We are constantly reinforcing our security systems at PayPay to ensure you get the smoothest experience while your money and data remain protected to the very highest standards.

Two-factor authentication provides extra security for you when you login to your PayPay account, either on a new phone or a website. When you login in, you receive an SMS, with a randomly generated passcode number that must be input before you can proceed. This password is sent to your registered phone number and in a way that ensures only you will know the contents. This is one factor that our systems use to double check that it is really you making the login request.

Two-factor Authentication is an industry best-practice that we have been following since the beginning at PayPay, but we have just made it even stronger.

There is now an automatically-generated 2-character alphabet code that is added to the 4 digital numerical code. You only need to input the numbers, but you should ensure that the two letters displayed on the login screen match the letters shown in the SMS you receive, otherwise the numbers will not be accepted.

Any fraudulant website or service that asks you to share your PayPay login can not read or display the alphabetical code written in the SMS that you receive. So if the two letters are not present, or the incorrect letters are shown, then you can be safe in the knowledge that you are looking at a fake input screen.

For users of our PayPay for Business app or PayPay for Business website, 2-factor authentication is now handled via your business email address. You will receive the same alphabetical and numerical pass code, but this time via email. This ensures any login you make is done so using the same credentials that are linked to the business account you set up with us when you joined PayPay.

The new two-factor login experience is available from today to anybody who uses PayPay app version 2.34.0. We recommend you update to the latest version in the App store or Play store.