Why can't I order PayPal's security key?

Why can't I order PayPal's security key?

Summary: eBay’s PayPal unit has started shipping a $5.00 keyring-sized device that generates a unique security code for user accounts every 30 seconds.

SHARE:
TOPICS: Security
1
eBay's PayPal unit has started shipping a $5.00 keyring-sized device called PayPal Security Key that generates a unique security code for user accounts every 30 seconds.

It's an excellent anti-phishing giveaway from PayPal (the $5.00 even covers shipping and handling charges) that puts another hurdle between identity thieves and PayPal users that are constantly bombarded with fake e-mails attempting to hijack login credentials.

(See coverage at SecurityFix, Slashgear and Gizmodo).

For some strange reason, I can't order the gadget. Here's the roadblock:

For security reasons, we can only ship the Security Key to an address associated with your PayPal account. Please add an address to your account. We cannot ship to a P.O. box.

I immediately checked into my profile page and found that my full snail-mail address is there with the status as "home".

Anyone else having this issue?

[UPDATE: February 14, 2007] PayPal contacted me to confirm this was was a bug at their end. It's now fixed and I was able to send through my order.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • Good and cheap security measure

    OTP devices COMBINED with login personalization (*) is one of the best solutions for anti-phishing, anti-keyloggers, anti-ALL.

    One Time Passwords devices like these ones ALONE are not enough, as demonstrated with the Citibank Man-in-The-Middle attack of mid-2006 (RSA SecurId devices were not enough). Why?

    Lots of users can NOT distinguish between fake URL's / websites from legitimate URL's websites. You can, but they CAN NOT.

    (*) Image or custom-questions personalization (like Vanguard, Bank of America or even Yahoo!) is a more NATURAL way for those users to recognize legitimate website.

    Padlocks, https and certificate visualization in current vulnerable browsers are a set of the worst security inventions in the cyberworld. They were designed for hitech users, not the profile of millions and millions of less knowledgeable people.

    Good step for PayPal. I can't request it right now (overload or bug) but I assume it is temporary.
    jbarreto2007