Ultimate guide to be private and secure on dating apps

As romance goes digital, extra steps are needed to avoid a privacy heartbreak. Here are our tips for protecting yourself and your data from overexposure.

Don't start using dating apps without taking privacy and security into consideration.

Is it possible to balance getting to know someone while keeping personal data secure? Let's find out. We've compiled our own list of suggestions for balancing privacy and openness with online dating apps.


Brief history of dating apps

The quest for love is as old as history and scams seeking to exploit that search are often not far behind. In the age of the digital world and dating moving online, it is crucial that you are taking the proper steps to keep yourself and your personal data safe. But is it even possible to stay private when using online dating websites and apps? Let’s find out!

Dating websites are not a new phenomena, but what has changed with new location-based dating apps is the additional details displayed about the user. While a dating site would request a location, be it a city or metropolitan area, current dating apps will provide location data showing potential matches to a nearly exact location. Different apps offer different distance measurements, but security researchers have warned over the ability to triangulate locations beyond the intentions of the developers.

This move has made using platforms like Tinder, Grindr, Bumble, or Hinge an easy way to meet someone local, but it is not without risks to your privacy and security.

What is at stake?

While the potential of meeting hot local singles near you might seem enticing, using these apps can overshare information to those you might not wish to share it with. If you are trying to meet someone with a short bio and an image, making that first impression is a must, but it is worth keeping in mind that not only people you match with will be seeing your personal information.

So here goes the first tip: Don’t share anything you wouldn’t be OK with your parents, your boss, or your friends seeing!

Ashley Madison and other breaches

Data breaches have become an almost daily occurrence (as I’ve discussed with Have I Been Pwned founder Troy Hunt on YouTube) and with the jump towards digitally powered dating, these apps and sites have by now become a target for hackers and extortionists. One of the most notable data breaches to hit a dating site was the infamous Ashley Madison breach in 2015.

Ashley Madison was a dating site created as a platform facilitating extramarital affairs. When the Impact Team hacking group breached the site, the private information of its users was quickly released to the public and it included names, email addresses, credit card numbers, and even user search histories. Beyond the shady practices of the company itself, lax and insufficient security measures led to the userbase of Ashley Madison being completely exposed.

The Ashley Madison data leak shows why giving your personal information to dating sites can be a very dangerous thing: Information gathered from this breach led to waves of extortion, public shaming, and even cases of suicide. Ethics aside, users of Ashley Madison were trusting the company to protect their intimate personal data and this trust was broken. By implementing out-of-date MD5 hashing algorithms, it took hackers little work to crack passwords which could be used for future attacks on users’ login passwords.

While today’s dating apps have the ability to learn from the mistakes made by the operators of Ashley Madison, users are still placing their private data into the hands of others who might not be placing security and privacy at the forefront of their attention. Data breaches are not the only threat posed by these kinds of dating apps and platforms. Threats to your physical safety are also a severe risk.

In 2020, dating app Tinder experienced a leak which caused 70,000 photos of women to be distributed across hacking forums. The cause of the leak appeared to have been an insecure API which allowed the hacker to gather images beyond the normal range determined by the app. Images were linked to a userID, but personal information beyond this was not included. This is just one example of why it is so important not to share beyond your comfort zone when using dating apps. These kinds of security incidents are becoming more common and while we cannot secure the infrastructure of a third-party service, we can control what we decide to share.

Always assume that any data you post can go public.

Location data, Catfishing, Extortion, and Stalking

When using dating apps that take advantage of GPS data being provided by your smartphone, you can meet other like minded folks nearby, but unfortunately less-than-friendly individuals might also be viewing your profile – and knowing how close you are to them. Some apps might say a potential date is a certain number of kilometers away, while others might even show the distance between you and the person in meters.

LGBT-friendly dating app Grindr: example of distance to potential date.

While the location tracking might make using dating apps to hookup easier, it also gives potential threats an intimately close description of your current location.

This information can be used by stalkers or even governments as a means of tracking your movement. This led to a crackdown on Egyptian users in 2014 which allowed the police to create fake accounts for use in entrapping and then arresting gay men. Grindr, the app being used in this case temporarily deactivated the tracking feature, but it has since reactivated the feature again.

Maybe you aren’t located in a country where homosexuality is treated like a crime, but there are other threats posed by location-based dating apps. Namely, catfishing which can lead to extortion or even cases of stalking.

A catfishing profile on Tinder.

This might look like a nice date opportunity, but you never know who might be hiding behind the profile pic.

Catfishing is the practice of meticulously creating a fake account for the purpose of either landing a date with someone, or for malicious reasons. In a recent wave of blackmailers abusing dating apps for their purposes, younger individuals are increasingly encountering catfishing accounts which at some point request nude images. After a number of compromising images have been sent, the trap might be sprung. The user will receive a message that they’ve been tricked and that if they don’t pay a certain amount of money, often in gift cards or cryptocurrencies, that their nude images will be sent to their friends and family via social media.

Beyond the financial drive, location based dating apps can also be used for stalking. Maybe you went on a not-so-fantastic date, but the person you met was not happy with you not dating them anymore. If they have a few pictures which you have used on other social media platforms like Facebook or Instagram, your earlier date can quickly find other profiles which may contain more personal information through reverse image services, which nowadays are offered by most major search engines.

Many companies might think it nice to show their employees to the world. This does show the humans behind-the-scenes and helps marketing teams, but even this innocent sharing of images can cause problems as dating app stalkers could show up at your place of employment.

So given all these threats, the question remains: How can you stay safe while using dating sites which have seemingly taken over when it comes to meeting new people?

Dating Apps: Tips for staying safe

1. Stay on platform

One move that fraudsters often take is trying to move your conversations off the dating app to another chat platform like SnapChat, WhatsApp, etc. This move provides the creep with more information about you and can keep their dating account “clean” when it comes to future reports of fraudulent activity.

It is crucial that you determine the person you are speaking with is real before moving offsite. Most dating apps don’t conduct criminal background checks on the people signing up, so no one really knows who the person behind the screen really is. Some apps have moved to prevent catfishing by creating ID verification processes to try and reduce the threat of fake accounts on their platforms, but most haven’t.

One way to avoid being catfished is to conduct your own research before agreeing to meet up or even continuing the chat. For the first date, it’s definitely recommended to meet in a public place as this lowers the risk since malicious actors might not want to show themselves publicly.

2. Pictures…

Sharing pictures can be tricky. If your profile doesn’t have any images, you are likely to be flagged as a spammer or not receive any messages, but oversharing can also be a risky endeavor. One step you can take is to use images which may not clearly show your face, pictures with sunglasses or shadows. You should also not recycle images which have been posted on other social media platforms as this makes it too easy to connect your profiles.

In regards to cross-sharing images, it is also recommended that you don’t use a dating apps option to connect to your other social media accounts like Instagram or Facebook. This not only prevents the company from gaining more access to your personal information, but it also can keep your other profiles hidden from people who find you through your dating profile, but are not interested in dating you, but have malicious intentions.

3. Create accounts with unique aliases and passwords

When creating new accounts on dating platforms, it is always smart to use an email alias instead of your primary email address or phone number. An alias provides a barrier between your existence on the app and your main email account address. This will help keep you and your data safe. Should you start receiving unwanted emails to the alias address all you need to do is deactivate the alias and you are saved from these unwanted messages. With Tuta Mail creating email aliases only takes a few simple clicks and you can sign up for your favorite dating app in total privacy.

4. Only provide necessary information when signing up

When prompted to provide personal information when signing up for a dating site, or any service, you can decide which information you believe necessary to state accurately. If you have a unique name, you can alter spelling or use a nickname. Shortening your last name or using only an initial may be other ways to minimize overexposure. Birthdays can also be altered when signing up which can be witnessed by the number of January 1st birthdays found in breach data of online dating apps and dating sites.

Remember, unless legally required you have no responsibility to provide full, 100% accurate personal information when signing up for services like dating apps.

Some services might require a phone number to create an account. Here you can take advantage of VoIP numbers to keep your primary mobile phone number safe from potential abuse. We explain why it’s important to not over-share your private data online and how to remove your personal information from the web here.

5. Don’t overshare

Most importantly, just because you are prompted to add data to a profile does not mean that you must do so. You can take advantage of privacy settings for each account to limit the public exposure of your profile which also helps in limiting the visibility of your data.

Beyond personal information displayed on your profile, it is also important to avoid oversharing through any media uploaded to your account. By avoiding pictures or videos which might display your home or place of employment, you are taking steps to keep your dating life as safe as possible.

Love yourself and love your email provider

At the center of your digital life is your email account, and it’s important to protect your digital identity. It is required for creating new accounts, for official contacts at your bank, and for obtaining employment.

By choosing a secure and private email provider, you can rest assured that your data is safe. If you are looking to make the switch to a private email service, Tuta Mail is bringing privacy to the masses for free.

You can create your free account and start taking your privacy back today!