Apparently all payments using Venmo, including the real name, are public by default for everyone!

Venmo has always been a very social payment service, but wanting to pay people socially is a bit odd to begin with. It's hard to imagine how many problems that could cause...

@Gargron Venmo, the unnecessarily social payments network.

@annika @Gargron like the Blockchain, but, incredibly, stupider

@Gargron um, what the heck? I don't understand... This looks to be leaking huge amounts of information which is really scary...

@JigmeDatse Is it still leaking if it's supposed to be like that? The only question is whether the users are aware it's like that.

@Gargron Well, it's almost certainly a violation of some protection of private information thing. So, I would say that it is leaking. But it does seem to be intentionally designed that way, though I *suspect* they didn't expect anyone to find it.

@JigmeDatse @Gargron The endpoint is literally called "public". It seems like it is known at least since 2016 ( ). But I suppose they underestimate what kind of information can be inferred from the metadata. I'm curious whether they will lock down the API now that this gets some attention. Anyway, a nice dataset for Social Network Analysis I guess.

@Gargron Yep, I got to explain Venmo’s settings to my shrink after seeing her other patients listed as paying her.

@Gargron this has been known since launch. I remember that someone used their public api to build a live stream of everyone buying drugs before they got throttled on api calls

Sign in to participate in the conversation

Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!