Sure I mean you get ATM skimmers everywhere, that’s a different conversation I think. The OP was worried about people using their face during a seizure. I was just pointing out your more likely to be mugged at an ATM than someone take advantage of a random person on the spur of the moment. The common response was use pin instead in that case.
Sure, but the point I was trying to make is that while a PIN might be better for that specific situation, it’s worse in other situations.
It’s more likely that someone is able to get access to your PIN than to take advantage of face ID when you’re having a seizure.
Overall I’d say fingerprint is the safest
If we are talking about someone taking advantage of a body on the ground and gaining access to their phone id say fingerprint to try first would be my option over face. If it’s pin then unless they are carrying a piece of paper with it on they aren’t getting in. If they nick the actual phone to try later, freeze the account would be my first action.
Surely the combo of someone seen entering their pin and then having a seizure at that moment and the attacker thinking right I’m going to try unlocking with said pin is tiny.
Allow me to disagree. I think it’s much easier to put the phone in front of the face than to grab a finger of someone having a seizure and keep it still for a few seconds
As for the PIN, as I’ve mentioned I’m approaching the situation hollistically and not just thinking of the moment someone is having a seizure
1 Like
I think in both cases we are talking incredibly slim chances of this actually happening with enough of the variables to consider.
No point even continuing, at least Monzo and Apple take it seriously.
Try it, unlock your phone using Face ID whilst bogged eyed or stare into blank space
With that I agree. Me using the one time ATM pins is more about not carrying cards, which is a bigger security advantage than avoiding ATM skimmers. It’s also just less stuff to carry around and worry about
Then also try wandering around, faking a seizure and seeing if someone steals the phone and forces you to unlock it.
The chances are just so slim. You are more likely to win the lottery,
The thing is I can’t personally see this as an actual common issue.
For me it’s up there with the chance of being kidnapped or having you thumbprints nicked. Both of which are pre-determined and require planning usually, not spur of the moment taking advantage.
I can certainly see some fucker might nick your phone or watch or wallet whilst down but not stay with the body and start unlocking with their face and making transactions.
1 Like
Yet people win the lottery, does that mean we should not bother with security or improving it then? Because it will just be a waste of money yes? Since the chances are so low.
This isn’t just about Monzo, Face ID can be used to unlock the phone as well as other things.
Like I said pointless. At least Monzo and Apple take security seriously.
Unfortunately it doesn’t make business sense in improving for the sake of lottery style chances.
I mean the UK lottery is ~ 1 in 14 million. So if out of 14 million people having seizures, one unlucky person has this happen. I’m hoping the bank would then be swift in helping reverse any transactions that happened before the account could be frozen after regaining from it. Especially if there was eye witness or cctv it would be a non-issue.
1 Like
So, what is your solution? Ban FaceID worldwide? Genuinely interested in what you think a solution is?
1 Like
If I had a solution then I would be working for Apple fixing it, not here on a public forum talking about it. But hey, let’s just keep everything to ourselves, never mention any problems to Apple etc.
How do you think companies improve their services and products, feedback.
Not to be dismissive but sounds like such a fringe case, non-issue. You will ALWAYS find obscure cases to argue against a system and say it’s vulnerable but the reality is that’s just not true. If someone can find a report of this type of crime happening please link it. Other banks use FaceID yet haven’t heard anything of the sort.
Edit: you could argue drunk people are getting robbed in this same way by someone taking their phone and holding it up (arguably a far more likely scenario given how many people go out drinking) but again, haven’t heard of such a case and doubt it exists (although someone I’m sure will try and prove me wrong 
)
Wouldn’t this be an issue to raise with the official Apple/Google forums/feedback? You might find its been raised by others with similar concerns over face id and seizures or similar.
The Monzo response would be to use PIN if you aren’t comfortable with using face id / thumb to unlock.
Monzo don’t actively moderate or read these threads so all you’re going to get is other customers putting their opinion over.
Already spoken to Apple about it, reason why I posted here is to raise the issue so other Monzo users are aware of the issue
1 Like
Genuine question, have you considered using a purchase credit card instead of a debit card if you still want to use face id, so if you essentially win the lottery and it happens to you then you don’t need to worry about your money being taken?
I know this doesn’t solve your concerns as in it could still happen but it would make it a non-issue if it did. I’d like to think if it did happen with your Monzo account, and transactions happened before it could be frozen they would help out as much as possible in recovering the money.
To add to the previous replies you’re also relying on the person taking advantage at that moment to have an untraceable account already setup in advance to transfer to, otherwise it would be a very easy crime to solve who did, especially it if sending to a UK bank. Even difficult to trace accounts aren’t impossible to find out where the funds went. Maybe buying some cryptocurrency quickly and transferring funds. 
While you’re alone, with nobody nearby to help, in an area with no cameras (thieves won’t risk it with cameras), while you’re having a seizure of a specific type. It also relies on a thief being tech-aware and calm enough to carry out the triple Face ID required to have access to your PIN, rather than the standard mug of take your wallet and phone.
Keep in mind that this security issue exists with all other banks. They may not have Face ID to see your PIN, but you can use mobile banking to add a new payee, confirm the new payee via SMS (for Barclays PIN is required, but you can use Mobile Pinsentry which doesn’t require your card PIN) and send an irreversible bank transfer to them. You can make a payment using PayPal without even Face ID, or one Face ID max if setup, no payee confirmation.
Yet I’ve never heard of such an exploitation of a scenario happen before with PayPal or mobile banking.
The scenario is absurd. Although it’s possible it is incredibly unlikely, never happened before afaik on similar platforms, and there are far more likely ways to get robbed.
No tech solution can be both convenient and totally secure, but Face ID goes a long way in that. It’s not foolproof, but it’s very good and deters common thievery. Let’s see the alternative: no Face ID, require identity checks, now you’re making it difficult for people to get a legitimate PIN reminder. There are more legitimate instances of people forgetting their PIN (I have so many cards I forget mine regularly) that this feature helps, than there are instances of robbery happening due to this feature (none as far as I am aware, in that category).
Weighed up, the pros are better than the cons.
How is this a Monzo problem??
2 Likes