Venmo’s Privacy Settings Continue to Pose Problems
Salmon said he published the data “in order to bring attention to Venmo users that all of this data is publicly available for anyone to grab without even an API key.”
By default, all Venmo accounts and transactions are set to public. Users can change this by going to Settings, then Privacy and selecting “Private.” They can also make past transactions private in the Past Transactions section.
Venmo’s privacy settings have long been under scrutiny. Last year, a researcher in Berlin crawled through over 200 million transactions. The public data revealed specific details about each user, including linked social media profile pictures. Many of the transactions in both exposure cases involved illegal activity.
The peer-to-peer payment platform has done little to address these concerns over the last year. They have removed a warning that used to show when someone changed their settings from public to private. They have also set limitations to make their public data harder to collect in large qualities. Salmon was still able to scrape 57,600 transactions per day, even with the API limits.