Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Monday July 23 2018, @04:09PM   Printer-friendly
from the always-check-the-defaults dept.

Submitted via IRC for BoyceMagooglyMonkey

Anyone can track a Venmo user's purchase history and glean a detailed profile – including their drug deals, eating habits and arguments – because the payment app lacks default privacy protections.

This was the finding of a Berlin-based researcher, Hang Do Thi Duc, who analysed the more than 200 million public Venmo transactions made in 2017. Her aim was to highlight the privacy risk from using a seemingly innocuous peer-to-peer app.

By accessing the data through a public application programming interface, Do Thi Duc was able to see the names of every user who hadn't changed their settings to private, along with the dates of every transaction and the message sent with the payment. This allowed her to explore the lives of unsuspecting Venmo users and learn "an alarming amount about them".

The default state for transactions when a user signs up to the app is "public", which means they can be seen by anyone on the internet. Users can change this to "private" by navigating to the app's settings, but it's not clearly highlighted during sign-up.

Source: https://www.theguardian.com/world/2018/jul/17/venmo-payments-app-default-privacy-settings-public-information


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by MichaelDavidCrawford on Monday July 23 2018, @06:23PM (2 children)

    Members of the Caltech Community stick together: some complete stranger who is twenty years younger than I lent me $250 because he and I are both Old Scurves, that is, former residents of Caltech's Ricketts House.

    (Named after Louis D. Ricketts. I Am Absolutely Serious.)

    He wanted to do it with Venmo so I installed it from the App Store. And in fact it works real well for me too.

    When I got paid, I repaid his loan through Venmo.

    Doutblessly y'all can see my transactions with my fellow Old Scurve.

    Now please explain to me just _what_ I need to do to enable privacy. For some reason I was only able to sleep for three hours last night so just now I'm not firing on all cylinders.

    --
    Yes I Have No Bananas. [gofundme.com]
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 3, Informative) by insanumingenium on Monday July 23 2018, @06:34PM

    by insanumingenium (4824) on Monday July 23 2018, @06:34PM (#711375) Journal

    Settings->Privacy->Default Privacy Setting->Private While you are there you can also hit Past Transaction and make all your old transactions private.

  • (Score: 2, Informative) by Anonymous Coward on Monday July 23 2018, @06:40PM

    by Anonymous Coward on Monday July 23 2018, @06:40PM (#711380)

    Now please explain to me just _what_ I need to do to enable privacy.

    Here you go [publicbydefault.fyi] MDC.