Can't sign out

Anarchist · 28 December 2018 17:14

Cool! Where can we see it?

trampintransit · 28 December 2018 17:17

No idea…it was for Japanese television…Japanese directors don’t make small talk with local crew!! Anyway …we watched a guy plug a phone in and operate it remotely despite it having fingerprint and password protection

trampintransit · 28 December 2018 17:21

The guy was a Japanese speaking Turk if I remember correctly…the whole thing was pretty weird…one of the oddest jobs I’ve done…but nonetheless…unless the whole thing was some kind of weird hoax…it was pretty frightening to watch.

anon95680666 · 28 December 2018 17:30

Can you not set your phone to have your linked to your banking app email address on your phone without auto sign in and force yourself to sign in with a memorised password rather than a password stored on your phone that auto fills it when you sign in ?

I know its a bit old school security but … mind you if the hackers are that good they could perhaps search the phones memory , mind you if they were that good they would be going after far bigger fish wouldn’t they ???

tbutz · 28 December 2018 17:31

I wonder if it was an old episode of Spooks.

trampintransit · 28 December 2018 17:35

Well…how about just have a password…like on my 'normal ’ banking app? ? Why try to reinvent the wheel.

anon95680666 · 28 December 2018 17:36

Thats what Im suggesting, a password that doesn’t autofill, for an email address you use solely for Monzo - if you aren’t happy with phone thieves having access to your email because your unlocked / hacked phone autofills the email password when logging on to that email address which would then give access to your logged out Monzo account - disable the “remember my password” function , fill it in manually every time you log on, to log in to Monzo and then there is another step the thieves need to get through

the fault in this plan is you would have to log out of the Monzo app quickly after every transaction to ensure security of the app before the phone was stolen

anon72173902 · 28 December 2018 17:41

rolanddeschain · 28 December 2018 17:45

and here:

NeilM · 28 December 2018 18:56

Security is a mixture of things. Nothing is ever 100% they are all based on the idea that they will mitigate the risk to near zero. For example most of my important passwords are one time pad created. Security should be looked as various small things creating a ring of steel.

Antivirus to prevent RATs etc,
Strong one time pad passwords for entry points- phones etc,
Remote access to my phone for wiping data is my last line of defence.
Having one secure method in fact makes a method insecure.

awjdean · 28 December 2018 19:01

Card stolen

Instant notifications, the ability to freeze your card and pots make Monzo more secure than most other banks in this case.

Unlocked phone stolen

If a phone thief steals your phone and finds out or hacks your phone password, then yes they’d be able to access and view your Monzo account.
However, to send any money the thief would need to know your PIN (or have your fingerprint if you have fingerprint security turned on in your Monzo app). I think the only thing they’d be able to do with access to your Monzo app is move money in and out of your pots unless they have your PIN too.
In this case, your money is no less secure with Monzo than with other banks - all the thief can do is admire your spending, until you wipe the phone.

Unlocked phone and card stolen

If the thief has your unlocked phone and card, I guess they could move money out of pots and then use your card just like they’d use any stolen non-Monzo bank card with a separate code for the banking app (ie: contactless payments below £30).
In this case, your money has the same security as with a non-Monzo bank, but only if the thief knows about Monzo pots (so they can move all your money into your main account to spend).

Unlocked phone and PIN stolen

If the thief have your unlocked phone and knows your PIN, then they could send money using the Monzo app. They could also use your Apple/Google Pay to go on a spending spree, but this is also true for all other banking apps.
In this case, Monzo would be less secure than a banking app with a separate passcode (since the thief could send money using the Monzo app). However, the use of Apple/Google Pay would be the same for banks with a separate banking app passcode.

Unlocked phone, card and PIN stolen

Monzo is just as secure as banks with separate banking app passcodes.

Additional notes

For all the above I’ve assumed that the thief can somehow bypass your fingerprint and the Monzo user, knowing this, has not enabled any fingerprint security:

If the thief can hack past any password or fingerprint sensor, then the additional passcode for the banking app makes no difference.
If the thief can only hack past a phone’s lock screen, then locking the Monzo app with your fingerprint provides the same level of security as a additional passcode.

j06 · 29 December 2018 00:33

I find it amazing that some people want their challenger bank to look exactly like all the other banks.

Monzo is doing something different. They’ll be the first to change things if they realise they’ve inadvertently created an app which lets Japanese speaking Turks in vans steal all the money in the bank.

Until then, if you want to put three letters from your password and your first school into an app, go back to HSBC.

system · 27 June 2019 00:33

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
App security using a pin Feedback & Ideas	10	3988	14 October 2017
Security Issue Help	11	4091	14 August 2019
App, Security and Privacy (Fingerprint, Pin, or Password) Feedback & Ideas	309	33057	14 May 2018
Some Security is Better Than None Monzo Chat	52	4935	18 March 2018
Security - it doesn't 'feel' secure Monzo Chat	239	29674	9 December 2017