On Friday, the payment app Venmo wrote a blog post enumerating the variety of security measures it takes to protect its customers.
The post came after Slate ran a story about a user who had almost $3,000 taken from his bank account, which the app directly links to. The user was eventually reimbursed by Chase bank, but closed his Venmo account after the incident.
“We’re processing billions of dollars of your payments every year and we maintain fraud rates favorable to industry standards and that is why we are comfortable guaranteeing your money if you are the victim of fraud or unauthorized transactions,” Michael Vaughan, a general manager at Venmo, wrote on the company blog.
“We have fraud protection algorithms and systems that are always on. As much as I'd love to share more here, I don’t want to tip our hand to would-be fraudsters, but we back it up by guaranteeing your money from unauthorized transactions.”
In an effort to reassure customers, Vaughan listed features such as the encryption of financial information, PCI-compliancy, and spending limits. Still, the company was criticized for not using two-factor authentication, lagging on customer service, and not automatically sending users an email notice when an account password changes.
The lack of an automatic email notice aside, however, Venmo doesn’t show any serious security deficits.