After having a good laugh about an email address (the pattern of the email address was along the lines of ourCityName_verb@whatever.com) with a local friend about how we thought we knew all of our local peers. When my local friend told me that he had matched the name to the email address, I assumed he had reached out and socially engineered the persons name. Instead, due to the nature of a project we were working on, my local friend ended up sending the email address money to cover expenses for the project, which simultaneously allowed for him to determine the individuals name associated with that email address. A quick search of the internet does not produce much as far as this method of resolving an email address using Paypal, rather searching for anything related to the term, “Paypal email” and the query buries any relevant results with Paypal’s own documentation about avoiding scam emails.
You must have a (personal or business) Paypal account
Target email address has to have a personal Paypal account associated with it
As it would seem, this only works on if the target email address has a Paypal account that is of the personal variety. This is due to the way transactions are displayed within Paypal, if someone has a business account then the name associated with the account is whatever the user entered as the business name when setting up the account.
We begin by sending the target email address a payment of $.01. With a Paypal business account, without even confirming the amount being sent we can observe the first name of the target email address. With a business account the users first and last name are presented immediately after transferring the funds through the confirmation screen shown below. With a personal account, the user must return to the homepage and wait for the transaction logs to update, once updated the target email address’ name will be present if the account is a personal account. If it is a business account, then the business name will be shown.
In the case that the email address fails to correlate to an existing user, instead of a name or business name, the email address will be shown with a message along the lines of “The recipient of this payment is Unregistered”. I did experience a false-positive of this message on my own email address that was not confirmed yet. In the case of my own false-positive where my email address was not confirmed by Paypal, I was still able to view the full name on the confirmation page.
Not sure what good this could be used for, perhaps social networking. Ideally this method is only good for resolving a low volume of email addresses. In the future it would be fun to automate such services using the Paypal API. As for a better way to display such information without revealing personal details, it would be to only show certain transaction details that are relevant to the transaction or place a monetary cut off for when a name should be shown (i.e. if at least $10, then show name) to discourage this sort of behavior. Since you have to send via an email or phone number, those should be the only personal details that should be shown in the transaction log.