanced then finding TLS on the list and ensuring only TLS 1.2 is enabled and TLS 1.0 is off.
The PayPal messages contain links for detailed information on each browser.
How to Check Your PayPal Email is Genuine
Scammers will notice these emails going out from PayPal and likely try to replicate them but with links to their own fake pages.
- Check the email is from PayPal.co.uk and not any other domain
- Check the links do go to PayPal pages (hover the cursor over the link to see where it will go)
- You don’t need to login to anything to make the changes as it’s just the browser settings you will change.
- Do I have to follow PayPal’s instructions? Only if you want to keep using PayPal payments.
Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.