@lordandy wrote: AND: On the mobile app it seems you have to have SMS enabled to use the mobile app at all... neither SMS nor VIP Key makes sense on mobile, as it's probably running on the same device anyway if stolen 🙂 With respect, mobile code generation does make sense if the: device is properly secured [encrypted and secured with strong PIN], and/or authentication system supports revoking the app, as in the case of Google Authenticator, but not in the case os Symantec VIP. As it is now, PayPal "security" is a ticking time bomb.
... View more