Is PayPal not sending you an SMS security code?

You are not the only one. In the last month, several users have reported that they cannot access their PayPal account because they do not receive an SMS verification code. By default, PayPal does not offer an alternative option to sign up, so users are at the mercy of PayPal. The problem has recurred several times in recent years.

What can you do? First, you can call your operator and check if they happen to block SMS messages like this or PayPal messages in general. If that's the solution for you, great, otherwise you'll need to get in touch with PayPal.

But before that, you can try sending an SMS verification code several times and maybe, like us in the editorial office, you will be lucky in one of the attempts. Try it in the app and on the web. If you manage to log in, change the authentication method. Instead of SMS, use Google or Microsoft verifier. To do this, you will first need to log in to your PayPal account on the website www.paypal.com.

Online login is required as the app does not have the same options for changing settings.

Go to Settings → Security → Multi-level authentication (Two Step Verification)

By default, the primary multi-factor authentication method is tied to SMS messaging. Click on Add a new device and then select Authenticator app from the options. Connect to the one you want to use. For both (Google and Microsoft), the process for adding PayPal to the list is the same. Scan the QR code, then add the security code in the box provided.

Then just change the primary authentication method so that Google or Microsoft verifier is the first in line, and the alternative option is SMS authentication (see image).

If you were unlucky and didn't get an SMS, you'll need to call PayPal. Call +386 80 083 096 (working hours between 10:00 and 18:30), explain the problem and ask for the temporary removal of multi-factor authentication. They may resist your request, but insist that this is the only way you can add an alternative way to sign into your account. Or have them check you in remotely. It is important that you get access to your account, because this is the only way to change the authentication method.

Users of Telekom Slovenije have the most problems, so we also turned to the operator with the question. 

"Companies that send SMS messages to their customers' mobile numbers must use an agreed method or protocol for this. Such a protocol is common and is intended to ensure the security of users and the network and prevent possible abuse. Examples of such messages are, for example, passwords received via SMS to access individual services, passwords for two-factor identification, information about banking transactions, purchases, etc.

Companies, the senders of these messages, as a rule, provide this service with the help of commercial providers, intermediaries who ensure that the message reaches the end user. These brokers can handle the delivery of messages themselves, or they can use a broker themselves, unfortunately sometimes the cheapest one, where problems are more likely to occur. Regardless of this, when the intermediary delivers a message to the operator's network, he must have an appropriate business agreement with this operator and also use the agreed method or protocol, which is intended to ensure the safety of the operator's users and to prevent possible abuses. 

In short, the path of a commercial SMS message to the recipient can lead through several intermediaries, but it always ends in the network of the operator in which the user - the recipient of the message is located. Complications can occur anywhere on this path between the sender and the recipient of the message. At Telekom Slovenije, we also offer our own commercial message forwarding services, where we ensure top quality and reliability. We also constantly monitor the operation of our services, 24 hours a day, every day of the year. However, we have no direct influence on the operation of foreign systems that may be used by senders.”

Telekom Slovenije added that they had detected a disruption in the delivery of PayPal messages and immediately checked the operation of their systems. They also notified PayPal and the intermediaries they use to send such messages. The most likely reason, based on all the collected data and PayPal's past problems, is the choice of a cheaper service/provider for sending SMS confirmation messages.

The bug should now be fully fixed. If you are able to log into your PayPal account, it is recommended that you change your multi-factor authentication method immediately. That way, you will never again worry about whether you will receive an SMS or not.