Business web login flow

Hi there,

I’ve just tried to login to the new web based banking site, however, the login flow seems unusually complex.

I went through the following steps:

  1. Enter an email address
  2. Wait for an email to arrive
  3. Click on the login link
  4. The link doesn’t work—realise I was in the wrong Chrome profile, because I have separate profiles for work and personal stuff, and Monzo business currently forces me to use my personal email address
  5. Copy the link
  6. Switch to the right Chrome profile
  7. Paste and hit enter
  8. Open up Monzo on my phone and use Facetime to login
  9. Tap on a authorise login button
  10. Tap on another review login button
  11. Enter the pin number for my business card

I understand not everyone is going to have separate Chrome profiles, but even without that confusion, the login process seems like it could do with a lot of simplification.

A few questions:

  • Are there plans to allow a simple username and password to login?
  • Are there plans to separate personal and business accounts?

PS The instructions about leaving feedback on this Trello card seem to be out of date.

2 Likes

Seems alright to me (minus your personal issues). Just a username and password is really not substantial enough. The biometric prompt on your phone is just 2FA. You could have a memorable word - but who likes those.

I guess they could probably reduce the security for known devices/locations? I assume the last review step with the PIN prompt might be just for new device logins?

I do agree that a magic link while awesome on a phone can be a bit problematic on a desktop though.

2 Likes

I agree that a username and password alone aren’t enough, and 2FA is absolutely required.

I guess I’d question whether that needs to be built into the Monzo app itself.

There’s a fairly standard approach that most companies tend to use, which is a username, password, and then 2FA provided by something like Google Authenticator (or a password manager like 1Password).

With the pin prompt, I was asked more than once on the same device. I stepped away for 5 mins so was partially logged out, and was asked for the pin number again when I returned.

My hope is that Monzo have just piggy backed things off the existing personal login system, and made some tradeoffs in usability to get the business web version rolled out sooner.

And that they’re going to split out business & personal logins in the future, and will overhaul / improve / simplify the login flow as part of that work.

Or QR login through in-app scan, AliPay-style… That should be so-much easier for everyone. I cannot believe there isn’t big adoption of this tech outside of China, it is so convenient…

Totally agree - I don’t understand why you need both a magic link AND an app verification. Surely one or the other - scanning a QR code on the web with the app is the solution a few other systems use (ie WhatsApp, Tide bank). Ideally letting us use a proper 2FA system so we can generate the code in Google Authenticator/Authy/1Password or whatever people use. The current login puts me off using the web interface at all.

How do payments work with Monzo business web?

With Rev business you have a username and password to log in, then a code is emailed. To pay they text you a code you need to enter

When making a payment, you’re bounced back to the app to approve the payment before it goes through. I don’t really understand why the web app even exists - it just adds more friction.

2 Likes

I agree, the web login process really lets Monzo down. It takes several times as long as my traditional bank to login. If my email server is busy, I sometimes have to wait several minutes to receive the ‘magic link’. I know it doesn’t seem like much, but for a bank which massively improves my banking experience in every other way, the web access is a bit of a letdown.

1 Like