This is an absolute disgrace and Paypal are LYING about their reasons. Everyone in internet security knows that IP address hasn't been a proof of anything since caveman times. You can log into a work VPN, you can get on a plane and fly to relatives for Xmas, you can........ and so on. The browser fingerprinting (google it, better still, DuckDuckGo it) done by all behemoths of data collection and privacy invasive coroporations is the REAL way they identify you. But they can't actually tell WHERE you are without your IP. Their pathetic comments above attempt to assert this is somehow needed to comply with regulations. Utter dribble, and a lie. There are no such rules in place, the rules for financial institutions are based on the "Know Your Customer" premise, and 2FA as well as the good old PASSWORD is how they know their customer. My internet bank (and everyone I know) accepts VPN usage just fine, THAT is why they have 2FA because IP address is proof of absolutely nothing with regards to security. They just WANT to know where you are, just like all other huge and arrogant companies these days, the customer is the PRODUCT. And customer information, behavioural analysis, tracking, monitoring, recording everything you do, say, think...... is all part of how you are serving them by being their "customer".
If they were being honest they would admit this too. If someone has a strong password (mine is 28 characters diceware password), that is more than enough to be brute forced (hacked) by even the most determined hacker, but just in case..... we have 2FA. Which means that determined hacker would also have had to steal or compromise your mobile device (what if you don't have one? which is an increasingly good idea these days) AND brute force a virtually unbreakable password. Even the NSA would have serious trouble hacking a 28 character password, but with 2FA it's about as secure as you can get. Oh, but if you don't log in from home, we don't know if someone hacked your account.... hahahahaha. Pull the other one Paypal, it's got bells on.
Data is the new boom. Google are fighting with facebook who are fighting with twitter who are all now fighting with Microsoft (read the terms and conditions and privacy policy when installing Win10, just for a blatant explanation of exactly what these companies WANT from their users, short version: EVERYTHING). That information that goes on marketing lists and generates an absolute fortune, a FORTUNE, whether they sell it on or just use it for their own upsells and downstream marketing exercises. Huge numbers of users means huge numbers of dollars in profit IF they collect that data and manipulate you with what they know about you.
Oh and to pull the "VPNs are used by fraudsters" utter joke of an argument - P L E A S E !! Some do, but most use TOR network predominantly, as do privacy enthusiasts, whistleblowers, persecuted minorities in Iran, China and many other places, grannies (like mine who hates being spied on when she wants to use the web) and a million other people who just value their privacy and don't like being spied on by big tech.
So Paypal.... pull the other one. This is a mercenary tactic under the guise of "we will keep you safe". It's not a legal requirement at all (otherwise my bank would be breaking the law every day when I log in via VPN), and it's about time people learned about this and moved away from immoral and dishonest firms who use dragnet surveillance to boost their bottom line, all while customers thought they were 'just providing service X'. I have had enough of it, and it will be a huge upheaval for me to leave Paypal, but desperate times mean desperate measures, and since my BANK doesn't block payments on ebay when using a VPN, I will simply use my bank from now on and use Paypal as little as possible. if that's not possible, then sadly my heavy use of ebay will come to an end. I am NOT your pawn, I am NOT your subject, and I AM NOT stupid enough to fall for this dishonest "security" reasoning.
VPNs PROVIDE security. They are recomended by every reputable security researcher on earth from University professors to GOVERNMENT employees.
Government employees dealing with intelligence material use VPNs on a daily basis, they are REQUIRED to by their EMPLOYER (British Government!) Are they committing fraud? It is a well known fact that using public WiFi such as a coffee shop or McDonalds is inherently insecure and easy to hack/sniff your data packets which, if you use Paypal for instance, would expose all your security credentials etc. It's also a handy place to pinch someone's phone and thus break 2FA very easily. A VPN prevents this, as the information sent is AES256 encrypted which even the NSA and GCHQ would have a hard time breaking, so some tin pot hacker has no hope. THAT is how VPN's protect us, and they do it very very well. Paypal - why not worry about your own security, and we will worry about ours, including securing ourselves FROM YOU and your data collection practices, which you explain openly in the smallprint:
https://www.paypal.com/au/webapps/mpp/ua/privacy-full#enhanced-legal-2:
“Why Do We Retain Personal Data?
We retain Personal Data to fulfill our legal or regulatory obligations and for our business purposes. We may retain Personal Data for longer periods than required by law if it is in our legitimate business interests and not prohibited by law. If your Account is closed, we may take steps to mask Personal Data and other information, but we reserve our ability to retain and access the data for so long as required to comply with applicable laws. We will continue to use and disclose such Personal Data in accordance with this Privacy Statement.”
How Do We Process Personal Data?
“To manage our business needs, such as monitoring, analyzing, and improving the Services and the Sites’ performance and functionality. For example, we analyze User behavior and perform research about the way you use our Services.”
“To market to you about PayPal products and Services and the products and services of unaffiliated businesses. We may also Process your Personal Data to tailor the marketing content and certain Services or Site experiences to better match your interests on PayPal and other third-party websites.”
“To provide you with location-specific options, functionality or offers if you elect to share your Geolocation Information through the Services. We will use this information to enhance the security of the Sites and Services and provide you with location-based Services, such as advertising, search results, and other personalized content. “
