Coming soon: a trio of industry-first security tools to help stop fraudsters in their tracks 🔜

Hello everyone :wave:

We’re Chris, Giselle and Priyesh from the Product Security team.

As a team, we’re focused on building security and privacy features to give customers peace of mind and make Monzo the safest place for you to manage your money.

We wanted to tell you about some new controls we’ve been working on that we’ll be launching soon.

The security feature will let you add an extra layer of protection on payments and pot withdrawals over a daily allowance – to help stop fraudsters in their tracks, even if they get hold of your phone.

Nothing like this exists in the industry yet and we think it solves a really pressing problem, so we’re excited to share it with you!

We’re currently testing it with staff and getting ready to roll it out to customers in the coming weeks. You might spot this piece in the press so we wanted to jump on here and share more about our work.

Why we built it

If you manage your financial life on your phone, it can feel like you’re carrying all your money around with you in your pocket and taking it everywhere you go.

And it doesn’t help that phone theft has been rising, with one stolen every 6 minutes in London last year.

We challenged ourselves to tackle this problem, and see if we could give customers more protection when moving larger amounts of money.

How it works

If you choose to add extra security, we’ll ask you to set up daily allowances for sending bank transfers and withdrawing money from an Instant Access Savings Pot.

If you want to move money over these allowances, we’ll do an extra security check (on top of the usual biometric or PIN authentication and fraud checks we already use).

Three new security controls

To pass the extra security check, we’re introducing a trio of new controls. Choose at least two of these three security controls for an extra layer of protection on payments over your daily allowance.

Each one has different benefits, so you can pick the ones that suit you best.

Known locations – leave your savings at home

Choose a known location only you can send large sums from – it could be your home, or where you work.

They’re places where you’re comfortable moving large amounts of money that fraudsters are unlikely to have access to!

Trusted contacts – choose a trusted friend or family member to double check payments

Ask a close friend or family member with Monzo to double check any bank transfers and savings withdrawals over your daily allowance.

You’ll consent to them seeing some details about the action you’re taking. Then we’ll ask them to confirm it’s really you and check that it looks safe - for example by calling or video calling you. As someone who knows you, they’ll be able to provide a safety check and flag if anything looks suspicious, for example if they know your phone has been stolen or that you’re not planning any large purchases.

If you choose to ask a trusted contact to review a bank transfer or savings withdrawals, we temporarily put the payment on hold until they complete their review. Once they’ve done that, we’ll ask you to confirm the payment with biometrics or PIN as usual, as only you can actually approve a payment.

Secret QR codes – scan to confirm it’s you

We’ll email you a secret QR code to print out and keep somewhere safe, or store digitally on another device you don’t carry around. So when you want to move money over your daily allowance, you scan the QR code to confirm it’s you.

Each secret QR code includes a high-security password that only works with your account. And it only works when you scan it in the Monzo app during an extra security check. It doesn’t include any personal information or allow access to your account by itself.

Choose at least two controls

When we ask you to do an extra security check on a larger payment, you can pick from any of your chosen controls. You need to have at least two of the three set up so you have a backup.

If for some reason you can’t use any of your chosen controls, you can still proceed with your payment by confirming your identity with a short selfie video. So you’ll always be able to access your money.

And if you want to change your controls or allowances, you’ll have to pass an extra security check. So if a fraudster does access your phone without your consent, they can’t switch off your added security or add any new controls.

Designing a delightful, high-friction security experience

Our aim with these new controls is to create an experience that’s both secure and simple – so we wanted to delve deeper into how we approached the design and product development process.

We had to think carefully about how to add a new layer of (optional) friction over our existing security measures, to help stop fraudsters and reassure customers. While still making sure people can make payments and move money in a way that’s easy to use and convenient.

Across our work in Product Security, we take the same user-centred approach we do in other product teams. For us, this means prioritising our users’ needs for security, speed and simplicity – and considering their unique requirements in a range of different contexts.

We have to give people options that adapt to their situation. Security needs can vary greatly depending on where a person is, what device they’re using, and their immediate environment.

For instance, you might feel comfortable making a large transaction from the safety of your home. But when you’re out on the go or in an unfamiliar place, you might need different security measures.

If we don’t want to slow people down when they need to access or move their money around, we have to adapt to their needs depending on their unique situations.

Security checks should be simple and quick. We prioritised a minimal visual design and a lightweight flow during security challenges to avoid overwhelming users with multiple steps or excessive work on their part.

We’ve optimised the process for a quick, forward-moving experience that lets people focus on their tasks without being bogged down by cumbersome security procedures.

However, this does mean we had to make the onboarding process a bit longer with a few more steps, so we can gather the preferences and information we need to provide the most simple and seamless of experiences afterwards!

It’s coming soon!

Added security is coming soon, and we’ll be actively working on improvements to this and our other security features once we’ve launched.

We’d love to hear any feedback or questions that you have, or thoughts on what you’d like to see next in this space!

74 Likes

Fantastic features, great work Monzo :muscle:

16 Likes

Great work, especially the QR code to auth payments.

Does the trusted partner need to be a customer of monzo to approve the payment? Or can it be anyone, even those with another bank?

2 Likes

I also like the QR code option :+1:

3 Likes

The review flow for trusted contacts is within the Monzo app, so your chosen contacts will need to be customers with the app installed :+1:

8 Likes

Thanks, I know it did mention that but wasn’t sure.

Could be the least favourite option, as parents/carers or whoever, may prefer their high street alternative.

Is their scope to make this flow accessible outside the app akin to monzo.me?

Obviously comes with risks sending sms links etc, but makes it more practical. Such as a new link created on every request?

2 Likes

:fire::fire: Really good to see this being announced, have seen this coming in some of the teardowns and I was excited to see it!

This is the stuff that we really need Monzo to be doing, and will be welcomed by many!

Can’t wait to get hands on, and set it up a bit - especially as I trust Monzo more & more with holding most of my money!

The flow looks really intuitive and neat too team!

6 Likes

An option to import an image would be good so you can store it somewhere digitally but still scan it without a second device.

A great move by Monzo, although I’m not sure I will use it myself just yet, but I may give it a go…

In the meantime I have a couple of quick queries…

I understand the extra security measures are optional, which is great… but is it possible to turn off once it has been enabled?

The heading states locations , plural, but the text refers to a singular location and the graphic says “You’re in one of your know locations” … does this mean we can have more than one known location or not?

Another thought, is it easy to add new locations, under pressure, and how quick people learn about security protocols, could they force someone to instantly set up a new location such as the mugging location?

What if you’re at a car dealership and you need to make a large payment for a vehicle, is that blocked in the same ways, or would the limit increase overflow prevail, or can you set a location while going through the flow to say I’ll be making x at y?

I understand the extra security measures are optional, which is great… but is it possible to turn off once it has been enabled?

Yes, you’ll be able to switch it on and off at will - but once it’s set up, you’ll need to pass the checks to switch them off again (so if your phone is stolen, it’s harder to circumvent)

The heading states locations , plural, but the text refers to a singular location and the graphic says “You’re in one of your know locations” … does this mean we can have more than one known location or not?

You’ll be able to add up to 3 Known locations at launch :+1:

10 Likes

Another thought, is it easy to add new locations, under pressure, and how quick people learn about security protocols, could they force someone to instantly set up a new location such as the mugging location?

Adding a new location (or other of these controls) requires you to pass an extra security check, so there’s some healthy friction in this scenario.

What if you’re at a car dealership and you need to make a large payment for a vehicle, is that blocked in the same ways, or would the limit increase overflow prevail, or can you set a location while going through the flow to say I’ll be making x at y?

We always require you to have at least two different types of control set up, so in this case we’d recommend using your Secret QR code or a Trusted contact (and letting them know beforehand) :+1:

3 Likes

Is there a hard limit still set by Monzo - ie, the existing limits, and I can just set a limit up to that point? Or would this be a way for me to authorise an even higher transaction (ie, 20k for a car), without having to contact Monzo?

2 Likes

And then I was told that I’m crazy when I was asking about taking precautions when in London!

This looks great though, good job team!

5 Likes

One of the big reasons I bought an apple watch is so that I don’t have to take my phone out of my pocket while walking around London. One guy I work with has nearly had his phone snatched 3 times in the past 12 months (he really needs to learn) but this is super common, a girl had it taken from a table while drinking a coffee (classic holding the map over the table trick) another guy walking home earlier this year just got straight mugged for his phone, while it was unlocked. They tried to transfer everything and tried to take out loans using all the information from his email.

This security feature is such a good idea and one I’ll be enabling for sure!

2 Likes

One word: awesome.

Not totally convinced by the QR code. Looks like security theatre to me, causing more problems than it solves. A modern approach to the sort of multifactor back door that’s long been ditched by the tech industry. I’d need to look into it more.

Everything else though, excellent stuff. These are the kind of things I love Monzo for.

Edit: some feature suggestions

A good fourth option would be support for physical security keys. These are what have superseded traditional recovery keys in most contexts (which is what the QR code sounds like to me from your description).

Any chance of applying these tools to setting up Monzo on a new device? Passing these checks would, I think, be a much better UX than the current process.

5 Likes

For now, the existing account limits will still apply and be managed separately.

2 Likes

Wow :star_struck: this is brilliant news!

5 Likes

A good fourth option would be support for physical security keys. These are what have superseded traditional recovery keys in most contexts (which is what the QR code sounds like to me from your description).

Yes, physical security keys are another factor we’ve spent some time thinking about - we’ll potentially explore supporting these in a future iteration!

For our initial release, we wanted to focus on shipping controls that 99% of our users would be able to understand and use on day one.

15 Likes

Don’t use it then? You only need to have two out of three options setup.

For me, QR will be a good (the best) one to have. My husband can store it as a photo on his phone, I am often in new locations, but rarely without him.

5 Likes