Venmo
Based on Wikipedia: Venmo
In May 2021, journalists at BuzzFeed News found the personal Venmo account of Joe Biden, the sitting President of the United States, in less than ten minutes. They weren't hackers. They didn't use any special tools. They simply opened the app and searched. The leader of the free world—a man protected by the Secret Service, whose daily movements are classified, whose communications are encrypted—had his financial social network exposed to anyone curious enough to look.
This is Venmo.
It's a payment app that defaults to broadcasting your transactions to the world. Not the amounts—that would be too obvious a privacy violation—but the who, the when, and often the why. Your late-night pizza orders. Your rent payments to your roommate. That awkward morning-after Venmo to someone whose last name you barely remember, accompanied by a single emoji that says more than you intended.
The Forgotten Wallet That Changed Everything
Andrew Kortina and Iqram Magdon-Ismail met as freshman roommates at the University of Pennsylvania in the early 2000s. Like many college friendships, theirs was cemented through a series of small collaborative projects and shared frustrations. One of those frustrations involved helping a friend start a frozen yogurt shop, where they discovered just how terrible traditional point-of-sale software could be—the kind of clunky, outdated systems that made simple transactions feel like an ordeal.
But the real spark came from something more personal. During a visit to see Kortina, Magdon-Ismail realized he'd forgotten his wallet. The resulting inconvenience of settling their debt—writing checks, making bank transfers, waiting days for funds to clear—seemed absurd in an age when they could send photos, messages, and emails instantaneously. Why couldn't money move just as easily?
They started building a solution.
The original prototype worked through text messages. You'd type something like "pay $20 to Andrew" and the system would handle the rest. The name they chose, Venmo, came from combining the Latin word "vendere" (meaning "to sell") with "mo" for mobile. They wanted something snappy, easy to spell, and memorable.
There was just one problem: what they were building was technically illegal. Text-message payments existed in a regulatory gray zone in 2010, with different rules in different states. So they brought on the Philadelphia law firm Morgan Lewis to navigate the compliance maze. To prove their concept worked, they partnered with a local entrepreneur to use the technology for something unambiguously good: raising money to rebuild an orphanage in Haiti after the devastating 2010 earthquake.
That first $300,000 processed through the system went to The New Life Children's Home in La Plaine Port-au-Prince. It was the proof of concept that unlocked $1.2 million in seed funding from RRE Ventures.
From Startup to PayPal Empire
The trajectory from scrappy startup to corporate acquisition happened remarkably fast. In 2012, a company called Braintree—a payment processing firm that handled transactions for companies like Airbnb and Uber—acquired Venmo for $26.2 million. Just one year later, PayPal swooped in and bought Braintree for $800 million, making Venmo part of one of the largest digital payment ecosystems in the world.
Under PayPal's ownership, Venmo evolved from a simple peer-to-peer payment tool into something more ambitious. Before October 2015, the app explicitly prohibited business transactions—it was designed for splitting dinner bills with friends, not buying products. But that changed when PayPal saw the commercial potential. In January 2016, they announced partnerships with merchants like Munchery (a meal delivery service) and Gametime (a ticket marketplace). Eventually, any merchant that accepted PayPal could accept Venmo.
The numbers tell the story of explosive growth. By 2021, Venmo was processing $230 billion in annual transactions and generating $850 million in revenue. To put that in perspective, the entire gross domestic product of Iceland is around $25 billion. Venmo moves nearly ten times that amount in a single year.
The Social Network You Didn't Know You Joined
Here's what makes Venmo fundamentally different from PayPal, Zelle, or your bank's transfer feature: it's a social network wearing the disguise of a payment app.
When you send someone money on Venmo, you're prompted to add a note—a memo explaining what the payment is for. These notes, along with the names of the people involved, are then published. By default, they're visible to everyone. Not just your friends. Not just other Venmo users. Everyone. Anyone who downloads the app can scroll through a public feed of transactions from strangers around the world, watching the financial breadcrumbs of daily life scroll past in real time.
The amounts stay hidden, which provides a thin veneer of privacy. But the context often reveals plenty. A transaction to "Mike's Lawn Care" tells neighbors you hired a landscaper. A series of payments to the same person every month with pizza and beer emojis reveals the rhythms of a friendship. Payments marked "rent" and "utilities" to three different people expose your living situation.
This wasn't an accident or oversight. It was a deliberate design choice.
In the early days, Venmo required new users to sign up through Facebook. This served two purposes: it made it easy to find friends to pay, and it turned every transaction into free marketing. When your Facebook friends saw you using Venmo, curiosity would pull them in. The social feed created a sense of community and activity—the app felt alive in a way that a simple payment processor never could.
Venmo even encourages engagement with transaction notes, prompting users to add jokes, emojis, and likes. You can comment on other people's payments. It transforms the mundane act of paying someone back into a form of social expression.
The Privacy Problem No One Signed Up For
In 2018, a researcher scraped over 200 million public Venmo transactions. What they found was troubling: the data revealed "a massive amount of private details about users' lives." Drug dealers were identified through payment patterns. Romantic relationships were exposed through late-night transactions. Daily routines, social circles, even mental health struggles—all inferrable from the steady stream of public payment data.
The Federal Trade Commission (FTC) took notice. Their investigation found that Venmo had made "false representations" about offering "bank-grade" security—a claim that journalists, security researchers, and the California Department of Business Oversight had all disputed. The company had also failed to comply with the Gramm-Leach-Bliley Act, federal legislation designed to protect consumers' financial information. The FTC specifically accused Venmo of "misleading consumers about the extent to which they could control the privacy of their transactions."
Under the settlement, Venmo agreed to undergo third-party security audits every two years for the next decade. They also made some changes to privacy settings.
But the fundamental architecture remained unchanged. Transactions were still public by default. Users could make their payments private, but most never bothered to change the settings. The social feed kept scrolling.
In 2019, another researcher downloaded and analyzed seven million more transactions. Despite Venmo's minor improvements to limit mass data scraping, the conclusion was the same: the default public settings put users at risk for cyber attacks, stalking, and social engineering.
That same year, Mozilla and the Electronic Frontier Foundation—two organizations devoted to internet privacy—wrote an open letter expressing "deep concern about Venmo's disregard for the importance of user privacy." They called for two specific changes: make transactions private by default, and give users privacy settings for their friends lists.
As of the time of writing, transactions on Venmo remain public by default.
What Researchers Found When They Looked
The University of Washington conducted a study in 2017 that highlighted something unusual about Venmo's social model. Unlike Facebook or Instagram, where users deliberately post content to share with others, Venmo's social feed is driven by financial necessity. You don't post to Venmo because you want attention—you post because you needed to pay someone.
Technically, you could make trivial transactions just to appear on the feed. Send someone a penny with a clever note, and it shows up like any other transaction. But researchers found that almost no one actually does this. The social aspect is accidental, a byproduct of the payment function rather than its purpose.
This creates an unusual dynamic. Users are generating social data without social intent. They're participating in a public feed without meaning to be public figures. The transaction memos—often written hastily, sometimes embarrassingly honest—were never meant as public statements.
A 2022 study from the University of Southern California analyzed 389 million public transaction notes and found that two out of five Venmo users publicly reveal sensitive information. The researchers titled their paper "I know what you did on Venmo: Discovering privacy leaks in mobile social payments." It highlights what they call the "serious risks from a public-by-default policy for mobile social payments."
The analysis revealed patterns that users probably never intended to broadcast: addiction recoveries, medical conditions, relationship statuses, political affiliations. All pieced together from the casual notes people type when they're just trying to pay someone back for coffee.
How the Money Actually Moves
For all its social networking features, Venmo is fundamentally a way to transfer money, and the mechanics of that transfer matter.
When you create a Venmo account, you provide basic personal information and connect a funding source: a bank account, debit card, or credit card. You can also order a physical Venmo MasterCard that works like a traditional debit card at any merchant that accepts MasterCard, with the added feature of tracking your spending directly in the app.
Payments from a linked bank account or debit card are free. Using a credit card incurs a 3% fee—and some credit card issuers treat Venmo payments as cash advances, which can trigger additional fees and higher interest rates. This is worth understanding: that 3% Venmo fee might be just the beginning of what you pay if your credit card company categorizes the transaction as cash rather than a purchase.
New users face transaction limits until their identity is verified: $299.99 total until you confirm who you are, then up to $2,999.99 per week afterward. The verification process is standard for financial services—social security number, date of birth, the usual identity confirmation that proves you're a real person and not a money launderer.
Here's something that surprises people: Venmo transfers aren't instantaneous. Despite the illusion of immediacy—you tap a button, see a confirmation, feel like the money has moved—the actual transfer of funds can take one to three business days, just like a traditional wire transfer. During that window, the sender can cancel the payment.
This delay has been exploited by scammers. The Better Business Bureau has documented cases where fraudsters use the cancellation period to appear as if they've paid for something, then cancel the payment after receiving the goods. By the time the seller realizes the money never actually arrived, the scammer and their purchase are long gone.
In 2018, PayPal introduced an instant transfer option that deposits funds to a debit card within about 30 minutes. It costs 1% of the transfer amount or $10, whichever is less. The standard free transfer still takes one to three business days.
The Fraud Problem
In November 2018, The Wall Street Journal reported that Venmo had suffered $40 million in operating losses during the first quarter of that year alone—nearly 40% more than the company had budgeted. The cause was "a wave of payments fraud."
The same features that make Venmo convenient also make it vulnerable. The social trust built into the platform—the assumption that you're dealing with friends, that the casual tone of emoji-laden transactions reflects genuine relationships—creates opportunities for exploitation. Scammers pose as friends, exploit the cancellation window, and vanish.
Venmo provides no buyer or seller protection. Unlike PayPal's purchase protection program or credit card chargeback rights, Venmo offers no recourse if a transaction goes wrong. If you pay someone on Venmo and they don't deliver what they promised, that's your problem.
This becomes particularly concerning given the gray market use that researchers have documented. Despite official policies prohibiting certain business transactions, a 2018 study of New York City restaurants found Chinese takeout spots and food trucks accepting payments through personal Venmo QR codes—the same QR code payment behavior popularized by Chinese apps like WeChat and Alipay. These transactions exist outside Venmo's already limited protections.
The Debt Collection Controversy
In 2021, the Consumer Financial Protection Bureau (CFPB) began investigating Venmo over how it handles users who owe money for transactions. The investigation focused on "unauthorized funds transfers and collections processes."
The backstory reveals aggressive practices. When users end up owing Venmo money—sometimes due to fraud, sometimes due to canceled transactions, sometimes due to overdrafts—the company has taken an aggressive stance on collection. Customer service emails obtained by journalists showed Venmo threatening to involve collection agencies over debts as small as $7. They've seized funds from users' connected PayPal accounts. They've pursued people who were themselves victims of scams.
These practices continued throughout the COVID-19 pandemic, a period when regulators and many other financial institutions showed increased flexibility toward consumers facing hardship. Venmo maintained its aggressive approach.
The irony is that some of these debts originated from fraud. A user might fall victim to a scam, have money improperly withdrawn from their account, and then find themselves pursued by Venmo for the resulting negative balance. The victim becomes the debtor.
The Cryptocurrency Pivot
In October 2020, PayPal announced that both Venmo and PayPal would begin supporting cryptocurrency transactions: Bitcoin, Bitcoin Cash, Ethereum, and Litecoin. Users would be able to buy, hold, and sell these digital currencies directly within the app.
The rollout began in early 2021, initially limited to select users before expanding to the broader user base. It represented a significant evolution of Venmo's identity—from simple peer-to-peer payments to something approaching a full financial services platform.
Whether this makes Venmo more useful or simply more complicated depends on your perspective. For cryptocurrency enthusiasts, the ability to buy Bitcoin where they already manage their daily transactions offers convenience. For users who just want to split the dinner bill, it's another feature cluttering an app that was once admirably simple.
The Groups Feature
In November 2023, Venmo introduced a feature called Venmo Groups, designed for tracking shared expenses among multiple people. It's a direct competitor to apps like Splitwise, which have built entire businesses around the surprisingly complex math of "who owes whom" in shared living situations, group trips, and collaborative purchases.
The feature allows groups of users to track ongoing expenses and settle up over time, rather than handling each transaction individually. For roommates splitting rent, utilities, groceries, and streaming subscriptions, it potentially simplifies the constant back-and-forth of individual payments.
It's also another data point in the social feed—another window into users' lives for anyone watching.
The Question No One Asks
There's something worth pausing on here. Venmo succeeded not despite its privacy-exposing defaults, but arguably because of them. The social feed created engagement, virality, and a sense of community that distinguished Venmo from boring, utilitarian competitors. The fact that your transactions were visible made the app feel alive. The emoji-studded payment notes became a form of social expression.
Two hundred and thirty billion dollars flowed through Venmo in 2021. Millions of users never changed their privacy settings. The President of the United States could be found with ten minutes of searching. And the money kept flowing.
The question isn't whether Venmo's privacy practices are problematic—they clearly are, as documented by researchers, regulators, and journalists. The question is whether users actually care. Or more precisely: whether they care enough to change their behavior, to navigate the settings menus, to trade the small pleasure of social engagement for the abstract benefit of privacy.
So far, the evidence suggests they don't.
This might be the most interesting thing about Venmo. It revealed that for many people, convenience and social connection outweigh privacy concerns—not in theory, not in surveys, but in practice, in billions of dollars of transactions made public by default. It's a running experiment in what people will trade for a slightly better user experience.
And the experiment continues, one public transaction at a time.