Paypal is considering using two-factor authentication in the UK to increase the willingness of first-time customers to use its website.
Dan Levy, senior director of risk management for PayPal Europe, said industry trends showed that customers had lost faith in e-commerce owing to the growing number of online fraud and phishing attacks.
"Internet-only businesses live and die by the trust a customer has in doing business with them," said Levy. "E-businesses that provide an extra level of security that makes customers 'feel' safe will encourage use, and in the long term, loyalty."
Levy said it was moving from passive "invisible" security measures, which includes scoring transactions to look for unusually large transactions and blocking spam, to active security ones such as EV certificates and picture-recognition authentication.
The company is exploring the use of using mobile phones and credit cards that generate random numbers to provide a second level of authentication, since these items are commonplace and illiminate the need for issuing tokens.
Gartner estimates that $913m in 2007 e-commerce will be lost because of security concerns among online shoppers. Another $1bn will be lost because of shoppers who refuse to shop online due to security concerns.
"While the word 'lost' may not be exactly the right word to use as one cannot lose something one never had, it is clear that increasing trust online will result in a corresponding increase in online spending," said Gene Alvarez, an analyst with Gartner.
The company already sells two-factor security tokens that generate random numbers in the US, Germany and Australia.