PayPal Mobile Apps Plagued by Authentication Flaw: Benjamin Kunz
An unpatched vulnerability affecting PayPal’s mobile applications can be exploited to access restricted accounts and even bypass the two-factor authentication (2FA) mechanism, a researcher claims.
PayPal can ask users to confirm their identity for fraud protection and due to regulatory obligations. When users are asked to verify their identity, they are blocked from accessing their account and instructed to call or email PayPal to complete the process.