PayPal Community

j_a_s · ‎Aug-26-2020

I've been dealing with customer support all day over this issue and they say they can do nothing but I want to raise it here as well since it's a major security flaw. Paypal is a financial site and therefore security controls should be very strong. I always log out whenever I complete a transaction and I never click the "stay logged in" button that's always presented. Now, every time I log in, I get an email saying "We've made it easier for you to check out with PayPal. Since we recognize this device, we'll automatically log you in so you can skip typing your password at checkout! ... If this is a shared device, or you don't want us to automatically log you in, we recommend that you turn this feature off." I go in and manually turn the feature off. Then the next time I log in to make a transaction, I get the same email again, the feature is re-enabled again, and I have to go in to manually turn it off again. This is totally unacceptable. I'm the only one who should be able to determine if my device is trusted and and if I want to enable auto login. I was told that there's nothing they can do and that I'll simply have to manually disable the feature every time. This is a major security flaw and it's a big deal. I was told that my concern has been escalated but I'm posting this here in the hopes of raising the visibility of this issue. Thanks.

Koo1 · ‎Nov-19-2020

I share all the same sentiments of comments above. This is a security breach and poor form for PayPal not to respond to these messages.

cnayr · ‎Nov-22-2020

Agreed - this seriously undermines my trust in PayPal. What could they possibly be thinking?

Actually, they had a similarly ridiculous default for "Bill Me Later" some years ago where they changed the default payment method without user permission, made it hard to change back, and then had it programmed to keep reverting back to their preference (Bill Me Later) instead of the user's preference (credit card, in my case). I almost closed my account at that time, but instead decided to just use it less, and to never again use "Bill Me Later" (now "PayPal Credit"). I'm sorry to smell the same scent of deceitfulness and self-serving greed behind this move as well.

Anyway, as a work-around until they take their fingers our of their ears and get around to making changes, I believe setting up two-factor authorization (2FA) for your account will help. At least then it's harder for someone else to place orders and it will give you a moment to pause and rethink that impulse purchase. Come to think of it, maybe it's the latter they are trying to manipulate here (under the guise of "customer convenience" and/or "economic stimulus", of course).

JamesDCan · ‎Nov-29-2020

Absolutely agree with everyone else here. This should NEVER enable itself automatically - it should always require opting in on login. At the very least, let us opt out for a device permanently when disabling it. Having to log in each time I buy something with PayPal to disable an auto-login that I never requested and never want is ridiculous.

Bob499 · ‎Dec-06-2020

Agree, if this isn't fixed soon I will be using another service. I have been with paypal for nearly 20 years, but as you stated, the reason to use the service is for security and they are actively removing the user's ability to remain secure with online payments. D- paypal.

shelleywa · ‎Dec-15-2020

So it's now December - 4 months on from the OP. I came here today because I'm having the same problem. Over and over again... "we've made it easier for you to check out...". Well no, actually you've made it a pain in the A to have to log in and turn this feature OFF. Every. Single. Time.

Please fix this! 😵

Temp20221223K · ‎Dec-15-2020

They absolutely know about it. I got this single veiled response during a month long chat session with them - this from CSA Romelyn:

Currently, PayPal prompts password login at checkout every-time. This creates friction for our highly engaged and trusted consumers.

Customers who frequently use the same device(s) will no longer need to enter their login information at checkout based on risk criteria. This reduces friction at checkout and shopping cart abandonment while maintaining account security.

No one else responding to my message string made any attempt to convey that^^^. They kept trying to get me to clear my cache, etc. etc. etc. I gave up trying to get it resolved, but complained highly in the surveys I received after the chat ended.

JamesDCan · ‎Dec-15-2020

Whoever earlier mentioned that a workaround for this is setting up 2-factor authentication is correct - there is an optional checkmark for trusting the device when entering a 2-factor code, which is unchecked by default. It's a good idea for a payment service to use this anyway, and I'm glad I finally set it up... Still, this should NOT be necessary to stop this behaviour - if they want to make it easier for people, that should still be opt-in, not opt-out, and certainly not opt-out EVERY TIME.

Lovelyevenstar · ‎Jan-26-2021

It’s complete and total B.S. I can’t stand auto login/one touch. Worst idea I’ve ever seen with Paypal. And it seems the people they call customer support don’t even know what it is much less how to help. Just got off a long and utterly irritating call with the second customer service person today who had no idea what it was?! All I wanted was help turning it off because their website was having issues with letting me turn it off. Absolutely infuriating. I’d stop using Paypal over this if it wasn’t the easiest way to protect my payment info when it comes to buying. Im at my wits end with stupid a** one touch though.

GEBXLH · ‎Jan-30-2021

Yep, I just got this idiotic AUTO LOGIN dumped onto my account as well, and like everyone else, I can't turn it off. Makes me absolutely FURIOUS that in this day and age of so much internet hacking and security risks that some <removed> or <removed> at PAY PAL decided that this was a great idea. Account holders should have been given a YES or NO option on AUTO LOGIN right off the bat. If this is not fixed soon,......I'l be looking for an alternative service, and SO LONG, PAY PAL.

Weouza · ‎Feb-04-2021

Agree, my children were able to buy online game money without my knowledge just because I’ve used PayPal before on our home computers. This is a major major problem that needs urgent fixing!!!!!!

PayPal Community

Major security flaw - the system keeps re-enabling auto login even after I keep turning it off

Haven't Found your Answer?