A new security update on PayPal's mobile application aims to prevent fraudsters from taking over customer accounts.
The updated app requests permission to send a one-time SMS text message to PayPal from users' Android and iPhone devices. This will allow PayPal to identify a particular device as belonging to the account holder, according to a Feb. 13 company blog post.
"To be very clear: we only have your permission to send an SMS; we do not have access to read or receive SMS on your behalf," PayPal Mobile's senior product manager Gagan Shah says in the blog post.
PayPal, a unit of eBay, is shoring up its defenses at a time when mobile payment apps are under scrutiny for their security. Last month, Starbucks took heat for its iPhone app's method of storing user passwords in plain text and the company issued a fix shortly thereafter. Apple has also been under fire for its mobile payment authorization practices, and agreed to refund $32 million to consumers in a settlement with the Federal Trade Commission.
PayPal attributes much of its early success to its security practices. The company's Igor transaction-monitoring software, which it began using in 2000, is named after a fraudster who repeatedly and aggressively attempted to commit fraud on PayPal, forcing the company to quickly adapt.