Timothy R. Primrose, Mobile Forensic Analyst
Venmo, owned by PayPal, is a mobile payment service that allows users to pay and request money from other users. Once money is received, a “Venmo Balance” is created. Money in the Venmo Balance can be utilized for future transactions through Venmo, or can be transferred to the linked bank account.
Venmo data can be utilized in forensic investigations and can be subpoenaed, or the data can be requested directly from Venmo by the owner of the account. Below is some of the data I received from Venmo, which contains transaction history for the month of September in 2020. Venmo retains all of a user’s transactions, dating back to when Venmo was created in 2009.
Note the different datatypes presented in the table below including timestamps of when the transaction occurred; whether a payment was made or if money was transferred to the bank; whether payment failed or was complete; description of what the transaction was for; parties involved in the transaction; amount of money transacted; where the money came from; and, where the money was transferred to. Within the notes column, there are some illegible characters. These characters represent emojis. Emojis are not viewable in this format, but if you look below the table, we can still view the emojis employed.
Venmo data can be evaluated to discover associates of a given person of interest. Frequent transactions with someone may bring a new suspect to light. In a drug investigation, investigators may analyze Venmo transactions to trace activity back to a drug dealer.
Case Study: After being pulled over for a routine traffic violation, police found three grams of cocaine in the defendant’s vehicle. During his deposition, the defendant stated that he gets his cocaine on Thursday nights and typically spends $500. The defendant refused to give up the name of his drug dealer. Upon review of the defendant’s Venmo account activity, weekly transactions with “Pablo Escobar” in the amount of $500 every Thursday around 7:30pm were uncovered. The note that described what the transactions were for included the snowflake emoji. “Snow” is a known slang for cocaine. Of course, Pablo Escobar was not the name listed in the account activity, but we were able to ID the drug dealer based on the first and last name available.
Venmo data has endless applications in the forensic world. Showing that someone paid their friend $15 for Applebee’s provides investigators with a potential witness and location of where the person of interest was prior to an incident. Venmo data may be overlooked in scenarios involving a DUI. Learning where the driver was drinking can lead to statements from the bartender or wait staff indicating how much the person drank. If you ever have a case that you need to know what events occurred prior to an incident, consider collecting data from Venmo, social media platforms, or the person’s cell phone.
Timothy R. Primrose, Mobile Forensic Analyst with DJS Associates, Inc., can be reached via email at experts@forensicDJS.com or via phone at 215-659-2010.