Recently, PayPal began offering account holders the ability to use a Security Key as an additional means of protection. The Security Key is a small piece of hardware that connects to the computer’s USB port and displays a sequence of numbers that change every 30 seconds. Once the key is activated, users must supply these numbers in addition to their typical PayPal username and password in order to be granted access. No accessible version of the PayPal Security Key is offered at this time. Though the Security Key is not required, there are a couple of significant concerns.
At this time, use of the Security Key is not required in order to continue using PayPal. One may decide to avoid purchasing and activating the Security Key, while still retaining access to their account. This may seem to represent a mitigating factor, except for one dirty little truth. The availability of the Security Key to only sighted PayPal customers automatically means that blind and visually impaired customers are not afforded the same degree of security! That’s right. While the sighted may now enjoy two-factor, virtually unbreakable authentication, we blind folks are stuck with the traditional username and password approach. This inherently makes the blind more vulnerable to fraud, identity theft, loss of PayPal funds and all manner of other imaginable nastiness. Alas, that’s not all!
While the Security Key is currently an optional enhancement, we can see the day in the near future when PayPal will begin requiring use of this authentication method for all account holders. At that time, blind and visually impaired people will be completely locked out of their PayPal accounts, unless an accessible version of the Security Key is made available. When that happens, PayPal will be giving its blind customers the boot, showing them the tightly barred and locked door featuring the infamous “No Blind People Allowed” sign.
Multifactor authentication is not new to PayPal. It is rapidly extending to the web sites of many banks and other financial institutions. It is absolutely critical that we, as a blind community, begin to effectively address issues of visual CAPTCHA and multifactor authentication before we find ourselves locked out of online participation and even separated from our money! Let’s act now with respect to PayPal! We urge all of you to ask PayPal for information about their intentions toward blind and visually impaired customers with respect to the Security Key. Please post any responses from PayPal as comments to this article.