Paypal is considering usingtwo-factor authenticationin the UK to
increase the willingness of first-time customers to use its
website.
Dan Levy, senior director of risk management for PayPal Europe,
said industry trends showed that customers had lost faith in
e-commerce owing to the growing number of online fraud and phishing
attacks.
"Internet-only businesses live and die by the trust a customer
has in doing business with them," said Levy. "E-businesses that
provide an extra level of security that makes customers 'feel' safe
will encourage use, and in the long term, loyalty."
Levy said it was moving from passive "invisible" security
measures, which includes scoring transactions to look for unusually
large transactions and blocking spam, to active security ones such
as EV certificates and picture-recognition authentication.
The company is exploring the use of using mobile phones and
credit cards that generate random numbers to provide
a second level of authentication, since these items are
commonplace and illiminate the need for issuing tokens.
Gartner estimates that $913m in 2007 e-commerce will be lost
because of security concerns among online shoppers. Another $1bn
will be lost because of shoppers who refuse to shop online due to
security concerns.
"While the word 'lost' may not be exactly the right word to use
as one cannot lose something one never had, it is clear that
increasing trust online will result in a corresponding increase in
online spending," said Gene Alvarez, an analyst with Gartner.
The company already sells two-factor security tokens that
generate random numbers in the US, Germany and Australia.