Paypal and mobile phone

[SiliconWizard]

I just logged in to my Paypal account, and now it seems mandatory to give a mobile phone number before proceeding. Last time I connected, it was asking for one already, but you could skip it. Now you can't skip it.

Have you also encountered that? And what's your opinion?

[SeanB]

There to have a form of 2 factor authentication, so that there is less chance of your account being compromised without your knowledge, as at least you will get a text message saying there is a password change or phone number change pending, and hopefully it is your request.

[BravoV]

Also they already have quite significant of your personal data and finance details, a phone as 2nd factor as SeanB mentioned won't hurt, and for me, it brings more confidence.

[SiliconWizard]

I got it that it was probably for 2-factor auth. (as it has become required by a recent EU directive I think?) It has been enforced for bank accounts for a little while now, and I'm accepting that for this, but Paypal? Is this considered a bank? Whatever, I certainly don't trust Paypal as much as my bank.

So that sucks. I hate having my phone number out in an increasing number of places.

And what happens to people not having a mobile phone line? Yeah that actually exists, and that could be for any reason. You'd be locked out of your account forever? They don't seem to provide any alternative?

Is it becoming impossible not to have one?

[chickenHeadKnob]

Is it becoming impossible not to have one?

It is going that way. Look for the corona virus pandemic prompting governments to push electronic payment methods via smartfone, because they want to  get rid of cash. The cash economy is often untaxed and unmonitored. What bothers me the most is that criminals have already learned how to do sim card jacking via social engineering  so that smartphones are a poor 2 factor device, and offer false sense of security.

[james_s]

Smartphone 2 factor authentication is not infallible of course, but it is a whole lot more secure than not having it. Passwords alone are notoriously insecure, 2 factor adds another layer of security. If someone really wants to get in they'll find a way, the goal is to not be the low hanging fruit.

[m98]

Mandatory 2 factor authentication for online banking is by-far the worst impact a law has had on my everyday-life in quite some time, while actually decreasing security, since more people will change to mobile-tan for the (now necessary) convenience of not having to fiddle around with a proper tan generator every time they check their account balance. First-world-problems, I know.
It actually makes more sense for PayPal to implement this, than it does for a regular bank. You don't need to authenticate individual transactions on PayPal, therefore the login itself needs to be secure. On the other hand, what is a hacker going to do after he logged into an online-banking portal? He can't do more than access the account balance and transaction history without needing a TAN.

[rdl]

As long as you don't give them your bank account number, you'll probably be fine. They've had my phone number for years, though I don't actually remember giving it to them. Maybe was part of setting up merchant account years ago.

[Kilrah]

Paypal are a form of bank yes, so all the government-mandated safety measures apply (including Paypal needing to have all your identity details like another bank).
Most individuals just use it as an intermediate between a merchant and their credit card and never have any balance, but it is an account on which you can put funds nevertheless.

[Stray Electron]

I just logged in to my Paypal account, and now it seems mandatory to give a mobile phone number before proceeding. Last time I connected, it was asking for one already, but you could skip it. Now you can't skip it.

Have you also encountered that? And what's your opinion?

   That must be an EU thing. I just checked and I didn't need to give PP my phone number.  They asked for it but there's link below the question that says "Not Now". I clicked on that and it logged me in without inputting a phone number.

[Halcyon]

I just logged in to my Paypal account, and now it seems mandatory to give a mobile phone number before proceeding. Last time I connected, it was asking for one already, but you could skip it. Now you can't skip it.

Have you also encountered that? And what's your opinion?

   That must be an EU thing. I just checked and I didn't need to give PP my phone number.  They asked for it but there's link below the question that says "Not Now". I clicked on that and it logged me in without inputting a phone number.

Likewise.

Paypal don't even have my full name here in AU, just a last initial.

[chickenHeadKnob]

Likewise.

Paypal don't even have my full name here in AU, just a last initial.

Are you not required to link a bank account or credit card? If yes then they must know a name or the name corporate entity.

[ebastler]

That must be an EU thing. I just checked and I didn't need to give PP my phone number.  They asked for it but there's link below the question that says "Not Now". I clicked on that and it logged me in without inputting a phone number.

Same for me, and I am based in the EU (and Paypal knows that). The popup asking for a mobile number has been active for a while -- couple of months, I'd say -- but there always was and still is a "not now" option.

[SiliconWizard]

That must be an EU thing. I just checked and I didn't need to give PP my phone number.  They asked for it but there's link below the question that says "Not Now". I clicked on that and it logged me in without inputting a phone number.

Same for me, and I am based in the EU (and Paypal knows that). The popup asking for a mobile number has been active for a while -- couple of months, I'd say -- but there always was and still is a "not now" option.

Actually when the page showed up - I didn't want to put my number - I just closed the page. Then I re-opened the Paypal page later on (after creating this thread) and turns out I was actually logged in.

I tried again today - same thing. The phone number page now definitely doesn't have a "not now" option available anymore. But if I close it, and re-open the Paypal web site, I'm logged in.
It may be a bug specific to the language translation. If it's not a bug per se, maybe Paypal France is enforcing the 2-factor authentication earlier than some other countries in the EU. But either way, it's buggy, as you are still logged in. The phone number page makes it look like it's impossible to get in without giving your number, but it's just some kind of bait for now.

[rdl]

I remember at one time ebay would pull that trick, demand some kind of info and not let you pass until...

Since it appeared after entering name and password, you could just open ebay.com in a new tab already logged in, close the annoyance and go on with whatever you needed to do.

[SiliconWizard]

I remember at one time ebay would pull that trick, demand some kind of info and not let you pass until...

Since it appeared after entering name and password, you could just open ebay.com in a new tab already logged in, close the annoyance and go on with whatever you needed to do.

Hehe yep. That's what it does here as well.
Dunno if it's just a trick to get more people to give in before it's actually truly enforced, or if it's just a bug here.

[Halcyon]

Likewise.

Paypal don't even have my full name here in AU, just a last initial.

Are you not required to link a bank account or credit card? If yes then they must know a name or the name corporate entity.

Yes, both my bank account and debit card are linked to Paypal, however the name isn't the important bit. Paypal have no way of verifying that the name I provide them matches the details held by the bank. That being said, some banks do name-match on transactions.

For example, I have both personal and business accounts with my bank and they do verify that the name on the transaction at least partially matches the account name. My business account is the full legal entity name (which includes all the directors and the trading name all in one long string), however we only ever use the trading name for transactions in/out of the account and we've never had any issues. The name matching isn't strict and allows for some leeway and errors before anything is blocked. Only having my last initial satisfies this test and allows me to send and receive money using Paypal without any problems.

I hate Paypal as a company but I'm forced to use them for things like ebay where an alternative doesn't really exist. I provide Paypal only the bare minimum details about me in order to operate the account.

[SiliconWizard]

I hate Paypal as a company but I'm forced to use them for things like ebay where an alternative doesn't really exist. I provide Paypal only the bare minimum details about me in order to operate the account.

Same here, and I also never leave money for very long in my Paypal account - so the probability of ever getting robbed - at least of a substantial amount - is pretty low.