Connect with Joseph Steinberg


Check Your Venmo Settings Right Now Unless You Want Everyone To See How You Spend Your Money

Check Your Venmo Settings Right Now Unless You Want Everyone To See How You Spend Your Money

If, like millions of other people, you use Venmo, the PayPal-owned online payment system that sports various social features, you might be at risk for having the details of all of your transactions made public.

Here is what you need to know:

Unless you manually opt out, Venmo allows anyone to view your transaction history, and, ultimately, to assemble a detailed profile of your spending habits, according to a researcher who published her findings online Tuesday.

Berlin-based Hang Do Thi Duc, who previously ran the Data Selfie project that explored what machine-learning algorithms could predict about people from their social media posts, analyzed nearly 208-million transactions made in 2017 that Venmo makes available to the public via its API. According to Do Thi Duc, she was able to access such a large number of transaction records because Venmo’s default settings are to make all transactions public, and more than 18 million of the service’s users never changed the platform’s default settings for their accounts.

But, it wasn’t just financial information that Do Thi Duc was able to gleam via the Venmo API – people’s financial transactions reveal quite a bit their personal lives, and Do Thi Duc was able to learn far more about the folks whose transactions she saw than they would likely want the world to know. For example, she was able to track various activities of someone selling illegal marijuana, watch a romantic relationship evolve (in both positive and negative ways) between two people who chatted via a payment’s comments section, and obtain a clear understanding of other folks’ eating habits (including those of one woman who, in only eight months, apparently made over 2,000 transactions involving pizza, soda, alcoholic drinks, coffee, and donuts). Did the pot dealer, the lovers, or the less-than-healthy-food enthusiast really intend for the whole world to know of their activities?

Do Thi Duc created Public By Default, a website that shows how much personal data can be extrapolated from Venmo. Of course, there may be some folks who intend to share their transactions with the public – but, it is possible, if not likely, that, to this day, the vast majority of people whose privacy could potentially be compromised by their Venmo settings have no idea that anyone else, never mind everyone else, can view the detailed history of their transactions.

According to CNN, “Venmo declined to say why it makes full public disclosure the default setting, but a company spokesperson told CNNMoney that ‘the safety and privacy of Venmo users and their information is one of our highest priorities. Our users trust us with their money and personal information, and we take this responsibility and applicable privacy laws very seriously. Like on other social networks, Venmo users can choose what they want to share on the Venmo public feed.'”

Perhaps, however, as a result of the current uproar, Venmo will change its default.

So, what should you do?

1. Set your Venmo transactions to be private.

You can, quite easily, set your transaction to be private, by clicking on the menu icon at the top left of the Venmo app, selecting Settings from the Control Panel, within Settings selecting the Privacy option, and changing the default from Public to Private. Also, below, select the Past Transactions option to ensure that all of your Venmo transactions to date are also kept private.

2. Be wary of any system that blends social features with information that you desire to keep private.

If you would not share your financial activity with the world by posting to Facebook or Twitter the details of each transaction as you make it, for example, be sure that any system that you use for making payments offers adequate privacy. Before you utilize the services of a provider that has social features, be sure to understand if the service’s privacy capabilities meet your requirements, and, of course, if they do, do not forget to enable such features.

Continue Reading

More in CyberSecurity




* indicates required