0

How is it safe to use PayPal in an app where the app itself presents the PayPal login prompting email and password? How does PayPal even accept this risk?

As an example, the coffee ordering app "Hey You" presents the PayPal login screen in the app itself. This isn't the first time I have seen this, just the most recent.

PayPal's main appeal is that I don't have to trust every newbie developer with something to sell with my credit card details. But if I don't trust someone with my credit card details, why should I trust them with my PayPal credentials?

--

I get PayPal on the web. I am a lot more comfortable logging into PayPal in my browser, when my browser URL shows that I have been directed to https://www.paypal.com.

davur
  • 109
  • 4

1 Answers1

1

I can understand your confusion so I will clarify somethings:

  • Ignoring that there can be a phishing scam here, the developer is probably using PayPal's API and so the developer does not see your credentials. All he sees is if the transaction to his account from yours was completed or not.

  • Since the API is being used PayPal encrypts all the traffic between their servers and the client and so when logging in with them even on the worst app ever your login data will be encrypted and so that is not something to worry about.

  • PayPal will never ever let anyone touch your private bank info or password and so that is not something you have to worry about at all.

More about there API can be found here: https://developer.paypal.com/docs/faq/

Bubble Hacker
  • 3,615
  • 1
  • 11
  • 20
  • 1
    I suppose the root of my concern is the phishing scam that you start off by ignoring. The medium article linked in the linked question expresses my concern perfectly. – davur May 30 '16 at 05:16