David Papp Blog

PayPal’s giant contribution to CyberSecurity

Six years ago, in an effort to protect their customers, PayPal came up with a brilliant idea that turned out to be an effective solution against fraudulent email senders and domain spoofers. The company enlisted the help of industry behemoths like Google, Apple, eBay, Microsoft, Yahoo, and others, and together, they created an open Internet method called the Domain-based Message Authentication, Reporting & Conformance specification, also known as DMARC.

DMARC’s goal is to put a stop to false emails sent by hackers claiming to be from companies such as PayPal and eBay. When the specification was published in 2012, PayPal had high hopes for it, but little did they know that it would go on to actually exceed their expectations. DMARC proved to be a massive success – the method drastically reduced the percentage of attacks after only a year. The great thing about DMARC is that any email service provider can make use of the specification to enable this type of protection for all of its users.

Because of its proven value, the security standard is now being used all across the industry, with recent additions that include Facebook, LinkedIn, Twitter, seven major U.S. financial institutions, and various international government agencies.

With DMARC gaining plenty of traction in the worldwide web, we are ushering in a world that will have much less fraudulent emails. It’s interesting to see giant companies like PayPal, Google, Apple, and Microsoft working together to come up with effective solutions that will benefit everyone in the long run. While hackers and other people with devious intentions constantly find ways to bypass security and exploit vulnerabilities, it’s collaborative efforts such as the one that gave birth to DMARC that give us all some hope. Hopefully the creation of DMARC will serve as a starting point, a blueprint for many future innovations that will help make the Internet a safer place.

29 thoughts on “PayPal’s giant contribution to CyberSecurity”

  1. I agree Paypal is really awesome with regards to security, especially if you’re a buyer with them. The only gripe I have with PP is how high their fees are, and I thought about switching to some other website but none has quite as good a security system as they do, I’ll admit

  2. I love PayPal for this, it was about time someone did something about those pesky phishing e-mails! I use PayPal for several transactions and I can honestly say I feel super safe with them. The only thing I don’t like is the fact that they take some cash from you when you try to link your bank account to them. They never gave me back the $2 they claimed they would. Now I’ll have to go thru the same process again…

  3. I’m surpried to read this as I receive these false emails about three times a week. Thankfully, PayPal have always been very proactive in warning people and always let you know how to tell the real deal from a fake. The buyer protection they offer is also superb. They do get a bad rap for their fees but on the whole, they provide a great service.

    • Wow, really? Are you sure there is nothing wrong with your computer? Maybe it got a virus or something. Receiving that kind of mails 3 times a week sounds like a little too much. Don’t you think? I receive none, but I have an excellent antivirus that helps me stay away from bad web sites.

      • Everything seems to be fine with my PC security. It might seem like I’m getting a lot right now but there was a point where they arrived daily, so there’s actually been a decrease!

        • More likely it’s that your email has been included in some kind of mailing list targeted by scammers, which really isn’t your doing. Some less than scrupulous site owner could have sold your email (along with others) to a black hat type fellow who then sells them again or spams them with scams like this.

  4. I still get the occasional scam email from people, but they don’t occur to often. It’s really cool to see some of the giants in the computing industry come together to work on something that makes us safer online. I wonder what we could have in the world if these companies did something like this on a regular basis.

    • Google’s spam filter actually gets better if enough people report these emails. If the spam filter itself can’t detect them on its own, Google will write an algorithm to help target them, but they can’t do anything if enough people don’t report them as spam. Paypal is making great strides in cutting them down, too, but email providers bear the brunt of the flood of spam.

  5. I find this information very reassuring. Security on the web does need to be a joint effort and this is especially true where money is changing hands.

    I have often wondered how secure Paypal is. I use it a lot and find it a brilliant way of receiving and paying out money.

  6. Yeah, it’s very secure. My PayPal is what I use for pretty much every e-transfer, and it works really well.
    I’m happy with it, though they could update their website – make it look better.

  7. DMARC is a really awesome idea. I am also very glad to see biggest companies working together to find a way to stop fraud and scams all over the internet. Not really a surprise that it worked, it was developed by the best professionals in the world today. Scam emails will never stop 100%, but I definitely get a lot less of them than years before.

  8. It’s great to see Paypal take some steps in the right direction. Still there is a need for them to resolve issues regarding buyer/seller protection and chargebacks, in particular with regards to Ebay.

    • Couldn’t agree more, the rules relating to eBay and chargebacks etc are completely buyer focused – even if the buyer is in the wrong. I do think sellers need a little more protection against lost income too.

  9. Great article. It’s nice to see Paypal getting its due praise. I’ve been using Paypal’s services for 5 years now and I haven’t encountered a single problem yet. Some people do encounter problems though, like their accounts getting frozen, but these are the minority.

  10. I have mixed feelings about Paypal. On the one hand it’s great that they take security so seriously. But on the other, I’ve had so many problems with their security being TOO overzealous and it’s caused real problems. But it IS pretty nice that they collaborated with the other giants to help make the internet a safer place. So I’ll give them a thumbs-up for that.

  11. PayPal is very secure and have been for a while. They just seem to get better and better as they offer new and innovative products to the masses. I constantly send and receive money through PayPal as well and have never have a problem. Big ups and much success in the future.

  12. PayPal is still the most secure way of doing online transactions. I’ve never had any issues, however I have to agree with the rest that their fees are rather high. But I guess everything has a price.

  13. PayPal certainly seems to be on top of the whole security thing. Off topic a bit, but I know they’re good at getting your money back when someone tries to run off with it. I’ve never gotten one of those fake PayPal emails either, so I guess their system is working pretty well.

  14. This is why working together is the solution to solving problems everywhere. Too often do companies wish to work out things alone, so that they may take all of the profits for themselves. Companies like PayPal who decided to work with others may not get all the credit for their achievements, but in the end these achievements are much more useful than if PayPal would have worked it solo.

  15. Great news, this will make paypal work more properly. It will also motivate other companies to practice the same method to reduce hacker exploits on their websites. The security of a website is essential and paypal has done a good job to keep it strong.

  16. Good job PayPal, I’m really glad they adressed this issue! They have one of the best security and the HQ’s that are in Luxembourg are the icing on the cake.
    It’s nice that all those companies are working togheter on this.

  17. This could turn the internet into a safer place. Internet security is very much needed for protection. Having those companies to come up with a better and safer security means a safer place for us too. I have been using PayPal and the site is indeed safe. Maximum security is needed because hackers nowadays are getting witty. And few years back, the history of Libterty Reserve came up to its end – i just hope that this would not happen again. A better security for a safer internet!

  18. Many people dislike PayPal because of their security measures that they take. I admire it, I feel a lot safer when PayPal asks for my name just to make sure my account wasnt hijacked and to verify that they’re speaking to the owner. PayPal made a great step into abolishing fake emails.

  19. Thanks to David Papp for this useful information about the internet and email security issues. Also we need to thank the inventors of the open internet method DMARC to secure online users. This will increase the online banking and email service providers and users security from the spam attackers.

  20. I’ve known of family members who have gotten emails from “Paypal” in the past claiming they had issues with account security and they didn’t even have paypal accounts! There were such a large volume of fraudulent emails being sent out particularly from people imitating Paypal and I can only hope that people weren’t scammed by them.

    I think it’s great that some of the world’s biggest tech companies have come together to solve the issue and it’s nice to see them work together for the better good. I’m glad that they’re prioritising security, there’s been so many issues with scams and hacking and it’s nice to see them take action against it.

    • Well this kind of happens because PayPal is popular. Most people today don’t bother checking when they get a email to see if everything is alright with the email itself, they just rush in and this is a problem. Glad to see PayPal are making contribution to CyberSecurity. Only a giant can kill the ants, right?

  21. That’s actually amazing, I am a PayPal user and I have been for years. I will also be a PayPal user because of the security it provides and the fact that it has such a good customer service, as well as security systems that are absolutely mind blowing. I sometimes think of PayPal as a really good way to save your money because you don’t often run into scammers and it’s pretty secure. I stand for PayPal and the fact that it stands for CyberSecurity, best of luck PayPal users!

  22. It’s an invention reminiscent of Volvo’s seatbelt patent, which they made an open patent for anyone to use, and continues to save lives to this day.

    Most of these emails are part of birdshot style attacks – they’re just diging up or buying lists of emails and firing shot in the dark phishing scams at the people on them. They get these lists from less reputable sites, and even those sites you would trust to keep that information private. The best way to stay safe is to keep a personal, extremely private email account for the important things (like Paypal, eBay, your job, et cetera) and a less important email for other things like Facebook and Twitter, and any other site you might enjoy perusing.

  23. PayPal has really and truly stepped up their security over the past few years. I feel very comfortable using their website knowing that my information is well encrypted and protected. I also do not get fooled by any false emails trying their hardest to impersonate them, because PayPal hugely changed the game in that respect. So interesting to see PayPal be such a major influential force when it comes to security. I mean who would have thought?

Comments are closed.