Using PayPal for online purchases – what you need to know

You may have heard of PayPal, and you may have heard some horror stories about it. But in reality, using PayPal may be even safer than using a cheque or your credit or debit card to make a purchase. Here, Dave shows you how to set up a PayPal account and use it safely.

What is Paypal?

PayPal is an online financial service that allows you to pay for items using a secure internet account. You simply add your credit card or debit card details and whenever you pay using PayPal, you can choose which of your cards it pays with.

You can think of PayPal as a kind of ‘digital wallet’.  The great thing is that your payment details aren’t shared with the online service you’re purchasing from. When you use PayPal to pay for something online, PayPal connects you and the service provider together, and acts as an intermediary between the two of you.

You can also use PayPal to receive money from friends and family, or if you sell something online – say through eBay. All the other person needs is your PayPal ID (usually an email address, but you can also have a unique username), and their own PayPal account. They then simply instruct PayPal to send you money. This service can involve a small fee, but only for selling items. Sending money to family and friends is completely free!

Why should I use PayPal?

Longevity – PayPal has been around a long time. That means it’s widely available on most online sales sites. It’s also a trusted brand.

Protection – PayPal has some of the best protection if an item doesn’t arrive or isn’t what you expected. For sellers, you get protection against a buyer saying they haven’t received an item if you can prove you have sent it. This is especially useful when purchasing items on eBay, where you do not usually have shop guarantees.

Security – you don’t have to enter any card details into a seller’s site so there’s less chance they can rip you off. OneTouch payments allow you to log in once on a specific device and browser, and then use PayPal on any online store without having to log in again, as long as you continue to use that device and browser.

PayPal also has dedicated iPhone and Android apps.

How do I set up a PayPal account?

These instructions will help you set up a Personal PayPal account, which is sufficient if you plan to buy and sell items on your own using PayPal.

First, head to and click on the ‘Sign Up’ button in the upper right.

Select the option for a Personal account. Click Next.

Type your first and last name, email address, and a password. Remember to make your password really secure – after all, this account will be used to deal with money, and will also be linked to your bank or credit card accounts. See my previous post about secure passwords if you aren’t sure about this. Click ‘Next’.

Type your mailing address and your mobile or home phone number, click on the tick box  to agree to PayPal’s policy, and click on the button to ‘Agree and Create Account.’

Your next step is to link your credit card with PayPal. Anytime you buy something using PayPal, the funds will first be taken from your PayPal balance and then from your debit or credit card. If you don’t have any money in your PayPal account, your card will be used to pay.

At the ‘You are in! What’s next?’ page, click on the first button to ‘Get started.’

Enter the information for the debit or credit card you wish to link with PayPal. Then click on the ‘Link card’ button.

You’re done! You can now use your PayPal account to buy items. This short video from PayPal takes you through the steps involved:

You should get a confirmation email from PayPal that you must acknowledge to verify your email address. Open the email and click on the ‘Confirm My Email’ button. This is one of the few times that PayPal will email you asking you to click on a link. Read on for tips on staying safe.

Staying safe

Whilst PayPal is inherently secure, its ubiquity means that its brand name is often used by scammers to try to fool people. Here are some steps to take to stay safe:

1. Only use a credit card with PayPal.

Why? PayPal will cover you if you purchase an item that doesn’t arrive or isn’t what you expected, and by using a credit card to fund PayPal purchases, you gain an extra layer of protection because you also can dispute the charge through your credit card company. Keep in mind that with credit card companies, you typically have up to 60 days from the purchase date to dispute charges for items you didn’t accept or weren’t delivered as agreed, while with PayPal you have 180 days.

Also, linking only a credit card means that anyone who gains fraudulent access to your PayPal account can’t clean out your bank account, too.

2. Never click on links in emails from PayPal.

Why? They might not really be from PayPal. The most common theft technique involves stealing passwords by sending “spoof” emails that appear to come from PayPal, but link to dummy sites — complete with the PayPal logo — where users unwittingly type in their info. Instead, go to your PayPal account by opening your browser and going to Any messages from PayPal will be in the ‘Notifications’ area. You can access this by clicking the ‘cog’ icon at the top right:

And then clicking ‘Notifications’.

You should use this same level of caution with any emails from anyone!

3. Keep an eye on your balance.

Why? Thieves will typically begin draining an account with a series of small withdrawals — as little as £5 — hoping the user won’t notice. If you don’t, they will start to ramp up the amount they steal until it gets into the hundreds.

Again, you should keep an eye on all of your accounts – bank, credit card etc. – especially if you use them online.

4. Use 2-factor authentication.

Why? 2-factor authentication (2FA) or 2-step security, or 2-step verification protects you against someone logging in with your credentials unless they also have access to a mobile device such as a tablet or phone that’s in your possession. 2FA will send a text to your phone, or ask you for a code generated by an app on your tablet every time you log in. If the thief hasn’t got your phone or tablet, they can’t log in. To set it up, go to the ‘cog’ and then go to ‘Security’. Click ‘Set Up’ next to ‘2-step verification’:

You’ll see a window asking you to choose either ‘Text me a code’ or ‘Use an authenticator app’.

The easiest is to choose ‘Text me a code’. Click ‘Set Up’ and on the next screen enter your mobile number. Click ‘Next’ and you’ll be sent an authentication code in a text message. Enter this on the next screen and click ‘Confirm’.

You’ll be asked if you want to set up a backup number. If you have another number you can use, fine, do this. If not, just click ‘Not now’, and you’re done.

While you’re in the security settings, it’s worth setting up some other security measures:

Security questions – these are used to verify it’s really you if there’s ever a doubt, for instance if you forget your password. It’s OK to lie on these questions, in fact it’s probably a good idea! If you give the ‘wrong’ answers, as long as the answers you give match the ‘wrong’ answers when you need to unlock your account you’ll be OK. But any scammer who has managed to find out ‘Your First Pet’s Name’, or ‘Your Mother’s Maiden Name’ will be scuppered! You just have to remember the lies…

Mobile PIN – create a 4-digit mobile PIN. You can use it to pay with your mobile device more easily and securely. I have a technique for choosing memorable PINs which I will share in a later post.

Once you’ve followed these steps, you can enjoy shopping online, secure in the knowledge that you are protected from scammers as long as you follow a sensible security protocol.  I’ll also cover security protocols (OPSEC) in a later post, as well as advice on avoiding phishing attacks, social engineering, and phone scammers.