I don't generally use mobile apps for payments but I just installed an android app which allows purchase of electronics items etc direct from China. I have used the company before via desktop web browser and have no real reason to distrust in this case but I was surprised when I went to checkout in the mobile app and selected Paypal that the subsequent Paypal login and password screens appeared to be 'embedded' in the vendor's app. So while it looked like a paypal login, I could not spot any mechanism equivalent to a desktop security certificate to help to verify that the login is what it claims to be. This is what the first screen looked like: Given that this is launched from the vendor's app, how can I verify that any such screens are genuine Paypal logins and therefore safe to enter login credentials?
... View more