Huge security flaw with fingerprint protection


I used to protect the app by simply enabling fingerprints scan and thought this was safe.

However, after dropping my phone, the fingerprint sensor got disconnected from my phone’s motherboard and Monzo would simply open without any protections.

This means that if my phone gets stolen and the thief can access my Monzo app, he simply have to disconnect the sensor from my phone and can do whatever he wants with my account.

I would suggest forcing us to set a PIN code in case the sensor fails, or having us to log in again.

What happens when you try and transfer some money?
Or view your long card number?

Does your phone default to pin/pattern on your lockscreen now or did it just stay unlocked ?


I feel this is a phone software issue rather than a Monzo software issue. It looks like the phone automatically removes the sensor lock if it fails without falling back to a passcode unlike an iPhone which automatically falls back to a passcode if TouchID/FaceID fails.


Plus I suspect it will ask for the pin for authorisation now that the app thinks there is no fingerprint sensor,

OP, is the use fingerprint to unlock app still on in settings?

What make of phone?

Obviously it’s not an iPhone, which means it’s any phone that runs Android. But yes, would be good to know what actual phone it is.