Skip to main content

With a public API, Venmo’s default privacy settings expose private user data

Image used with permission by copyright holder

Those who use Venmo as their primary money-transfer app, may want to consider changing their privacy settings. After a security researcher analyzed over 200 million Venmo transactions back in 2017, it became clear the app exposes a large amount of private details about its users, The Guardian reports.

The project was created by Berlin-based researcher Hang Do Thi Duc, who highlighted all of her findings via a website called “Public by Default.” On the site, she explains how she was able to learn an ‘alarming amount’ about Venmo’s users by pulling a total of 207,984, 218 transactions all via the app’s public application programming interface (API) — which can be accessed by anyone.

Even though Venmo does allow you to choose what is or isn’t public, all transactions are public by default — which some users may not realize. To protect your information, you can choose to make any future transactions visible by only the sender and recipient — that way, they won’t show up on the public feed. There’s also the option to make all past transactions private as well.

Using the logged data via the API, Do Thi Duc was able to piece together the lives of five different Venmo users identified as: ‘The Cannabis Retailer,’ ‘The Corn Dealer,’ ‘The Lovers,’ ‘The YOLOist,’ and ‘The All Americans.’ Each one includes stories of who they are with specific details she was able to find simply by sifting through their transactions — including exactly how many transactions were carried out by each person in 2017. While she was also able to see full names, she did not publish that identifying information.

“This Venmo user — a young woman with a Greek last name — had 2,033 transactions in eight months’ time. And through her Venmo transactions emerges an unhealthy portrait. She loves Coca Cola (280 transactions) and pizza (209 transactions), and often goes for coffee with the same three friends. She also likes to eat a lot of sweets, especially donuts,” she writes about ‘The YOLOist.’

On the site, Do Thi Duc explains the project will hopefully shed light on the fact that companies should be putting user data protection first. While Venmo’s public feed seems harmless — and even a source of entertainment for some — we don’t truly realize how much information we’re sharing. This includes your first and last name, transaction history, and blatantly revealing where and with whom you’re spending your time by listing who it is the money is going to.

Editors' Recommendations

Brenda Stolyar
Former Digital Trends Contributor
Brenda became obsessed with technology after receiving her first Dell computer from her grandpa in the second grade. While…
Visible just made its unlimited 5G plan better than ever
Visible wireless phones and plans featured

Digital wireless service provider Visible has announced upgrades to its premium Visible+ phone plan. The highlight is a new Global Pass feature that allows Visible customers to use their phones in 140 countries worldwide.

The Visible Global Pass offers unlimited talk and text services, along with 2GB of high-speed data, for a flat rate of $10 per day. Visible+ members can also enjoy a free Global Pass usage day every month. The activation process can be done through the Visible app.

Read more
The OnePlus Watch 2 is the Wear OS smartwatch I’ve been waiting for
Person wearing OnePlus Watch 2 with a green strap on their left wrist.

The OnePlus Watch 2 -- the company's first Wear OS watch -- has entered a market that Samsung dominates. However, OnePlus' popularity as a smartphone brand can be expected to bring small, yet meaningful changes that benefit not only OnePlus users, but all of the Wear OS segment in general.

For almost a decade, Samsung and Apple have predominantly been the default options if you want a smartwatch that is actually useful and goes beyond flashy features. With Samsung shifting gears and migrating from its own Tizen OS to the (relatively) more universal Wear OS platform and Google releasing its own Pixel Watch after struggling with an identity crisis in the smartwatch world, the platform has much more traction than it did a few years ago. As OnePlus carves its way into the segment, it has the opportunity to entice people who don't wish to live within Samsung's limitations when using a Galaxy Watch with another brand's phone.

Read more
Buying an iPad Mini today? You need to know about this deal
The Apple Pencil attaches to the iPad mini magnetically.

If you've had an eye on iPad deals for the latest model of the Apple iPad Mini for a while now, this may be the offer that you've been waiting for -- a $100 discount from Best Buy on the tablet's Wi-Fi, 64GB model, slashing its price to $400 from $500. It's still pretty popular years after its release, so we don't expect stocks of the device for this sale to last long. If you're thinking about taking advantage of this bargain, you better push through with your purchase as soon as possible to make sure that you don't miss out on the savings.

Why you should buy the Apple iPad Mini 2021
The latest generation of the Apple iPad Mini was released in 2021, but it's still featured in our roundup of the best iPads because it's the model that you should buy if you want a smaller and more compact version of Apple's tablets. Its 8.3-inch Liquid Retina display is smaller than the screens of its peers, but it's still big enough to enjoy watching streaming shows and browsing websites, while allowing you to use the device with one hand. Unlike its predecessor, there's no Home button, so the Touch ID sensor is instead built into the power button at the side of the Apple iPad Mini 2021.

Read more