Wednesday, June 18, 2008

eBay DevCon 08 - Wed18 09:30 eBay & PayPal Trust & Safety

This is a discussion panel having John Canfield (Senior Director, Trust &Safety Global Policy Management) as moderator and Liam Lynch (Senior Director, Marketplaces Chief security Strategist), Michael Barret (VP, Information Risk Management, PayPal chief Information Security Officer) and Amjad Hanif (Senior Director, Trust & Safety Product Management) as panelists.

Q: What suggestions would you give to PayPal developers to make their site safer? - The IT industry is not worried about security as it should, but the developers and customers are assured that PayPal do put a lot of effort on that, focusing on the basic issues (cross site scripting, sql injection and buffer overflow) is a big step forward. The PayPal and eBay teams rely on the community feedback to guide their development.

PayPal & eBay are more worried about the overall security of the users.

Member to member communication on eBay will be done anonymously to prevent emails from being harvasted. All communication will be done through eBay platform. Another option will be to have an email used only to member to member communication.

There were some complaints from users about their accounts being canceled on reports from other users related to fraud. The accounts are gone for a week, no matter how low is the percentage of violations reported on one account, specially for those dealing with brand products.

No comments: