must read Google needs to break up its all-or-nothing approach to permissions

Venmo has no good reason to make user transactions public by default

207 million transactions are public — and anyone can search them.

(Image: file photo)

Venmo, the mobile payments app, won't say why it exposes users' data to the world whenever they make a transaction.

In case you missed it, Hang Do Thi Duc, a Berlin-based privacy researcher found that every time someone sent or received money using the PayPal-owned mobile app (which had over seven million users in 2017), the transaction was "public" by default and was broadcast on Venmo's API.

In other words, everyone can see your transactions -- even without the app.

"I used Venmo's public API to pull in all public transactions of 2017 -- a total of 207,984,218 transactions," he said in an email. "By looking through them, I learned a scary amount about Venmo users. I was able to follow a drug dealer's sales, watch a couple fight viciously on Valentine's Day, and learn exactly how many mangos a Santa Barbara, CA food cart sells each week."

"I visualize all this data to make it clear just how public our Venmo transactions are -- and what they say about us," said Do Thi Duc.

But one Twitter user went further, creating a bot which scraped public Venmo data and tweeted about potentially illegal drug deals on the platform. At the time of writing, though, this account's tweets had been deleted.

We asked Venmo on Thursday why transactions are public by default, and if Venmo will change this policy in the near future, following up from other reporters who asked the same question but received no response by our deadline.

The company did, however, send out a blanket statement earlier this week, about how it takes the "safety and privacy" of its users seriously.

Except, it doesn't. If Venmo cared, it wouldn't set the default privacy settings to "public."

CNET: On Venmo, the lifestyles of the (fake) rich and famous

Later on Friday, a Venmo spokesperson said that the app's newsfeed "allows you to see what others have chosen to share on Venmo and the experiences that are happening on Venmo."

"It is very clear in each payment what audience it is being shared with and we have made this even more prominent in recent years," the spokesperson said.

The company did not say why the data was available outside of the app -- let alone able to be scraped by anyone.

There is no good reason why the data is shared by default in the first place.

PayPal, by comparison, which has its own mobile sharing app and owns Venmo, doesn't share transaction details by default and keeps what a person sends and receives private. And as Jake Beckman pointed out in a tweet, Venmo actively warns users when they opt out of the "public" by default privacy with a pop-up message asking if they are sure.

Beckman called that "some serious bulls**t."

Venmo updated its apps Thursday, including "better privacy explanations." The company also updated its privacy guide late Thursday, noting that purchases from approved merchants are private by default. You can change your privacy settings by going to the app or website, going to Settings, then Privacy, and changing the setting to "private." You can also hide past transactions through the menu settings.

Updated at 5pm: with a new comments from Venmo explaining why it makes data public by default. Headline also updated.

Got a tip?

You can send tips securely over Signal and WhatsApp at 646-755–8849. You can also send PGP email with the fingerprint: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.

Visit ZDNET