Online payment giant PayPal said yesterday that they're going to block Web browsers they deem unsafe from accessing their Web site. At issue are browsers that don't have strong anti-phishing protection.
We are in the process of reimplementing controls which will first warn our customers when logging in to Paypal of those browsers that we consider unsafe. Later, we plan on blocking customers from accessing the site from the most unsafe browsers.
PayPal's supported browsers need to support blacklists, anti-fraud warning pages, and EV SSL certificates. Browsers without these anti-phishing features will be considered "unsafe" and will be blocked from accessing the popular finance Web site.
Apple's Safari browser will be deemed unsafe in its current incarnation because it lacks the anti-phishing features laid out by PayPal. PayPal warned Apple that their Web browser was unsafe last month.
Safari has almost 4 percent of the worldwide browser market whereas Firefox has almost 17 percent according to figures released for March 2008 by Net Applications. Phishing protection is enabled by default in FireFox 2 and Internet Explorer 7.
I sincerely hope that the Safari engineering team is working overtime to get it updated with the mandated anti-phishing tools.
<rant>And while we're at it guys, can we get some real WordPress support in Safari, please? Safari sucks with WordPress – the primary reason why I don't use it.</rant>
Do you use Safari as your primary browser? If PayPal dumps it what will you switch to?
Update: A developer version of Leopard, build 9A283, included an updated version of Safari with anti-phishing features built-in. The feature was reportedly dropped because Leopard was running late. Since some work has already been done on anti-phishing in Safari, it should only be a matter of time until it shows up. Probably the day after PayPal starts blocking Safari for reals.More screenshots of the dropped anti-phishing features are available on TUAW.