PayPal Security and OpenID Integration

A few days ago I was pondering the notion of using this fancy PayPal Security key in the OpenID world. David left a great comment pointing that this can already be done with VeriSign Labs.

Check out VeriSign Labs Personal Identity Provider (beta) site, this is some pretty cool stuff:

VeriSign’s Personal Identity Provider (PIP) is an identity hub that allows you to manage all aspects of your identity online. The PIP uses OpenID to allow secure interactions online The PIP provides many choices of authentication types. To best protect your vital information, the PIP supports the highest grade of SSL encryption available today, as well as strong second factor tokens and SMS one time passwords.

VeriSign Labs That last sentence caught my eye: Not only will this work with a PayPal Security, but also some SMS one-time action as well. Something to check out later…

Getting your account rolling is simple and free. Once the new account is created, log back in and visit the “My Account” page. Towards the bottom look under the “Strong Authentication” section for “VIP Credential.”

That “Get a Credential” link takes you right to the PayPal security key page to get a key if you don’t have one yet.

The Manage Credential button is the one you want if you already have your key. Just enter the code off the back of the key to associate it to your account and presto! Two-factor authentication on your OpenID identity.

Pretty cool, huh?

Possibly Related posts:

Mark Cross

August 5th, 2007 at 5:00 am · Reply

yup I’ve been thinking along those lines for sometime now

http://www.openid.co.uk/~press/presentations/OpenID-will-change-everything-internet-world.ppt

Noel Pike

August 7th, 2007 at 12:26 am · Reply

I love the OpenID concept, though I keep thinking… how secure is it?

MorganLighter

August 8th, 2007 at 12:35 pm · Reply

Have used PayPal for quite a while. Their ‘return/refund’ rate is the lowest that I’ve found – better than ClickBank or 2CheckOut. I’ll take a look at Verisign just to see what they’ve got. But why fix something when it ain’t broken?

Chris

August 8th, 2007 at 8:44 pm · Reply

Hey Mark – Have an HTML version of that? I’m rather gunshy about following direct pdf or ppt links…

Morgan – you may want to reread this one.

August 10th, 2007 at 4:06 pm · Reply

Chris,

Sorry – I’m a bit time short to say the least, but I am in the process of “doing” the site so it looks like one!

Suggest you right-click, save to hard disk, then virus scan it – providing you can trust your AV!

Cheers Mark

August 10th, 2007 at 4:40 pm · Reply

No problems Mark. Interesting presentation, I did give it a look.

I tried to convince Zoho Viewer to take it, but it was stubborn today. :-\ If you can get that to work, that’s a nice “safe” web based way to share it around.

OpenID Enabling a WordPress Blog » Solo Technology

January 19th, 2008 at 11:14 am · Reply

[...] I have – a SecurID token courtesy of [...]

Fresh Firefox: First Steps? » Solo Technology

November 7th, 2008 at 10:46 pm · Reply

[...] Earlier look at using Verisign Labs along with their security key for [...]