App, Security and Privacy (Fingerprint, Pin, or Password)

To answer this question, if you check, you’ll see that it’s not possible for anyone to remove funds from your account without completing additional authentication within the app.

1 Like

So they say… Let’s see when it does happen to someone eh :joy:

1 Like

Why don’t you try it & correct me / them if we’re wrong :slight_smile:

I’m not a hacker sorry

Ps I never said I did in the first place! I said what if!

So you don’t actually know if it’s possible to transfer money out of the account without additional authentication, let alone how :ok_hand:

1 Like

Principal 7 of the Data Protection Act 1998 (DPA) requires that appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

The Act is not prescriptive on the measures that organisations should take in order to keep personal data secure.

Therefore it is Monzo Bank’s responsibility to ensure that they have adequate measures in place to keep personal information secure, and I would say that this is regardless of that data being stored and accessed centrally at point of their or a third party server or being accessed remotely from such server via an app they provide.

2 Likes

despite having one year or two to introduce this?

1 Like

Again, what does that tell you about how important it is, bearing in mind the interim solutions that’re available?

And when was the last time a user reported having had an issue as a result of not having this protection, as opposed to imagining that it might be an issue?

1 Like

That is because they are relying on users having 3rd party apps or OS firmware protecting the app from access despite (a) the obligation for technical and organisational measures being with them and not being assignable to another party, (b) the geolocation unlocks in the Android OS highlighted by the earlier post.

The rules against unauthorised or unlawful processing of personal data includes the viewing copying and use of data held with the app and not just the carrying out of transactions.

Hence 2 insurance firms I have worked for securing their new apps with login security in order to comply with their legal teams interpretation of the regulations and the legal opinions they obtained.

1 Like

Why do people conveniently forget that for any. In-app action you take to move your money, pay someone, set up So you DO have enter PIN

3 Likes

And while those firms are working on the solution (like Monzo), do you continuously post on their forum about them not having the feature in place?

This discussion is a complete waste of time because the feature is going to be delivered, regardless of how much it keeps being discussed here.

And in the meantime, guest accounts do protect the privacy of user’s data.

So what are you trying to achieve?

4 Likes

Well Alex already said Android actually has very neat feature of Guest account, use it.

Your email app does not ask for password everytime you access I think emails have more personal information than bank statement

5 Likes

unfortunately they do not have such forums

And as for continuously posting I don’t think I do (though we know a former data protection officer who does)

1 Like

It sounds like we can agree to leave this here then :slight_smile:

7 Likes

If your phone (which presumably has a passcode) and PayPal (which has a password) were successfully hacked, I’m not sure how another passcode on Monzo would have helped you. There are valid reasons that some people want a passcode on the app, but security breaches in other services don’t mean that there is a problem with Monzo’s security model.

7 Likes

I got a pin reminder with nothing more than date of birth. Easily grabbed from various places. Otherwise, entering the pin when moving money seems sensible.

1 Like

Admin, Admin passwords all the way yo!! :rofl: Please

1 Like

Sort of stunned that the iOS app will have FaceID support for the iPhone X, but on Android we still don’t even have fingerprint login. I’ve got Nationwide, Natwest and Paypal on my phone and all of them use fingerprint authentication. Quite disappointing that Android Monzo still doesn’t have it, and just reinforces the feeling that Android users are treated rather like second class citizens :frowning:

For those in the thread who are saying the app just doesn’t need it, why do the developers bother implementing it for iOS then?

1 Like

If Android users are second class citizens, why don’t we have Apple Pay and tap to activate on iOS yet?

There have been different development timelines for the two platforms for historical reasons, but they will be harmonised over the next few months as current accounts ramp up.

7 Likes

Fair enough. Let’s hope that things continue to improve.

2 Likes