Itâs all well and good suggesting I donât use (which I wonât), but if it is just a Monzo spin on the traditional recovery key method (as Iâm understanding it), that doesnât change the fact itâs largely a flawed factor and creates a false sense of security for those who do use it. Especially if you store it somewhere digitally (probably why Monzo suggest printing it off) like on your husbandâs phone.
It relies way too much on the human, and the human is usually a very weak link. Both for protecting it and remembering where it is.
Iâd prob use the safe location feature and the printed QR. I just hope it doesnât lock me out of my account when transferring larger amounts of money. All in all more security is a good thing. I just wonder if this works in the same way if a scammer has your card details and uses it as a card purchase rather than a transfer
The problem with recovery keys, is theyâre prone to loss. And loss tends to lock you out.
The good thing about how Monzo are utilising them here, is that these features are just a front to bypass the more convoluted selfie video method. So if you do lose it, youâre not going to be locked out. Which is an upside to its use in this context here. You wonât get locked out.
This looks great, look forward to seeing it rolled out. The fact that if all else fails you can still have the backup of a selfie with Monzo is reassuring - as long as it can be done in a reasonable time frame.
I just hope it doesnât lock me out of my account when transferring larger amounts of money.
Youâll only see extra security checks at the point of moving money - and failing them wonât lock you out of your account - theyâre contextual to the payment or savings withdrawal youâre trying to make.
I just wonder if this works in the same way if a scammer has your card details and uses it as a card purchase rather than a transfer
No, card-based transactions arenât covered here, just outbound transfers and savings withdrawals to begin with.
Quick question with the trusted contact method. Are there any safeguards here to protect against potential financial abuse arising from the feature?
Is that something you thought about in designing it?
Yes, great question! Weâve worked closely with specialist teams who deal with these scenarios, and designed the feature carefully around it.
The critical component is that you can never only have a Trusted contact - you always need at least two controls set up and ready to use, and you always have the fallback option of the selfie video. Your trusted contact only knows about an action if you choose that option during an extra security check.
Thereâs no scenario where an abuser or third party gains blocking privileges over your ability to manage (or move) your money.
And I guess with coarse locations, someone outside your house in a vehicle would class as at your home so a printed QR code in the house would be safer than that because at least theyâd have to break in and find it.
Chris - thank you (and the other team members) so much for your detailed explanations of the new features.
Itâs great to see the thought -processes that have gone into this and the challenge that you have set to everyone else in the industry to take note and catch-up.
Thank you also for beinbg on hand to answer the queries that have already come up.
The commitment shown to engaging with the forum is quite unique.
I very much welcome these developments and the peace of mind they will contribute to. Sure, there will be some teething problems, I guess, but this is terrific work.
This looks great. I especially love that you can set trusted locations - itâs why I turned off stolen phone protection in the iPhone as it was a PITA for not recognising a trusted location.
This also looks well thought out and appears to be reasonably well implemented from day one, which is also nice to see.
I, personally, still vie for the days of multi-device (same OS) access but this goes a long way, and I wonder if other banks will follow suit.
Awesome to see these features, just wanted to point out in case it was overlooked that there are apps on the Play Store that will change the GPS location reported on Android, and similar tools for iOS though they require a computer connected to the phone
Yes indeed, I wrote about this a little bit earlier, but itâs hard to find in the thread. Thanks also to @Djcnrurhf for linking to it - thought Iâd repost too for visibility!
I absolutely love the option of getting another person to confirm payments - especially I think for more vulnerable people which is incredible! If this could be expanded to include stuff like 3D secure, and/or alerts on upcoming card payments to flag fraud before a presentment is made, that would also be great to see (although I can see thereâs already a lot of work to get the features mentioned above up and running!)
Thanks for highlighting this - weâve built a number of checks into the feature to protect against tampering, but of course there will always be edge cases with any security control - thatâs why we think a layered approach to security is best!