Is it selfie video + another verification option or does the selfie video override both?
+1 for security key support (for eg YubiKey) instead of/as well as printed security codes
4 Likes
I came here to say the same thing @jonj1, so thanks for highlighting already
I use this app in Google Play Store occasionally when I need to change my location:
I don’t know how it works, but I hope you will be able to do a better job than the other apps I am spoofing in knowing it is not the real location
2 Likes
This sounds like a great set of features. Well done!
1 Like
On Android apps can request the QUERY_ALL_PACKAGES permission which you could use to check if certain apps are installed, I guess if it checked on every app launch and then noticed it right before a transfer was attempted that could be a way to flag tampering
2 Likes
Genuinely really interesting measures which actually do tempt me into using Monzo more as a main bank.
I do hope security key support comes soon though.
And I am very happy Monzo thought about abuse potential.
I don’t particularly have concerns about mock location as isMock() exists and will let the Monzo app tell if the location is faked. Though I am tempted to test it out now.
1 Like
Firstly, great features!
Secondly, on the theme of preventing fraudsters, any thoughts about adding the “We aren’t on the phone to you right now” feature to the screens where you transfer money to someone and when you authorise a transaction?
As per this thread, feel like it would be a much more useful place to have it compared to its current location deep in the settings menus.
4 Likes
Question:
Does it show on maps your ‘known locations’ - edge case for certain here but would there be a way of exposing this by accident to the attacker, who then takes the phone to that place//makes the person go there to continue with the payment.
I appreciate it’s a super unlikely edge case
3 Likes
Thanks! We’ll announce the launch of the feature to our customers through the usual email and in-app communications channels once it’s ready 
3 Likes
Selfie video is the “escape hatch” if you can’t use the controls you’ve set up.
2 Likes
Secondly, on the theme of preventing fraudsters, any thoughts about adding the “We aren’t on the phone to you right now” feature to the screens where you transfer money to someone and when you authorise a transaction?
Keep watching this space 
12 Likes
We’re not planning to show the known location on a map once it’s set up, for this exact reason 
13 Likes
Great features.
I’d maybe consider other ways of delivering the QR codes, maybe the share tab so people can share it with a trusted contact or straight to Google drive, somewhere less searchable than emails, I doubt most people would delete the email after printing.
4 Likes
Also on that, my home address is easily visible in the profile section of the Monzo app. An attacker having access to it can easily see it and go there. Perhaps you should consider hiding that information to mitigate that.
5 Likes
Probably in your contact too though. I think the qr code kept inside your house is a little more inconvenient but safer.
Locations cover too broad an area. Perhaps if you were connected to your home WiFi as well as geo-fenced but I’m not sure apps are allowed to detect that on iOS.
But then I guess someone could set up a hotspot with the same ssid outside your house
It’s good to see enhanced security features being rolled out. Savings balances through Monzo are instant access, so I was concerned given the prevalence of phone theft in London that there would be a risk if someone was able to see my pin and then steal my phone.
2 Likes
Thanks and good to hear
I’m specifically referring to this screenshot which Is where I thought you might’ve?
I’m not sure how many of those muggers would pay due care to the victims home address, and actually turn up there, to connect to their WiFi, and try and make a transfer.
Not saying it’s zero chance going to ever happen (the levels people go to for money is bizarre), but if I was to entertain such security measures I’d probably go safe location and QR.
1 Like
I know you have to set up multiple security methods for this feature, but do you only need to pass 1 to make a transfer? If you set up 3 then having to optionally pass 2 would be increased security.
But as most have said, what’s being implemented is much better than what’s available right now.
The dot here represents your current location, be that within one of your known locations or not. We won’t be displaying your actual known locations on this screen.
10 Likes