"You can never reduce the security risks to zero," said Michael Barrett, chief information officer of PayPal said.
"But what you can do is have a whole layer of defences that holistically begin to have an effect on online fraud and that's what's we're doing with the DomainKeys email authentication project."
Barrett was in the UK keen to talk up the success the company has so far had with parent eBay and partner Yahoo to prevent cyber criminals from pretending to represent either e-commerce company in emails that encourage customers to divulge sensitive personal and financial information.
The DomainKeys collaboration project launched last month is designed to roll out new authentication technology and form what Barrett said is an essential part of PayPal's responsibility for ensuring the security of the company's 163 million customer accounts worldwide.
"We have taken steps to roll out a strong layer of authentication as part of our ongoing strategy to anticipate the ways the bad guys try to get ahead and adapt their methods," he said.
DomainKeys is an email authenticity verification technology designed to allow internet service providers (ISPs) to determine if messages are real and should be delivered to a customer's inbox.
PayPal, Yahoo! and eBay are working to develop digital signatures that can block unauthenticated email and so reduce the volume of fraudulent phishing' emails received by consumers purporting to be from PayPal or eBay.
Barrett told IT PRO the success of the project in dramatically reducing the proportion of phishing emails targeted at both companies' customers had been recognised by independent security vendor, Sophos.
Graham Cluley, senior technology consultant agreed. He said: "Hackers are finding it harder than before to steal from their millions of users because of heightened user awareness and technology that the firms introduced to help verify if an email communication is legitimate or not."
PayPal is also a member of the Anti-Phishing Working Group (APWG).
