Twitter Tip Jar can expose users' Paypal accounts

• The comparison
• Computer Technology
• Twitter Tip Jar can expose users' Paypal accounts

Twitter recently began testing a new feature that lets users tip certain profiles to help them support their work, but concerns have been raised about shippers having their Paypal information exposed. English-speaking users of the social network's iOS and Android apps can now send tips via the company's Tip Jar to authors, writers, specialists and non-profit organizations around the globe. Twitter users interested in tipping account holders of their preferred profiles can do so through a variety of payment methods, including Bandcamp, Cash App, Patreon, Paypal, and Venmo. Although the company does not get any reduction of these tips, the payment networks themselves may charge users a nominal transaction fee for the tips. Esther Crawford, a senior product manager at Twitter, elaborated more on how this new feature works in a weblog post, saying, "You'll know an account's Jar Advice is enabled if you see a Jar Advice icon next to the Continue button on your profile page. Touch the icon and you will see a list of services or payment platforms that the account has activated. Choose your preferred payment service or platform and you'll be redirected from Twitter to your chosen app where you can show your support in the amount you choose. "

Exposed Paypal information

Within hours of the Twitter Jar Tip launch, certain social media users discovered that because of the way Paypal worked, the shipping addresses of those who tipped other users could be exposed online. Hacker and CEO of social engineering-focused white hat hacker company Social Proof Security, Rachel Tobac explained how it works in a tweet, saying: “Big warnings in Paypal's Twitter tip jar. If you tip someone using Paypal, when the recipient opens the tip receipt you sent, they get your *address*. I just tried to confirm tipping @yashar on Twitter with Paypal and he actually got my address, I tipped him. Fortunately, the solution to this potential inconvenience is fairly easy, as those who use Paypal to send suggestions via Twitter Jar Tip can choose "No address required" in the Shipping address form before sending a payment to Twitter has since updated its tip message and Help Center page on its site to make it clear that other apps like Paypal can share information between tip senders and recipients.