Emma Feedback Thread / Q&A

Monzo could easily do that though

Also when you change banks you change cards etc so you would only change those subs that you remember/want/need so really again you wouldn’t ‘forget them’ as it were and the old ones would just cancel.

Would you mind expanding on this? How does Monzo make a subscription more visible than any other bank?

Instant notifications and the lack of friction when looking at your account. You’re more likely to notice anything suspicious if you get a notification and you can look at your account instantly instead of having to remember 10x different passwords and security questions.

OK. Well, for disorganised people maybe I log into my accounts regularly, and reconcile them with my budget monthly, so I’d notice. But I accept I may not be the norm.

That’s the worst, with their bullshit security theatre things like “enter the 3rd, 5th and 7th character” you have to remember them and set them on purpose to some easy to remember (thus insecure) value. I often use 123456 or similar sequence when confronted with such nonsense, and rely on the user ID (which thankfully is a standard text field) as the “secret”.

I agree, this is rubbish practice - especially since it means of necessity that they have stored the password encrypted, rather than hashed.

But, I don’t have to remember them: I use KeePass which allows for “auto typing”. So, as I log into my online banking I press CTRL+SHIFT+A, and a window popups up, asking me which characters I want. I select 3, 5, 7, and keepass automatically inserts them. Works brilliantly, and it can’t be disabled by those banks who think blocking password managers is a good idea…

Nice, didn’t know Keepass could do that. Thankfully I no longer have to put up with such nonsense. Any company that insists on such crap doesn’t get my money; if they want to get paid they have to play by my rules. Works nicely for me!

Maybe they just hash all possible 3-tuples? Assuming a ten character password that would be 10! / 7! = 720 hashes per customer. I’m unsure how viable that is?

But yeah, I agree the practice is stupid

Well, Santander, for example, do that for the password, which has variable length (mine has 20 characters), so: no, I don’t think they do.

With the usual “6-digit passnumber” (copyright Nationwide) garbage, no amount of hashing will save you given that the total number of combinations is low enough that you can go through them all even by pure brute force.

And taking any n character password and reducing it to a 3 character subset is obviously silly as well

Theoretically it’s designed to foil keyloggers, but if someone can log keys they can also take screenshots and even do actions using your logged-in session (by taking the session cookie out of the browser’s memory) so it’s completely useless.

Hi @Hotlush, we don’t have an official forum yet, but we are active on Facebook, Twitter, Email and the live chat. We listen to every single contribution and we roll out new features on a weekly basis.

In terms of debt, that was an early concept, which we don’t have today, since we can’t access some account types (loans). It is still part of things we want to achieve in the long term.

PS: regarding saving money with Emma -> https://twitter.com/midgee_/status/983435871084040194.
PS2: you’ll be able to set payday in the next 2-3 weeks on Emma. We have just started implementing it. <3

Hi guys,

I just wanted to let you know we are working on Payday, which is coming this month. Merchants in Analytics will follow with the ability to edit logos and helping us in having the right ones.

We are also hiring, so if you use us and are interested. Please apply: https://angel.co/emma-35/jobs.

Why is currency in $ when location is London?

That’s a mistake, which I have just corrected. :

I know this has been raised before (and debated ad infinitum) but I just wanted to add my voice to those that have already mentioned it.
I have never and will never have a Facebook account - previously due to lack of interest and even more so now due to their playing fast and loose with people’s data. Not ragging on others that have Fb accounts but it’s not for me.

So downloading Emma and attempting to set it up I am immediately put off by seeing the words Facebook and accounts in the same login sentence.
That alone is enough to disincentive me from going further. Seems a shame as I would have liked to give it a whirl…

I dislike Facebook and don’t have Facebook but it is not needed for Emma at all

Yes I realise that but I don’t want any of my info shared with Facebook at any level and the mention of Facebook account kit (or whatever it is) immediately makes me wary.