TY - JOUR
T1 - Beware of What You Share
T2 - Inferring User Locations in Venmo
AU - Yao, Xin
AU - Chen, Yimin
AU - Zhang, Rui
AU - Zhang, Yanchao
AU - Lin, Yaping
N1 - Funding Information:
Manuscript received February 25, 2018; revised May 6, 2018; accepted May 8, 2018. Date of publication June 5, 2018; date of current version January 16, 2019. This work was supported in part by the U.S. Army Research Office under Grant W911NF-15-1-0328, in part by the U.S. National Science Foundation under Grant CNS-1700032, Grant CNS-1700039, Grant CNS-1651954 (CAREER), and Grant CNS-1718078, and in part by the National Natural Science Foundation of China under Grant 61472125. (Corresponding authors: Yanchao Zhang; Yaping Lin.) X. Yao was with the School of Electrical, Computer, and Energy Engineering, Ira A. Fulton Schools of Engineering, Arizona State University, Tempe, AZ 85287 USA. He is now with the College of Computer Science and Electronic Engineering, Hunan University, Changsha 410012, China (e-mail: xinyao@csu.edu.cn).
Publisher Copyright:
© 2014 IEEE.
PY - 2018/12
Y1 - 2018/12
N2 - Mobile payment apps are seeing explosive usage worldwide. This paper focuses on Venmo, a very popular mobile person-to-person payment service owned by Paypal. Venmo allows money transfers between users with a mandatory transaction note. More than half of transaction records in Venmo are public information. In this paper, we propose a multilayer location inference (MLLI) technique to infer user locations from public transaction records in Venmo. MLLI explores two observations. First, many Venmo transaction notes contain implicit location cues. Second, the types and temporal patterns of user transactions have strong ties to their location closeness. With a large dataset of 2.12M users and 20.23M Venmo transaction records, we show that MLLI can identify the top-1, top-3, and top-5 possible locations for a Venmo user with accuracy up to 50%, 80%, and 90%, respectively. Our results highlight the danger of sharing transaction notes on Venmo or similar mobile payment apps.
AB - Mobile payment apps are seeing explosive usage worldwide. This paper focuses on Venmo, a very popular mobile person-to-person payment service owned by Paypal. Venmo allows money transfers between users with a mandatory transaction note. More than half of transaction records in Venmo are public information. In this paper, we propose a multilayer location inference (MLLI) technique to infer user locations from public transaction records in Venmo. MLLI explores two observations. First, many Venmo transaction notes contain implicit location cues. Second, the types and temporal patterns of user transactions have strong ties to their location closeness. With a large dataset of 2.12M users and 20.23M Venmo transaction records, we show that MLLI can identify the top-1, top-3, and top-5 possible locations for a Venmo user with accuracy up to 50%, 80%, and 90%, respectively. Our results highlight the danger of sharing transaction notes on Venmo or similar mobile payment apps.
KW - Location inference
KW - Mobile payment
KW - Privacy
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85048166752&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85048166752&partnerID=8YFLogxK
U2 - 10.1109/JIOT.2018.2844218
DO - 10.1109/JIOT.2018.2844218
M3 - Article
AN - SCOPUS:85048166752
SN - 2327-4662
VL - 5
SP - 5109
EP - 5118
JO - IEEE Internet of Things Journal
JF - IEEE Internet of Things Journal
IS - 6
M1 - 8372910
ER -