Banking and security

Curious to know how you’re doing this?

I’m imaging myself stood on pavement with no watch, no phone, no wallet… probably wondering how i’m gonna get home, or how i might call the police. With nothing on you, how are you locking your phone within 30 seconds?


Always go out with five phones, each with a unique complex 30 character passcode.


I’m not speaking just for banks here. Especially not the old fashioned ones, where it’s just happens the theatrics that make it hard for users have the caveat of also making it hard for thieves. Which is the difference. It’s just harder, not necessarily more secure, and certainly isn’t the threat they were designing for. It’s archaic 1990’s pc thinking ported to the phones. More generally referencing fintechs and tech companies in general who typically do the security thing much better than banks do.

My infamous boot where I’m known to keep my physical bank cards as opposed to my pocket when I travel with them. I’m not saying that’s where I keep my backup though.

They don’t make them like this anymore (which is a shame if you ask me), but I also have one of these concealed on me when I travel. It’s about the size of a credit card, but as thick as a wallet. Battery last yonks, and I’m always a phone call away from a person I can trust to sure up my account if I need to. I’ve tested it (in theory without stress or adrenaline) and it takes around 30 seconds for them to access my account once answering the phone.


With reference to the thief changing important details on your iphone to lock you out, remote wipe etc, isn’t the answer to that simply adding parental lock to settings with a different pin?

Some of them use the internet banking password as the fallback if biometrics isn’t working. If you forget this I guess you need to go through full recovery of internet banking.

But some use user-defined app-specific passcode which is unconnected to internet banking credentials. I guess if you forget this you just reinstall the app and go through whatever authentication was needed when first setting up the app.

Its not even compulsory to turn on app-lock in Monzo. So use of an app passcode (instead of falling back to device passcode when biometrics fail) wouldn’t even impact those who don’t use app lock.

I love that you go to this level and that you actually tested it as a process.


But it might annoy those of us that do!

Monzo took four years or so to even relent to adding the option of locking the app at all. I wouldn’t hold your breath on them adding an entirely new code, it’s not their style.

I like the way it is, but fair enough if you want more privacy protection here. Personally I’m not so worried, if the absolute worst happened and someone had my phone passcode and my phone, they’d have access to some ahem far more private things than my bank balance already

Why? If you wanted to you could always set the app passcode to the same as the device passcode.

Only if it accepted passwords instead of a code. And then I’d have to remember to change one when it changed the other. It’s faff.

Also faff for customer care when people lock themselves out.


1 Like

All Android users urged to check their phones today as ‘dangerous’ new bug spreads across the world (

Wonder if Monzo is susceptible to this?


No. Monzo doesn’t send those codes.

1 Like

There is always going to be some balance between security and usability.

For me banks need to move away from relying on phone numbers for verification. Sim swap can happen by mistake, as happened to a friend, when someone at their mobile company mistyped the last digit of phone number being setup.

1 Like