Amazon PayPhrase offers alternative payment service login

Amazon PayPhrase

By Sterling “Chip” Camden
Contributing Writer, [GAS]

Amazon Payments, a subsidiary of Amazon that competes with PayPal and Google Checkout, announced a new service called PayPhrase that allows you to make purchases online using only a phrase and a PIN.

“That’s so much easier than remembering a username and password,” I hear you snark.  Or as commenter rob1951 on the InformationWeek article said:

I know what to use as my PayPhrase: my user ID and password! So that’s “admin secret”, job done.
Is this such an incredible innovation? Surely it’s just giving the option of using a longer password (with spaces in it) and no user ID. I bet Amazon have patented it like “one click”, patent the absurdly trivial then go looking for royalties.

At first glance, PayPhrase looks like just another version of single sign-on.  But it does have other benefits.  You can create up to 20 different PayPhrases for each Amazon account, and pass them out to people whom you want to allow to buy things on your account without knowing your account credentials.  Each PayPhrase can have its own monthly spending limit and requirements for verification of purchases, so it can stand in for cash allowances for dependent teenagers, for instance.  You could send a PayPhrase to a family member as a gift, instead of purchasing a gift certificate (maybe you don’t have the cash in time for their birthday, but you will by the time they pick something) – then just delete it or smack down the spending limit after they make their purchase.

Of course, your PayPhrase has to be unique among all PayPhrases that have ever been used, and it must be between four and 100 characters in length and contain no digits or special characters.   Not sure what they mean by “special” – an apostrophe is allowed, at least.

The Phrase Builder will suggest a phrase for you (mine was “Sterling’s Precise Editing” – wow, it’s like they read my mind), or you can make one up of your own.  However, there are a few restrictions:

PayPhrases which infringe on registered or common law trademarks are prohibited. PayPhrases which use language that is unlawful, libelous, defamatory, obscene, pornographic, indecent, lewd, harassing, threatening, harmful, invasive of privacy or publicity rights, abusive, inflammatory, or otherwise objectionable are likewise prohibited.

Well, that takes all the fun out of it.

According to InformationWeek, online merchants who plan to provide PayPhrase as an option include DKNY, Jockey, Patagonia, Buy.com, J&R Electronics, and Car Toys.  And Amazon.com, of course.

Advertisements
Advertisement




8 Responses to Amazon PayPhrase offers alternative payment service login

    • That's an interesting point. With 4-100 letters in any combination, the permutations are astronomical. But how many of those combinations would be memorable?

    • That’s an interesting point. With 4-100 letters in any combination, the permutations are astronomical. But how many of those combinations would be memorable?

  1. Check out what the guys at pinoptic.com are up to. They've won some major contracts based on their "authentication methodology".

    Its very clever stuff.

    You pick a phrase for your authentication, then each time you want to authenticate (pin, atm, etc) it shows you different images, that could mean your phrase and you put them in the right order.

    So lets say "tea at noon with the vicar" is your phrase.

    One time you might use this sequence of images;

    teapot + a clock showing 12 o'clock + a church.

    Next time;

    a golf tee + two circles next to each other + a cross

    And so on. The grid shows 9 or so images. Its really clever stuff, and theres uptake at high levels where security matters.

    • That's an interesting application of "significance" — a human intelligence trait that's difficult to replicate with AI. It also means that you can't bust the phrase through brute force — but can't you simply try the image permutations?

  2. Check out what the guys at pinoptic.com are up to. They’ve won some major contracts based on their “authentication methodology”.

    Its very clever stuff.

    You pick a phrase for your authentication, then each time you want to authenticate (pin, atm, etc) it shows you different images, that could mean your phrase and you put them in the right order.

    So lets say “tea at noon with the vicar” is your phrase.

    One time you might use this sequence of images;

    teapot + a clock showing 12 o’clock + a church.

    Next time;

    a golf tee + two circles next to each other + a cross

    And so on. The grid shows 9 or so images. Its really clever stuff, and theres uptake at high levels where security matters.

    • That’s an interesting application of “significance” — a human intelligence trait that’s difficult to replicate with AI. It also means that you can’t bust the phrase through brute force — but can’t you simply try the image permutations?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.