PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

Be Careful What You Share on Venmo

For better or worse, Venmo will make all your transactions over the app public by default and even encourage you to write a blurb about them. However, that data can also expose personal details about yourself, according to a privacy researcher.

Michael Kan
 & Michael Kan Principal Reporter

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

If you've ever used Venmo to sell drugs, flirt with a lover, or pay your bills, be careful how you describe those transactions. By default, these phrases or emoji are public, and taken as a whole they can paint a pretty clear picture of how you live your life.

The Venmo API lets developers access public transactions, and one privacy researcher did just that. She then created a website cataloging how the mobile payments app can easily expose personal details.

Venmo Transaction 2Mozilla media fellow Hang Do Thi Duc analyzed the data of 208 million public Venmo transctions involving about 18 million people for the site, called "Public By Default."

"By looking through them, I learned a scary amount about Venmo users," she said in an email to PCMag. "I was able to follow a drug dealer's sales, watch a couple fight viciously on Valentine's Day, and learn exactly how many mangos a Santa Barbara, CA food cart sells each week."

For example, the Venmo data contained the supposed details of one marijuana dealer's business in California. This was because 150 of the man's transactions were written with the term "cbd," a known abbreviation for a chemical compound in cannabis. Other transactions came labeled with the words "Gorilla cookie," "Stacked Kush," and "God's Gift," which appear to be references to other strains of the drug.

Even using Venmo for mundane things can reveal something about you. For instance, paying rent can potentially tell the world who you live with, she said. Many users are also using their full names in their Venmo profiles, which can also contain your Facebook ID in the form of a link when the data is processed through the API.

"And all of this is so easy to access!" Do Thi Duc wrote in a blog post. "I believe this could be designed better. Why include all this information, when essentially the only interesting part is the message?"

In response to the research, Venmo said the app isn't that much different from Facebook. "Like on other social networks, Venmo users can choose what they want to share on the Venmo public feed," the PayPal-owned company said.

In other words, it's up consumers to be careful about what they share. Journalists have reported on the potential dangers for years, but as Venmo grows in popularity, new users might not be aware of its default settings. According to Marketwatch, the app can be quite useful to spy on cheating spouses.

Do Thi Duc's research is another good reminder to watch what you share on the app. She specifically looked at data from 2017, but said the API gives anyone real-time access to public Venmo transactions.

"When you think of your transactions, you might think 'I have nothing to hide,'" she wrote in her blog post. "But after spending time with these stories and insights, perhaps you will ask 'Do I really need to share this?' and invest a few seconds to change your settings on Venmo and on other services."

To make your Venmo transaction private, tap the app's hamburger menu (), and select Settings > Privacy and choose a default privacy setting: public, friends, or private. You can also make your past transactions private in the same section.

About Our Expert

Michael Kan

Michael Kan

Principal Reporter

My Experience

I've been a journalist for over 15 years. I got my start as a schools and cities reporter in Kansas City and joined PCMag in 2017, where I cover satellite internet services, cybersecurity, PC hardware, and more. I'm currently based in San Francisco, but previously spent over five years in China, covering the country's technology sector.

Since 2020, I've covered the launch and explosive growth of SpaceX's Starlink satellite internet service, writing 600+ stories on availability and feature launches, but also the regulatory battles over the expansion of satellite constellations, fights with rival providers like AST SpaceMobile and Amazon, and the effort to expand into satellite-based mobile service. I've combed through FCC filings for the latest news and driven to remote corners of California to test Starlink's cellular service.

I also cover cyber threats, from ransomware gangs to the emergence of AI-based malware. In 2024 and 2025, the FTC forced Avast to pay consumers $16.5 million for secretly harvesting and selling their personal information to third-party clients, as revealed in my joint investigation with Motherboard.

I also cover the PC graphics card market. Pandemic-era shortages led me to camp out in front of a Best Buy to get an RTX 3000. I'm now following how the AI-driven memory shortage is impacting the entire consumer electronics market. I'm always eager to learn more, so please jump in the comments with feedback and send me tips.

The Best Tech I've Had:

  • My first video game console: a Nintendo Famicom
  • I loved my Sega Saturn despite PlayStation's popularity.
  • The iPod Video I received as a gift in college
  • Xbox 360 FTW
  • The Galaxy Nexus was the first smartphone I was proud to own.
  • The PC desktop I built in 2013, which still works to this day.

Read the latest from Michael Kan

Read full bio