PayPal CISO Michael Barrett, who stirred up a lot of talk recently by advising his customers not to use the Safari browser, has published a white paper on PayPal's comprehensive approach to combatting phishing.
This white paper discusses mutli-factor authentication credentials and contains a whole section on Extended Validation SSL. The paper defines unsafe browsers as "those browsers which do not have support for blocking phishing sites or for Extended Validation Certificates," and goes on to say, "In our view, letting users view the PayPal site on one of these browsers is equal to a car manufacturer allowing drivers to buy one of their vehicles without seatbelts."
The paper adds,
At PayPal, we are in the process of re-implementing controls which will first warn our customers when logging in to PayPal from those browsers that we consider unsafe. Later, we plan on blocking customers from accessing the site from the most unsafe - usually the oldest - browsers.
There has been speculation in the press about which browsers PayPal intends to block, especially Safari. I'll try to keep an eye on it, and as things develop, I'll let you know what I see.