Ebay to CHECK your computer?

I signed into my ebay account this morning and on doing so i got one of those messages you get before you see 'continue to sign in'. I'm sure you know what i mean if you have an ebay account! Only this one, rather than being something like 'CHEAP LISTING DAY' and the like, it said THIS. "we will now be checking the computer you use whenever you list on ebay.If you are not using your normal computer we'll ask you to take a quick call at the number on your account to make sure that it's you"!!!. Has anyone else seen this? I'm wondering if it's LEGAL for them to get into your computer without your consent!! even then, how can they tell if it's your computer or someone elses anyway? seems like ANOTHER infringement on civil liberties to me. What do you think?

reply to post by sayzaar


It will probably be a cookie that they are looking for in your web browser. This is common practice on most commercial sites now days.

when you hit the site and logon/join it will create a cookie which holds basic info so you can do stuff like auto-logon when you visit the site again.

Ebay already uses cookies, and there is already an option for automatic login, so i would'nt have thought that would be the reason. There must be more to it i would have thought. Just guessing and the mo though.

im sure its just checking your ip adress. and not "getting in" your computer like you stated in the op..

This is just for your added protection. Have you logged onto a banking website lately? They will use this same method. A lot of times scammers get a hold of peoples ebay account and this will hopefully prevent a lot of that.

got to love the paranoia around here lol.

i'm pretty sure if they wanted to get in your computer they wouldn't advertise it as you said happened.

It's a new security feature they're installing to prevent people from using your account from another computer that doesn't belong to you. they will probably just get your IP as mentioned or your computer's MAC address, nothing personal.

PayPal's been doing this for quite some time now, and it seems they've finally integrated the same into Ebay as well. All they're basically checking is the IP you're logging in from. If it's different than the last one on record, they give you a call, you punch in the PIN number and you're good to go. No big deal and it takes less than a minute.

Overall, it's just another level of security that, as others have mentioned, is being implemented by more and more banking and payment processing sites are putting in place for their user's protection.

 

HHMMM.. Not to sure about this new ebay 'security' feature.
What if like me I use anything upto 10 computers to log onto ebay . I have 2 at home , and sometimes use some in my work's library? then what? will my account be barred if I use more than 2/3/4/5/ etc computers?
How many IP addresses will this new program store? Can't ebay just have more security questions apart from your screename and password? . Like where were you born, mothers maiden-name, etc? a lot of the Banks here in the UK have this kind of security feature , besides anyone dumb enough to give their screen name AND password and any other sensitive information to a complete stranger who just says 'I'm from your bank or from ebay' deserves to have their accounts emptied.

Originally posted by DataWraith
Can't ebay just have more security questions apart from your screename and password? .

It's more an effort to take the security a step away from the PC itself as an added level of protection which requires "human" input for confirmation. the "theory", if you will, being that as long as they rely solely on computer-based "authentication", there still remains the possibility for fraud, abuse and or hacks.

A new member started a thread on BTS this morning regarding one of the companies who've basically been pioneering this as a means of added protection.

Beating Online Fraud With a Phone - PhoneFactor


[edit: speeling - member]

[edit on 18-6-2008 by 12m8keall2c]

Whatever program they have to authenticate access, will never beat asking a load of questions when you want to log in.Yes it's time consuming but at least they'd know it was you logging in. And even if you told someone who rings you up your screen-name and password they wouldn't be able to get past all the other security questions unless the person replying to them is REALLY DUMB and tells the 'phisher' all the answers.
One of my Banks has 3 screens of questions to get access to my accounts.
I don't feel it an annoyance or an iconvenience to make sure my account is safe. Besides if anyone wants in to my account they can hack the bank and do it, I ain't going to tell anyone my details. Not even my wife knows my email password coz I won't tell her.

Originally posted by DataWraith
Whatever program they have to authenticate access, will never beat asking a load of questions when you want to log in.

Sure it does. You're presented with a screen asking whether to call now or in two minutes, for example. You make your selection and the program rings your phone and gives you a PIN number. You then enter the PIN number to authenticate that the login is actually being accomplished You.

By utilizing a security measure outside of the PC environment which requires actual and physical Human Input, you basically eliminate any possibility of unauthorized access via compromised user data.

The only means to "get around" this approach would require having prior access to the account and having already changed the user's contact phone number.

It really is a rather novel approach to added security for the end user and one that I'm quite certain you will see more and more sites/institutions implementing in the near future.

 

yeap, even those captcha are slowly gonna go the way of the dino soon, ive seen some pretty good software that can eliminate certain color combos to reveal to it the preshown letters an number set up, which it then inputs....

the security questions most could find in your trash or even on your hardrive... its not hard to find info these days about people, some dont even reealize they put the answer to a security question in a blog.....

I made a payment thru paypal for 10 bucks, an got a call asking if i made a payment for 10 bucks lol I was like, ummm pretty sure i did... was it a good buy? lol they laughed an said they were using new security measures....

But in this day an age when a 13 year old can hack into the main servers of Major companies.... I dont keep more then a amount I can lose on any card or paypal like site..... You never know what the Problem solvers ( scammers ) will figure out next... Im sure we are only a few years away from Exact voice dupping.

Anyhow....

Enter this code to reply : 8df830gk2h5f89834hjf0903hhf03yh5h990

same thing happens with my bank. if i sign on to my account on a new pc it wants my personal info to verify my identity. it's security. relax.

reply to post by DataWraith


You have two computers at home, so, I am guessing you have a router. You will have the same public ip address because of NAT, outside of your network you look like one IP address.

I have to disagree with a lot of people on here and say that it is not grabbing your ip because a lot of users have dynamic ip addresses.

More so, it will be installing a more complex cookie on your computer. If you don't believe me logon to ebay and then log out, reset your modem to get a new ip address and logon again, it won't ask to identify your computer again.

[edit on 18-6-2008 by jhill76]

Our great friends in India and other places where we have outsourced most of these matters have had a problem with internal hijacking of accounts and interception of payments from users. Even greater security measures are going to become common place to try and stop this problem in the future!

Zindo

Many of you are compariing this with Bank security, but I for one use online banking fairly rarely, maybe once a month. On the other hand, I use ebay regularly to both buy and sell. I have a dynamic IP address, so every time I now use ebay to sell, which is numerous times a month, I'm going to be security checked? No thanks. That's just stupid.

I'm also incredibly wary of giving Ebay accurate personal contact details, since an incident a few years back when someone managed somehow to get my details from Ebay and plaster them over the internet - which of course denied could have happened, because it's impossible.

When this new security measure comes into force, I'll cease to use Ebay to sell. And if the security applies to buyers or people just browsing too, I'm gone completely.

Having had my ebay account hijacked by scammers trying to sell TV's and other electronic equipment, i'm actually quite glad they are going to start this. More than likely it's an IP or MAC address check or even an ISP check just to verify that it's you. I really like the fact they're trying to prevent scammers from selling stolen, or even non-existent goods.