Product Spotlight: Privacy Preserving Features in MetaMask

As a MetaMask user, you know how much privacy matters. This is why MetaMask is deeply committed to user consent and choice when handling personal information and why we’re constantly evolving MetaMask to be equipped with the functionality and features that allow you the freedom to choose how your data is used, while preserving your privacy and security. Today we’re excited to highlight the comprehensive set of MetaMask features that do precisely this.

MetaMask privacy preserving features let you choose how your data is used

MetaMask has always led the way in providing a configurable web3 wallet experience, starting with providing users a choice to select their preferred RPC providers. We envision a future where MetaMask empowers users to interact across the internet with complete, granular choice over their data and communication methods.

We have continued to push the boundaries and lead the way for digital wallets by enhancing our default experiences and expanding our settings to provide users increasingly granular choice during and after onboarding.

To that effect, we have continued to expand the range of features where we provide granular choice through advanced settings that users can access and configure from the moment they onboard, and at any point thereafter.

When we introduce new features (eg, a new data feed or transaction optimization), we always make those new features subject to user choice and configurable, so that a user can toggle the feature off or on based on whether it satisfies their individual data or privacy preferences.

Examples of these configurable settings and features include:

Basic Functionality: Our default experiences provide users with certain basic features like gas estimations, details about your tokens, and warnings about potentially malicious sites. We think these features are foundational elements for a great wallet experience, but we nonetheless give users the ability to easily opt out of this basic wallet functionality with a single click.

RPC Configuration: MetaMask is a software client on your device that interacts and communicates with blockchain networks such as Ethereum via standard RPC APIs (remote procedure call). We provide default RPC configurations for many networks, for example via Infura RPC endpoints, to make it easy for users to reliably interact with networks. But because, among other things, interacting with networks in this way necessarily requires your device to transmit data to-and-from the RPC endpoints, we also provide granular and configurable settings so that users can change their RPC endpoints at any time, including using entirely customized and personal RPC endpoints. See this article for more details.

Security Alerts: To help users stay safe, MetaMask simulates transactions and alerts users before interacting with potentially malicious dapps and smart contracts. Users may choose to enable or disable this feature at any time.

Phishing Detection: Before connecting to a dapp, MetaMask alerts users if it's identified as potentially malicious, using a publicly curated list of sites. This feature is configurable, allowing users to activate or deactivate it as they see fit.

Auto-detect Tokens: This feature automatically identifies the assets in a user's wallet by utilizing a carefully curated list of data sources, eliminating the hassle of manually adding tokens. At any time, users can choose to enable or disable this functionality.

Network Details Check: To improve user safety, MetaMask performs a security check by comparing the name, symbol, RPC URL, and other network details with those on a publicly maintained list when a network is manually added. If discrepancies are found, users are alerted with a warning. Users can choose to enable or disable this feature at their discretion.

NFT Media Display: To display NFTs, MetaMask must retrieve the image files from third-party services where they are hosted, including decentralized storage solutions. This feature makes it easier for users to view and manage their NFTs but can be disabled – or enabled – at any time with the click of a button.

Proposed Nicknames: To improve the wallet UX, MetaMask makes smart contract addresses more human-readable by suggesting unique names when interacting with them, utilizing third-party sources like Etherscan and Lens. Just like the features mentioned above, this functionality is optional and can be disabled.

Smart Transactions: This feature is designed to improve and optimize the transaction experience by offering higher success rates, better visibility, and enhanced security. It is optional and can be toggled on or off based on user preferences.

MetaMetrics: MetaMetrics is an analytics platform designed to help improve MetaMask's user experience by collecting non-sensitive user events. Users can opt in or out of data sharing for product improvements and will soon have the option to receive a more personalized experience while using MetaMask by enabling Data collection for marketing purposes.

Further settings include Show Incoming Transactions, Decode Smart Contracts, Show balance, Batch Account Balance Requests, IPFS gateway, Automatic Security Checks, and Snaps.

Help MetaMask continue leading the way on user consent and choice to preserve privacy

In addition to continually improving our product experience, we also aim to have one of the most comprehensive – and, we hope, helpful - privacy policies in the industry. In updating our company privacy notice, we have aimed to make it even more clear and informative about what we do, and do not do, with MetaMask user information. Here is a high-level summary of that overview - we:

• Do not collect your private keys.
• Do not sell your Personal Information.
• Do not collect or retain Personal Information unless necessary to provide you the Services and a great user experience.
• do not collect financial payment or banking information.

For IP addresses in particular, we may temporarily process your IP address only where required for some of our Services (depending on your MetaMask settings) to provide the best possible experience for MetaMask users. This includes, for example, the prevention of DDoS attacks.

As we continue building towards a future where MetaMask empowers users with complete, granular choice over how and with whom they share data, you can help us by continuing to identify areas where we can improve. Find something? Submit a feature request or Submit a report through our Bounty Program.

We encourage our users to read the full Privacy Notice in detail.