Couple of small ideas after checking out the competition


(UnknownPANIC) #1

Hi,

I’m new here so please be gentle!

I’ve been using both Monzo and Starling for at least 6 months now and i love them both.

I really like Monzo’s approach to everything, the layout, features, colours, ease of use, community and HONESTY. Having a bank lay out all the cards on the table (both good and bad) is very refreshing for any company now days let alone a bank. I’ve also had to contact the support team about a transaction that was charged twice by the cashier by mistake, very solid, quick and friendly service super impressed. :heart_eyes:

I’ve noticed a couple of features on Starling which is making a few things much easier. Thought Monzo could hopefully and simply implement into their app.

When looking on the ‘Account tab’ of Monzo you can only see the last 4 digits of the card and expiry date.
Starlings has the full card number, expiry date and the CVV number.
I get that there may be certain security reasons for this but if one bank app can surely Monzo can?
This may be a small thing but i was at the office and had to order something in last min. I didn’t have my wallet on me and ordering anything online with just my phone was so easy by checking all the card info using the Starling app. Monzo was obviously my go to bank app but this was one of the few instances where Starling seemed to have a one up on Monzo.

The only other time was payments.
Monzo allows you to send requests from the app, use contacts from your phone to find Monzo users and pay directly. Super useful for me, however it only allows names and saves as generic coloured initials tiles. This starts to get very confusing as the initials aren’t always how you know them ‘Savings account’ would be SA but so would my friend ‘Steve Adams’ i can’t even pick the colour of the tiles to tell them apart in app quickly. Also my spell check decided to change’ Adams’ to ‘Apples’ just before i saved. I can’t edit this! I had to write the details down using pen and paper and re-add all over again. Pen and Paper! Can you imagine?
Starling app not only allows me to edit any names/account details should i need it, but i can add pictures to each contact/payee making looking through my account balance so much easier when i need to find.

I would love these small changes to be added to Monzo. :pray: As well as apple pay and statements (Which i’m sure are already around the corner) :grinning:

Anyone at Monzo able to provide any update on if the above features (or anything similar) is coming?


(Tony Hoyle) #2

Monzo have previously said that the app doesn’t have this information and it’s not ever transmitted… which is what I’d expect. By transmitting this information over the internet the monent they get any kind of breach then all those details get stolen. I’m actually surprised PCI allows it.


(Andre Borie) #3

I am not sure PCI would apply to card issuers. “boon. by Wirecard” (virtual prepaid card) also displays the full card details & CVV.


(Jamie Johnson) #4

I don’t think all of your bank details should be just there all on display at once. But I do think they should be all there and hidden and if you click on one, we then pass another security step to display them.

I agree on the payments point but to go a bit further, your payees in starling are not just a set of bank account details, they are a person… With a lot of people having multiple accounts, it makes sense to have one payee but be able to link their various bank accouts’ details. And then another payee for a different person and so on.

I have various accounts and find myself having to remember the account details for the account I want to transfer to even though the details are remembered because it only stores my account name, which incidentally happens to be identical on all of my accounts - it doesn’t even allow me to add a nickname to my payees - something even my legacy bank allowed me to do!


#5

I am happy to have that in the Starling app where my data is protected by a PIN on the app. I would not want that data displayed in the Monzo (Android) app where it is not (currently) protected by any PIN (or password).


(Andre Borie) #6

What about the attacker using your (unlocked) phone to install malware that will capture the Starling PIN the next time you open that app? :wink:


(Jolin) #7

Agreed that this needs to be improved, but until then, here’s a useful trick for this (basically, the account name can be anything you want). Click the :arrow_down_small: to see the post properly formatted:


#8

Better not to edit this directly. The point of saved lists from transactions is they are trusted - you have sent them money before.

If we could edit an account we send money to the same way we change a phone number, can you imagine the potential for malware? You’d never find out money had gone elsewhere until the recipient thinks enough time has passed not to be rude to ask if you had sent it.


(Calum James) #9

This is a big one for me. When Monzo support Apple Pay, I will hardly—if ever—need to use my physical card or even carry it around with me, so it would be awful to have to keep track of where it is or to have to carry it around with me just in case I need to buy something online and input card details. Safari tends to save my details, but still, if I’m logging in to Monzo with my face (Face ID), surely that’s enough security clearance for the app to show me my full card number?


(Calum James) #10

Ah, fair point. But if the data is encrypted when being transferred, that’s not as much of a problem.

Perhaps the app could just know the long card number but not the security number?

I guess for now I’ll just have to make sure the card is saved in Safari.


(Allie) #11

It’s protected by your phone’s lock screen. The same thing protecting Android Pay… and your email… and your Facebook.

If you don’t trust your phone’s lock screen and encryption, you have so many worries… so set them up so that you can trust them.


#12

It is the principle of an app being secure (the company making an effort to protect their user’s data from prying eyes) without reliance on their operating system or third party software. I use both, but the app should not necessitate me having to.


(Allie) #13

Why shouldn’t it? That’s the same logic a certain blue bank uses for their horrid contactless payment app (with it requiring in app PIN for CDCVM instead of trusting device fingerprint, among many other things - and even then only allowing £100).

The OS should be secure and trusted and everything else should come from that trust relationship. Apps adding their own ‘security’ usually adds nothing but frustration and a usability nightmare.

Monzo has a great experience because it isn’t like those legacy bank apps that don’t trust the phone. Lloyds I can barely log into - I can almost never type my password right on their keyboard.

I get it, they are trying to protect users from compromised keyboards. Again, tho, if you don’t trust the device why are you using it to bank? Lloyds doesn’t do the same with laptops and desktops. They don’t make me use an on-screen keyboard. My keyboard could be getting logged just as easily on my computer… Easier, I dare say if I used Windows.

I’ll leave it here tho… Since we are venturing to territory covered many times. Simply put, we disagree. And I’d hate losing the great UX we have now.

I’d be perfectly happy seeing my card details in app and I’d love this feature! I trust my phone.


(Jason) #14

Would creating a one time disposable card number with expiry and CSV through the app for such occasions be feasible? So generate a card like the virtual card through the app with a random expiry that expires within 2-24hours.
I don’t have much understanding of the back end so can’t judge the amount of work needed, just throwing an idea in the ring


(Matt) #15

As does Revolut.*

* although they’re not a ‘proper’ bank etc etc :slight_smile:


(Alex Lord) #16

I do believe so. Great for those times you have a convenience or trust issue.

Hopefully monzo pick up on this.

With regards to security issues, creating a visible version of your card would surely be as secure as possible (or anything else at least) as long as you passed a further security check to reveal the info. I agree with comments re Starling, it’s good you have the card there, but I don’t like it’s ‘just there’ if you pass that tab.


(Matt) #17

This is 100% on the money. The OS should be trusted. The main reason I use Apple over Android is because of this.

If i’ve unlocked my phone, then its unlocked. Logging into everything after that is a pain. I’ve already passed Touch / face ID, entering another pin isn’t going to do much more to aid security.

I would recommend setting up a long text password for your phone and not a 4 digit code. And also enable any biometric security measures it has.

And the amount of times i don’t take my card out now we have Apple Pay, but then want to buy something online. Having those card details would be so convienent.