Swipebuster Uses Open API To Identify Tinder Users

The amount of information available through Tinder’s public API has been exposed by a new service called ‘Swipebuster’, which lets interested parties search for users on the dating app by first name, age, gender and location for a fee of $4.99 (£3.50)

The anonymous creator of Swipebuster, previously known as ‘Tinderbuster’, told Vanity Fair that he merely wanted to raise awareness of the perils of oversharing on the web and hoped Tinder would improve the privacy of its platform as a result.

“There is too much data about people that people themselves don’t know is available,” they are quoted as saying. “Not only are people oversharing and putting out a lot of information about themselves, but companies are also not doing enough to let people know they’re doing it.

“It’s worrisome that you can do this with so many services, not just Tinder. We just decided to do it with Tinder because this has so many implications.”

Tinder exposed

However there is no mention of this supposed mission statement on the Swipebuster website, merely instructions on how to find out if someone is using Tinder. Additionally, the subscription fee would suggest the creator is benefiting financially from the openness of the API.

Tinder refutes the suggestion that users are being exposed, telling Vanity Fair: “Searchable information on the Web site is public information that Tinder users have on their profiles. If you want to see who’s on Tinder we recommend saving your money and downloading the app for free.”

However Tinder users may have submitted this information in the belief that it would only be accessible within the application. Personal details could be used for identity theft, while a searchable record of location data could be used by criminals to identify residences and potentially for stalking.

No financial data is exposed, but as the fallout from the Ashley Madison hack proves, users of dating apps expect a degree of privacy and if a certain platform has a reputation for not ensuring that, it could be catastrophic – especially if a person is already in a relationship.

Blackmailers targeted Ashley Madison users identified in the hack, demanding ransoms in exchange for keeping the existence of accounts a secret. The incident cost Ashley Madison’s CEO their job and caused plans for a flotation to be abandoned.

Tinder had not responded to TechWeekEurope’s request for comment at the time of publication.

Recent studies from privacy campaigners say smartphone users are being tracked day and night through their mobile devices and could be at risk should this location data fall into the wrong hands.

Are you a security pro? Try our quiz!