Mactropolis.com - Your Friendly Global Mac Community

That’s right.. If you haven’t noticed yet, PayPal has arrived for the iPhone!

If you haven’t used PayPal before, it’s a service that lets you send and receive money securely online. It is the payment method of choice on eBay… which is perhaps why eBay bought PayPal some time ago!

The PayPal app allows you to send money using your existing account. Punch in the amount, and the account you want to send it to, and PayPal does the rest. You can choose from 16 different currencies and login using your existing account PIN or password.

At any time if you wonder what your balance is, you can login to your PayPal account with this app and check your balance. Handy stuff.

The application is stunningly easy to use, and it’s free. So if you use PayPal a lot, this is a must have.

Screenshots:

Get it for FREE in the App Store: PayPal for iPhone
More Info: PayPal Mobile

Paypal have responded on the widespread rumors that PayPal would be banning certain browsers, including Apple’s Safari.

In a quote from the Wall Street Journal, PayPal Corporate Communications spokesman Michael Oldenburg commented:

“PayPal is developing features to block customers from logging into PayPal when using obsolete browsers on outdated or unsupported operating systems. An example of such a browser/OS combination might be, for example, Internet Explorer 4 running on Windows 98. In doing so, we better protect our customers from viewing a phishing site through their browser. We have absolutely no intention of blocking current versions of any browsers, including Apple’s Safari, from our website.”

With those strong words it looks like Safari will be safe from any ban.

Thanks to SidinKeyWest for sending this in.

[via 9to5mac]

Word has it that PayPal is seriously considering locking out older browsers in an attempt to curb phishing attacks. Paypal commented that a large number of people are still using Internet Explorer 3 and 4. These versions were released in 1996 and 1997… It’s hard to imagine many people are still using those dinosaurs, but what the heck do I know!?

A paper released during the RSA security conference in San Fran earlier this month noted:

“In our view, letting users view the PayPal site on one of these browsers is equal to a car manufacturer allowing drivers to buy one of their vehicles without seatbelts…”

With all this news of banning older browsers because of their lack of anti-phishing filters, Apple’s Safari could very well be next on the hit list. Not only is Safari missing anti-phishing filters, but it also does not support Extended Validation SSL Certificates issued to sites that have been tagged as legitimate.

You can bet your butt on it that Apple has their team working just that little bit extra on Safari over the past month or so to get things up to snuff. I’d be surprised if we do not see a major Safari update within the next month or two.

[via Macworld]

Yesterday, PayPal issued a warning of sorts in a MacWorld interview. According to Michael Barrett (PayPal’s chief security officer), Safari does not make PayPal’s list of recommended browsers because it is missing 2 important anti-phishing security features.

Barrett noted:

‘Apple, unfortunately, is lagging behind what they need to do, to protect their customers… Our recommendation at this point, to our customers, is use Internet Explorer 7 or 8 when it comes out, or Firefox 2 or Firefox 3, or indeed Opera.’

Points taken Mr. Barrett. However, on other sites around the web I’m hearing different. Lets take this snippet from Jeremiah Lee’s blog:

‘Michael Barrett, PayPal’s chief information security officer, said, “Safari has got nothing in terms of security support, only SSL (Secure Sockets Layer encryption), that’s it.” Indeed, Safari lacks anti-phishing blacklisting and support for extended validation (EV) certificates. Unfortunately for Mr Barrett, SSL is the only method mentioned for securing online transactions. Blacklists and EV certificates provide information to the visitor that the site is more likely to be what it claims. They don’t actually make the browser connection to the web server any more secure.’

Jermiah then goes on to say:

‘Phishing sites impersonate real sites in order to trick visitors into giving legitimate information. Attackers can then use this information to defraud the visitor. Phishing attacks are attacks on visitors, not technology. The solutions aren’t likely technical.’

I think I can sum this whole argument up by simply saying… It’s time for all of us to take responsibility for our actions on the net. It’s true, unfortunately there are a lot of criminals out there ‘phishing’ for your paypal/bank logins out there… Gleaning private login info and stealing hoards of $$$ from the innocent. That’s awful and it sucks… But if we can step-up our own accountability and responsibility on this issue… There will be fewer victims and we’ll all be in a better place.