The low level of awareness and understanding of Shopee online shopping application users regarding the security of user data causes the level of digital crime to increase, as evidenced by the many crime cases that occur, namely the misuse of users' personal data by utilizing OTP codes as a verification process. This can be a loophole for digital crimes that are certainly very detrimental to users. Perform personal data security analysis on Shopee PayLater using the Hybrid method. The method used is the hybrid method, which is a method of combining basic digital forensic techniques with re-engineering techniques. This method can be used to analyze applications that involve user personal data, tools used such as MobSF, Virustotal to view application activity, and apk-deguard for apk reengineering. Personal data security research on Shopee PayLater was carried out using the help of Virustotal and MobSF tools found vulnerabilities caused by users. The results of the personal data security analysis carried out on the Android-based Shopee application show that there are several vulnerabilities in the user's personal data vulnerability, namely in the application licensing section.