PayPal Community

j_a_s · ‎Aug-26-2020

I've been dealing with customer support all day over this issue and they say they can do nothing but I want to raise it here as well since it's a major security flaw. Paypal is a financial site and therefore security controls should be very strong. I always log out whenever I complete a transaction and I never click the "stay logged in" button that's always presented. Now, every time I log in, I get an email saying "We've made it easier for you to check out with PayPal. Since we recognize this device, we'll automatically log you in so you can skip typing your password at checkout! ... If this is a shared device, or you don't want us to automatically log you in, we recommend that you turn this feature off." I go in and manually turn the feature off. Then the next time I log in to make a transaction, I get the same email again, the feature is re-enabled again, and I have to go in to manually turn it off again. This is totally unacceptable. I'm the only one who should be able to determine if my device is trusted and and if I want to enable auto login. I was told that there's nothing they can do and that I'll simply have to manually disable the feature every time. This is a major security flaw and it's a big deal. I was told that my concern has been escalated but I'm posting this here in the hopes of raising the visibility of this issue. Thanks.

afaffel200 · ‎Aug-20-2023

i have the same probleme!!

jimfrankfort · ‎Aug-24-2023

Since this is an old issue, one that has significant security implications, and one that has not changed despite multiple complaints from multiple users, perhaps bringing it to the attention of a news organization or financial/security podcaster would be enough to get PP to fix this significant flaw. Just throwing this out there in case anyone has contacts that could be leveraged to get PP to do something......jim

roughorange · ‎Oct-22-2023

Same issue here and extremely frustrating. I do not ever want an auto-login for a payment system anywhere for the most obvious security reasons.

jbsedfqxr · ‎Nov-09-2023

. This has been a reported issue for at least three years. PayPal is obviously looking to their own self-interest and is refusing to address this as an issue

Katja48 · ‎Dec-01-2023

I have been dealing with this problem for the last couple of years. PayPal repeatedly re-enables auto login after I go in and disable it. I do so because it is an invitation for bad actors to access my PayPal account illegally. I’m surprised they are encouraging theft against my wishes after I cautiously choose to disable auto login. I’ve seriously thought of dropping PayPal for this issue, but keep thinking they will wake up and realize their mistake. Shocked to hear so many others have the same problem!

worf2 · ‎Dec-04-2023

We need a way to PERMANENTLY disable this stupid "feature". Why are Paypal not sorting it?

princessscobra · ‎Dec-04-2023

It's been years now, and there is absolutely no way for any of us to access someone who could actually solve the problem. We need for a high-profile person to complain about it on their Instagram account.

worf2 · ‎Dec-04-2023

Contacted BBC Newsdesk re this. Perhaps if they have a "slack" news day they will pick up on it ?

Sumwunelse · ‎Dec-04-2023

I seem to have resolved this critical security issue by referring it to the Australian Financial Complaints Authority after the usual back and forth with Paypal. I have not had my security settings changed without my consent since. Hopefully it stays that way. You may have similar results through your own countries financial watchdog organisation.

worf2 · ‎Dec-05-2023

Good idea. I have now also informed the FCA (UK) of this, and pointed them to this thread. Maybe if more people do this, we will finally get some action.

PayPal Community

Major security flaw - the system keeps re-enabling auto login even after I keep turning it off

Haven't Found your Answer?