Geeky Mom: PayPal app on iPhone has security flaw

photo by Miss Karen

I often use PayPal because it offers an added level of security for online transactions; however as this news story shows, nothing is perfectly safe. Even PayPal, an eBay company, can be vulnerable to a security lapse leaving users unprotected. 

When using the mobile PayPal app in unsecured networks and WiFi hotspots users were left vulnerable because the app failed to check the digital certificates--an electronic ID card--that confirms that a website is legitimate. In other words, this flaw allowed a hacker to develop a fake PayPal website and access accounts without the PayPal app users knowing anything had happened. This security flaw meant PayPal app users could be "tricked into thinking they were using the legitimate website when they weren't" according to CNET News. The android app and the PayPal website are not affected. Only the iPhone version of the app is affected by the flaw.

According to CNET News, PayPal spokesman Anuj Nayar says, "We don't believe any customers have been affected at all, and if there were any affected they would be 100 percent covered by PayPal."

The over 4 million users of the poplar app can breath a sigh of relief as they download the app update to secure their phones. According to

PayPal spokeswoman Amanda Pires said the eBay Inc. unit verified the vulnerability Tuesday night and sent a new version of the app to Apple Inc.'s App Store that users will have to download. PayPal also said it would reimburse 100% of any fraudulent activity.

PayPal was alerted of the flaw on Tuesday when they were asked by to comment on the flaw that the mobile security firm viaForensics first reported. PayPal rushed to fix the flaw and within 24 hours made an app update available for download. The new 3.0.1 version of the app with the security update is free at the iTunes App Store.

Since banks and credit cards are considering offering mobile payment systems similar to PayPal in the near future, let's hope the PayPal security issue pushes them to develop secure systems.

(Photo: Miss Karen)

Doodle by Chris Olson - Chris Olson
Freelance writer and illustrator
Momathon Blog: The 24/7 mommy marathon--on two feet or four wheels


In order to comment on, you'll need to be logged in. You'll be given the option to log in or create an account when you publish your comment. If you do not log in or create an account, your comment will not be displayed.

Trending Now

Recent Posts by Chris@MomathonBlog