Apologies if this has been suggested already - I think it would be a great idea if I could approve Transactions from MasterCard Verification from long press on the push notification when my phone is unlocked.
For example. I am paying my credit card from my phone, I get sent to 3DSecure (or whatever it’s called) - Monzo sends a push to authorise, would be great to approve from this notification instead of switching to Monzo and then back to my browser!
Interesting idea but right now I don’t think that is possible, when you get they’s you normal have to log in to the monzo app then back to browse only offer way is a text.
That’s the point of this thread- suggesting a change to how it is now.
Completely agree, this would be a great enhancement.
To illustrate, here’s an example of Blizzard’s 2FA app’s quick actions.
I know that just saying that all right now
That also works on Apple Watch you can approve it from they witch is very handy.
Interestingly it was the 2FA for my works VPN that gave me the idea
There’s no way to check you’re ‘you’ from the notification as far as I know. Thus you need to be in the app for entry of your PIN or faceID or whatever it is you’re setup to require.
True, and that’s the sticking point can see with this approach.
That said, there’s no more verification on an SMS either- having the device is enough.
On iOS you can trigger a faceid check from a notification action as an app. My Outlook and MS authenticator do it. It doesnt need to open the app to do it.
I wonder if this is something that’s waiting on 3D Secure 2.0?
This is one of my main annoyances with this process at the moment… too much jumping around.
I’m pretty sure a similar thing is possible on Android. Lastpass do it. As soon as you select to Autofill with LastPass the fingerprint prompt comes up then takes you back to where you were before once you’ve authenticated. I don’t see why Monzo couldn’t do something similar/better? It’s the being dumped back on the transaction feed after approval that makes the current implementation suck.
That’s fine if you have TouchID or FaceID enabled for this (assuming it works) but for those using PIN authentication it’s still a non-starter. At the moment, I don’t see them offering different implementations depending on the customer’s security method selection.
If I get time, I’ll try and dig up the thread where we went through all this last time around.
We’re always going to require you to enter your PIN or fingerprint to approve a transaction. Under Strong Customer Authentication, all payments not otherwise exempted need two factor authentication; when you go through our in-app 3DS flow, that’s satisfied by possession of device plus either knowledge (PIN) or inherence (Biometrics)
SMS isn’t considered two factors, only one (possession). Our 3DSv2 implementation (which is rolling out, but largely unsupported by merchants right now) doesn’t support SMS, and we’ll be withdrawing support for it from our 3DSv1 implementation during the SCA transition. The biggest reason for supporting SMS (the number of mobile applications which don’t support switching away to the Monzo app to approve the payment and back without losing the state of your payment) is fixed in 3DSv2.
It’s possible that our in-app approvals could be done in a smoother way than at present, but that’s a matter for the app engineers to prioritise against other matters.
Thank you for taking the time to write such a full but succinct answer.
This was something I discussed with someone from Monzo on the forum some time ago (although I cannot find the thread right now) who said it would be possible if a custom notificaiton handler was created (meaning that the notification could provide the Approve/Reject options, followed by a FaceID/TouchID/PIN to validate, but not result in unlocking the phone or having to go into the app and the multiple taps which result from that.
At the time it was considered a low priority, but simplifying the user journey should (in my view) alsays be under consideration, so I wonder where this is on the Monzo UX roadmap if at all?
Are you able to advise/update us?
My credit card company (used in my example) takes me from their app to their website to pay, let’s me go to Monzo and approve, then back to website for transaction to go through. The issue I have with having to go into the app is that when I do return to the website the 3DS 9 times out of 10 fails to “go back” and show me the payment successful page.
I get that SMS is less secure but in this day and age surely there has to be an equally secure, more fluid UX for this.
I think 3ds version 2 is intended to make this easier