I’ll begin this article with a quote:

With PayPal, all your sensitive business and customer information is securely encrypted

As you can see in the above Video, Paypal ensure it’s clients that it offers unbeatable security, that Paypal is securely encrypted, that the customers will fill more likely to buy and sell their services or anything else. There’s a 24/7 security department that monitors transactions around the clock in order to prevent fraud before it affects it’s customers businesses.

Now let’s get to the real world. This are just words, big words without any proof of concept.

I searched on Google for “paypal security” and I noticed a good question:

How secure is the PayPal site?

Source – https://www.paypal.com/cgi-bin/webscr?cmd=xpt/Help/general/TopQuestion6-outside

If you ever used Paypal you should probably know that most of the transactions run on Paypal’s website, so this question is a very solid one.

It was fun to read the first argument and I want to share it with you also:

The PayPal site is highly secure. We use industry-leading technology (such as SSL) to keep your information safe.

Ok.. daaa.. everybody heard about SSL (secure socket layer) (if not, I recommend you to read this article).

PayPal automatically encrypts your confidential information with an encryption key length of 128-bits (the highest level commercially available). Before you even register or log in to the PayPal site, Paypal’s servers checks if you’re using an approved browser (one that uses SSL 3.0 or higher).

What Makes the PayPal Site So Secure?


Tip for developers

I recently saw a presentation regarding Paypal Security in Ruby on Rails. The description of the tutorial is:

This episode shows how to encrypt the variables passed to PayPal and verify the authenticity of the payment notifications (IPN).

There is a video tutorial which explains how to encrypt variables and send them to Paypal. The principle could by applied on any programming language. There are some important settings that you probably haven’t considered yet.

You can find the video tutorial and the source code, source fragments on the http://railscasts.com/episodes/143-paypal-security website.
Direct link to the video – http://media.railscasts.com/assets/episodes/videos/143-paypal-security.mp4