I have no sympathy for anyone that has a smartphone with sensitive info such as banking apps etc on it and does not have any form of pin and then that info gets ‘compromised’ or they are relieved of funds especially when phones even ask you to set a pin on setup.
Personally I am against extra security layers they are like extra taps to reach to the information I want to see. If phone is protected by PIN or biometrics then there is no need for App to be secured again with an extra password/pass code.
Android Pay is something a lot of people tell me is not secure enough because you can just hold your phone to the payment terminal and done no need to touch finger print sensor or enter pin it works just like contact less card. But to set your Android Pay your phone must have PIN or biometrics protection enabled and Android Pay can check that automatically. Maybe Monzo can do something like that but not another pass code please
The specific issue the OP mentioned (of verification information being persistent in the in app chat) has been discussed elsewhere but the upshot was when Monzo replaces intercom with in house software they’ll look to have special “verification” chat items that can be triggered by COPs, and which aren’t persistent.
With regards to phone/app security: at the moment, to do any “action” in app you need your PIN. I understand people might want more security but not less, ie pin to open app - I don’t, that would ruin the smooth experience for me. Maybe it should be optional?
I do not understand those with no/pattern based authentication moaning about app security - secure your phone first!