Does Honey Compromise Your Privacy?

I’m sure you guys have heard of the Chrome extension, Honey, a program designed to find promo codes and coupons across the Internet and automatically apply them to your shopping cart on whatever website you’re using. They sponsored countless YouTube hours and it has been downloaded over 17 million times since its release. Here is Honey App Review 2021

I’ve even started using it after seeing so many ads on YouTube, and it saved me money. The reason it took me so long to start using it after having seen so many of these ads, is that I’m usually pretty skeptical about these types of programs. But their marketing team did their job really well. And I folded and I got the app. Like I said, it saved me money, as I do with most apps. I simply clicked through the user agreement and threw it onto my Chrome browser, not thinking twice about it. A few days ago, I was watching a Codelco video as I sat in my coronavirus induced isolation. And sure enough, Honey had sponsored one of his videos for some reason. This time I began wondering how he makes money. I’ve wondered that before, but wasn’t curious enough to look into it. Regardless, I decided to start looking online for some answers. At first, it all seemed pretty standard in terms of data collection and privacy, and it’s money making process made sense. There were a couple of things that concern me and I want to share what I found.

Honey App

But first, I want to briefly look at how it started and how it became so prominent. In 2012, one of Haney’s co-founders, Ryan Hudson, was ordering pizza and he wished he had a coupon to save some money on the meal. That same night, he threw together a prototype that would find coupons online that a customer could apply to a purchase. This prototype became Honey, which was launched that same year. After several years of not being able to convince investors to put their money behind a browser extension. Hudson took a job at an advertisement company. However, through word of mouth and Reddit, Honey began growing pretty organically. Hudson’s co-founder, George Raun, is still CEO and the company now has over 200 employees worldwide. What began as somewhat of an overlooked startup has now become a household name on the Internet. So, all in all, not bad for trying to save some money on pizza. With that being said, I want to address the original concern for me looking up Honey’s processes, how they make money after digging a bit further. It seems like the main way honey makes money is through its commission with affiliate businesses. Essentially, an affiliate business will provide honey with a discount code. And when you are shopping on that affiliate business’s website, Honey will provide you with that discount code. Honey will get a chunk of the money from that sale. This means that the discount codes that are often quote unquote found by honey are actually given to them by these affiliate businesses.

They aren’t randomly found online by honey software. And this way, honey, isn’t even utilizing your personal data in the money transaction. Instead, the data collection that is actually taking place is used to streamline your shopping process. But more on that later. In addition to this baseline service, honey also makes money through its Hornigold program. Hornigold functions as a rewards program where the more often you use its service, the more points you can earn. When you earn 1000 points, you can exchange the points. And for gift cards for online stores like Amazon, it’s a pretty reasonable, free program that rewards loyalty to ensure that people keep using honey services. Now let’s address one of the most important questions regarding Honey’s data collection. Is it selling your data to answer that question succinctly? No, it isn’t selling your data at all. But the reality is a little more nuanced than that. On a basic level, honey needs to know some surface level information about you in order to do its job. Well, this means it utilizes cookies to keep this data and make sure you can make the most of their service by signing up with honey. The user agreement mentions that the data they’ll be collecting includes your login banker credit card information if you use their app or honey pay items added to your drop list trends you refer to honey stores you follow on, honey, your type of device, your devices, unique ID operating system, IP address, then stamps and error logs.

Some of those last ones may seem concerning to you, but Honey clarifies on their agreement that, quote, This data allows us to make sure honey products are working correctly to make your experience better and to detect and prevent fraud. Also to help us gauge the effectiveness of our communications and understand how our users engage with our services. We use common digital tools that allow us to see if you open an email we sent or visited a link in those emails. Essentially, they tracked this data to make sure honey is running smoothly and also to see what the most common devices and operating systems are. They can then use this information to market their services to people with the most common devices and operating services or simply focus their efforts where they are most commonly needed. Additionally, Honeydews gathers information on pre-approved sites in order to give you personalized recommendations and find item availabilities on the site. In question, this effect. Evely tracks your shopping habits to better your overall experience. This isn’t inherently bad. If anything, it makes a lot of sense that a service like honey would do this in order to make the user experience as good as it can be and broaden their appeal. With that in mind, it does come at the expense of strict privacy.

In the words of cyber security analyst David Janssen, who took a deep look into Honey. Safety, as a general rule is that the more you share, the more effective the app will be and the less privacy you’ll have.

An interesting back and forth regarding honey happened between Amazon and Honey’s parent company, PayPal. PayPal purchased honey in November of twenty nineteen, and in the following month this warning began popping up on Amazon users browsers. The warning read that Honey’s browser extension posed a security risk and that it collects data on the user. Well, Amazon is right with its statement. It shouldn’t be a surprise that most extensions in similar Honey like services collect data. It’s an important part of its service for tailoring its experience to each user. So should users be concerned about Amazon placing this kind of warning on its page? In short, not really. It shouldn’t be new information to Honey users. Nor is the data collection all that bad, as I mentioned before. Perhaps most importantly, Honey doesn’t sell this information to third party companies, which eliminates one of the biggest concerns with a lot of its users. Another important note to keep in mind for this exchange is that Amazon may be feeling threatened by honey and its PayPal parent. Both Amazon and PayPal are sites for monetary transactions, and PayPal’s purchase of honey could threaten Amazon’s dominance for Web purchasing through a system like Hanis that charges retailers. So maybe Amazon posting the warning is less about their concern about their customers privacy and more about foiling a threatening up and coming competitor. The last May note that I want to make about honey is that the cybersecurity firm risk based security uncovered a vulnerability in Honey’s browser extension. This vulnerability, it was that honey, when activated from the toolbar, had its code injected into the website in use because Honey’s code was now in the website’s code, the website could theoretically control Honey’s code. Risk based security alerted honey to this danger and honey quickly patched it up.

Since then, there hasn’t really been any questionable vulnerability surrounding Honey. Honey itself states that they use measures that include limiting access, using encryption, testing for vulnerabilities, advanced malware detection, employing suit minimization and anonymization techniques and more. From what I can tell, Honey has implemented as much security as they can to ensure their users’ privacy remains safe. Lastly, as I get to my final thoughts, I do want to point out that I read through Hanis user agreement and I have to say I was actually really reassured by it. One of their first sentences is that they do not sell your personal information ever. There doesn’t seem to be any suspicious loopholes or concerns. Honey seems to be aware that in order to be successful, they need to have the loyalty and faith of its users and they’ve lived up to that. With that in mind, I would give you the same warning I would give you about any online service. There is always the possibility of a vulnerability or of a security compromised. Honey seems to be on your side, but that doesn’t stop other ill intentioned people from getting to your information. Honey is doing what it can to stop this, but even the most intense measures can be compromised. So in the context of the Internet, privacy and security, is honey safe? Yeah, it’s almost entirely safe. So feel free to use it for online shopping and to save some money before ending the video, I would like to thank the sponsor for this video. Honey, with honey, you can now. I’m just kidding.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store