Discover has a neat account security feature: the ability to generate numbers that only work with one merchant. Imagine how handy this would be in the case of a credit card number breach! Only PayPal, arguably the biggest third-party payment processor in the solar system, won’t accept one of these numbers. It could have something to do with that third-party nature…or do they hate account security? That’s what Doug thinks.

I can’t understand why, but Paypal refuses to accept “Secure Online
Account Numbers”. These are virtual Discover Card numbers that only
work with the first merchant account that uses them. So a SOAN given
to Paypal would work with Paypal, but no other merchant.

The problem is, Paypal won’t accept them. They deliberately try to use
the card with two merchant accounts in order to detect which Discover
Card numbers are SOAN’s.

Why??? Are they planing to sell the card numbers to the bad guys at
some time in the future? There is simply no good reason for their
behavior!

There is next to zero chance that PayPal, a company that exists to keep users’ financial information secure, is turning around to sell credit card numbers to no-goodniks. It could be that different PayPal payees are viewed as different merchants by Discover’s system, meaning that the SOAN concept is useless unless you only ever use PayPal to pay one person.

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.