A Rough Week for PayPal

Security hole, outages put tech team through its paces.

by Auctiva.com staff writer
- Nov 05, 2010

PayPal released a new version of its iPhone app to the Apple Store this week after a potentially dangerous security hole was found in the application.

According to news reports, the mobile app failed to check the digital certificate of the server it connects to, making it plausible for third-parties to intercept users' information on unsecure networks like Wi-Fi hotspots.

The problem was first discovered Tuesday. An eBay development team quickly worked to fix the issue, and submitted a new version of the app to Apple late Tuesday night.

While PayPal says it believes none of its users had their information intercepted, the company will reimburse any fraudulent charges incurred because of the application's flaw. However, officials emphasize that no one has reported issues.

A PayPal spokeswoman says the security hole was limited to the iPhone app, and not found on the Android application.

The vulnerability comes on the heels of two major PayPal outages the payment service experienced Friday. One lasted more than 90 minutes and was followed by another outage an hour later, which lasted about an hour, according to news reports.

The outages were said to only have interfered with payments on Friday, but some U.K. buyers and sellers were experiencing problems as late as Monday. The failure was due to a network hardware failure, PayPal officials report.

The cost of the outages is unknown, but it may be significant since PayPal has more than 87 million active accounts in 24 currencies.


About the Author

Auctiva staff writers constantly monitor trends and best practices of those selling on eBay and elsewhere online. They attend relevant training seminars and trade shows and regularly discuss the market with PowerSellers and other market experts.

Other Entries by this Author

Follow Us