Twitter’s Tip Jar makes it easier to send tips, but it has a privacy issue

May 10th, 2021

Twitter has become a platform that people often use so their voices can be heard, be it for bringing social issues to the attention of others or calling for donations or support for people in need. Twitter recently introduced Tip Jar, a new feature that allows users to send and receive tips.

It’s still undergoing some tests though, so the feature isn’t available to everyone yet. As of now Tip Jar is only available for those who use Twitter in English, but the creators are working to make it accessible to more people. Eventually, it will also be made available to more languages. Those in the initial testing group include creators, journalists, experts, and non-profit organizations. 

Looks like the admins of Twitter took notice of people plugging in their PayPal and Venmo links under their viral threads. 

While this new feature was introduced to make it easier to support others on Twitter, there’s something important that the developers have overlooked. Some Twitter users have already tried out Tip Jar to see how it works, and some have found that there’s an issue with this new feature in terms of privacy.

Rachel Tobac, a security researcher, tested out Tip Jar by sending a tip to someone through PayPal and found out that her recipient — aside from getting her tip  also received Tobac’s home address.

Another problem was found by former Federal Trade Commission chief technologist Ashkan Soltani. Soltani found out that if you send a tip via PayPal, it’s possible to see a user’s email address, even if you don’t make a transaction. Turns out that if you don’t have a username on PayPal, by default it shows your email address instead. 

Twitter’s help page discussing Tip Jar warns that since the payment services are third parties, your tip will be processed through these external sites so your transactions are subject to different terms and services depending on which payment service you choose.

The page also warns that your info – like your full name and your home address – may be seen by the tip recipient. However, Twitter should still do something more effective so that users will be adequately informed and warned about this security problem.

Product Lead Kayvan Beykpour has spoken up regarding the issue with using PayPal on Tip Jar and said that Twitter has no control over PayPal revealing people’s addresses, but they will add a warning for users who will send tips through this particular payment service. 

Tip Jar could be a very useful and more convenient way to show support for Twitter users, but the developers should do something about the privacy issue first.

 

 

Other POP! stories you might like:

Picsart is not for album covers, fans remind Lana Del Rey on Twitter

‘He works, She cooks’: Google Translate results reveal gender bias in tech

FYI, chunks of metal from a ‘rogue’ rocket could be hitting Earth soon

HERstory: The evolution of motherhood & women’s roles in the Philippines

Ben Affleck debunks a (gone) girl’s doubts when she unmatches him on Raya

 

INQPOP! Stories we think you might also like: