Difference between revisions of "Privacy in Venmo"

From SI410
Jump to: navigation, search
Line 68: Line 68:
  
 
https://www.google.com/url?sa=i&url=https%3A%2F%2Fwww.dailydot.com%2Fdebug%2Fis-venmo-safe%2F&psig=AOvVaw1aeWgoCnAwLZJ_ruuPVN5k&ust=1584220835828000&source=images&cd=vfe&ved=0CAIQjRxqFwoTCMCZzPmwmOgCFQAAAAAdAAAAABAD
 
https://www.google.com/url?sa=i&url=https%3A%2F%2Fwww.dailydot.com%2Fdebug%2Fis-venmo-safe%2F&psig=AOvVaw1aeWgoCnAwLZJ_ruuPVN5k&ust=1584220835828000&source=images&cd=vfe&ved=0CAIQjRxqFwoTCMCZzPmwmOgCFQAAAAAdAAAAABAD
 +
 +
[[Category:2020New]]
 +
[[Category:2020Concept]]

Revision as of 14:06, 17 March 2020

Venmo

Venmo is a digital wallet that lets you make and share payments with friends. It is convenient for when you try to split a restaurant bill with your friends or pay an electric bill that you share with your roommate. However, have you ever notice the page when you enter your Venmo that shows a list of transactions of people you do not know at all? Venmo is unique compared to other similar apps in terms of how it allows people to socialize while transferring money. You can see whom your friends are sending money to and what the money is for. By searching a person’s name, you can see all of his or her transaction histories if he or she set the transactions as public. Does this public setting work as intended? How users’ information could potentially be used?


Privacy in Venmo

The most popular emoji in Venmo transaction message

Venmo has brought a cashless world to its customers and gives people a new way to socialize online. By default, people are sending transactions that can be viewed by everyone in the world. What does that mean? That means I know who my roommate went grocery with, whom my friend went restaurant with, even whom my friend is dating. People are unintentionally sharing information with others that they do not expect these many people to know.


It was showed that from downloading Venmo public API, we can easily download users’ transactions without obtaining users’ permission if the user sets the transaction as public. This means everyone in the world, who do not even have to have the app, can make a GET request to get others’ public transaction. At the same time, most users do not understand what it means for transactions to be public in Venmo and do not consider the necessity to change the default privacy setting to private. What’s more, since Venmo requires users to write for the purpose of the transaction, most people will record what the money is for using descriptive emoji. This means anyone can easily get information about what users buy, what they do, and whom they are with.


One interesting example is that people could figure out how their friend is in a relationship with another through Venmo. There was a frequent transaction in going to restaurants and buying milk tea that let the friends on Venmo get a sense that they are in a relationship. However, the person who is in the relationship is not intended for others to know right away. There are also other examples that let users reveal private information that they do not intend to share with others yet.


Potential Risk in Venmo

Safety of transaction

From what information is given to the public, cyberattacks become much easier. A grad student studying information security has shown that 115,000 transactions can be downloaded per day by a twenty-line Python script he wrote. If an attacker has a target, he or she could find a list of people whom the target always interact with and see what common activities they are doing. From this information, the attacker could craft a highly believable phishing message to scam the target. Venmo was presented as a “bank-grade security systems”. However, this claim is inaccurate. First of all, Venmo does provide some security features like security PIN, but it is optional and most users do not realize the existence of this feature. Also, Venmo does not provide that same consumer protections as banks, which means it is not FDIC-insured.


Suggestion for Using Venmo

How to approach private setting
  • Try not to have a large amount of money stored in Venmo
  • Do not sell or purchase items through Venmo
  • Changing Venmo’s setting to private
  • Using the PIN feature on Venmo
  • Using alternate payment app


Conclusion

While Venmo provides a great social platform, and the idea of adding socialization to the payment app is new and interesting, the policy is not well built to support relevant privacy and safety feature. Venmo still has a long way to go to make this system mature. It may be better to use a payment app only for payment purposes for no because everyone’s privacy is precious.


References

https://venmo.com/

https://www.wired.com/story/venmo-alternatives/

https://threatpost.com/venmo-privacy-public-transactions/147830/

https://techcrunch.com/2019/06/16/millions-venmo-transactions-scraped/

https://www.wired.com/story/i-scraped-millions-of-venmo-payments-your-data-is-at-risk/

https://www.businessinsider.com/venmo-apple-pay-cash-vs-zelle-2017-12

https://www.investopedia.com/articles/personal-finance/032415/how-safe-venmo-and-why-it-free.asp

https://www.praeagency.com/resources/venmo-what-is-it-and-how-can-it-benefit-your-small-business

https://qz.com/359903/the-emoji-of-venmo/

https://techcrunch.com/2019/06/16/millions-venmo-transactions-scraped/

https://www.google.com/url?sa=i&url=https%3A%2F%2Fwww.dailydot.com%2Fdebug%2Fis-venmo-safe%2F&psig=AOvVaw1aeWgoCnAwLZJ_ruuPVN5k&ust=1584220835828000&source=images&cd=vfe&ved=0CAIQjRxqFwoTCMCZzPmwmOgCFQAAAAAdAAAAABAD