Amazon.com “PayPhrase” shortcut for paying
by Chris Dawson
Amazon.com are trying to make it easier for buyers to pay using Amazon payments. Now you can simply use a two word “PayPhrase” and PIN number to pay and Amazon will use your stored credit card information and shipping address to process the payment.
This works on Amazon.com, or on third party websites that accept Checkout by Amazon. You can also create additional PayPhrases so if you want to give your children a monthly allowance that they can spend create a new Pay Phrase for them and set a monthly spending limit.
Currently PayPhrase is only available on Amazon.com
3 Responses on "Amazon.com “PayPhrase” shortcut for paying"
Related Posts:
- Open an Amazon seller account with 1st months subscription free
- Which Amazon products and services do you use?
- Marketplace and FBA coming to Amazon Italy
- Checkout by Amazon now available for UK websites
- Incentives: Win £50 of Amazon.co.uk vouchers
Recent Posts
- Brightpearl online/offline multi-channel retail solution
- 100 free listings for private sellers 11th-12th Feb
- eBay display NSE search results with no pricing
- HMRC campaign aimed at people who fail to make tax returns
- Royal Mail waive SmartStamp subscriptions as apology
Do you have to be logged into Amazon payments for this to work? Otherwise this looks like it has a huge security hole in it. The fact that no two pay phrases are identical suggests that you don’t need to be logged in.
All they’ve basically done is made a complex username (one with a first and last name). But that username is very easy to guess. And they attached a 4 digit pin (extremely weak).
1) pick a common phrase like “pay now”, “buy now”, two word movie titles, etc
2) see if registration fails
3) guess pin
It says after a number of incorrect guesses it locks out the person but if this takes off there will be plenty of pay phrases to hack.
This is slightly worrying. Amazon appear to be trying to reinvent the username and password. Rather than suggesting to customers use mixed case, letters and a combination of numbers – they are trying to push the use of standardised dictionary phrases or something which you can easily associate with an individual. Username and passwords should always have some input of randomness – this project needs a good rethink or should be scrapped.
I would like to see Amazon releasing seller funds alot quicker than they do…currently it takes a couple of weeks to get funds from them.