Safari is too insecure for PayPal and will be blocked … maybe not

paypal_logo.gifPayPal has announced that it will start blocking Safari and older versions of browsers like Firefox and Internet Explorer from accessing the site because these browsers don’t support Extended Validation certificates which require a more detailed verification of the certified site than normal SSL and which should therefore make the site more secure. PayPal requires that browsers accessing its site support EV certificates and unfortunately for Apple, Safari doesn’t quite cut the mustard:


PayPal’s mentioned that before: in February, Barrett said users should steer clear of Apple’s browser because it wasn’t up to snuff. ‘Apple, unfortunately, is lagging behind what they need to do to protect their customers,’ Barrett said then. ‘Safari has got nothing in terms of security support, only SSL, that’s it.’

I have updated Firefox on my MacBook to Firefox 3 beta and while it doesn’t support many of my add-ons which I used on Firefox 2, the latest version, beta 5, is pretty stable and works well. It also has a really handy indictor of when a site supports EV certificates:

Paypal ev.png

Notice the green bar? That is the key indicator. Safari doesn’t support this feature yet and while I won’t pretend that I appreciate the significance of this (I thought SSL was good enough? Seems to be the case for our banks), I wonder if we will start to see more and more sites using these certificates. Certainly Standard Bank has built up a reputation locally as a pretty tech savvy and security conscious bank so I am curious whether this is an issue for Standard Bank at all?

Update: I just read in Mashable that Safari probably won’t be blocked, just older browser versions:

Au contraire. Ben Worthen of the Wall Street Journal has confirmed through a direct chat with PayPal that Safari folk need not worry about their ability to access the site.

Technorati Tags:
, , , , ,

%d bloggers like this: