I forget how spoilt I am with Monzo

With Barclays it seems you just call

That is great to know I’ll order one.

Edit - Oh wait, do Nationwide have one?

I don’t actually see one mentioned on the Nationwide website. I’d hope they have them too, though. It feels like a big omission if not

I can’t seem to find one. And I’m not sure the Barclays one is compatible, as they have their own PINSentry thing.

The regular ones are interchangeable. Maybe worth asking if Barclays would consider sending one?

I have a Barclaycard, so maybe they’ll send one? I’ve never used a card reader with my Barclaycard like…

There’s a brochure for an accessible Barclaycard reader too so it must exist. Worth a shot, and I’l it’ll probably work with Nationwide too

Here: How do I request an accessible version of the PINsentry? | Barclaycard

That’s where BitWarden, Last Pass, etc, come in handy

Is your contention here specifically that they said “we don’t do this for security reasons” instead of “we chose not to offer this for security reasons”?

This is not contract wording or a legal letter and so the language will be of a more conversational nature and some level of inference may therefore be required on the part of the reader.

“We don’t do this because X” in this context already brings with it the implication that a choice was made (some point after X was identified, and provided X is not an obligation such as law/regulatory requirement) and without the use of “solely” or “entirely” it is reasonable to assume it will have been a choice made based on the totality of factors at play, but that security was/is a key concern upon which the ‘choice’ could solely be justified.

This is not at all the same as “we can’t/won’t tell you, go away” - it is not the same as, for example, having your account closed “for security reasons” and no further detail being available (which although using the same words has an entirely different context) - it is simply quicker in this context to write and easier to read “we don’t do this service for security reasons and don’t have the tooling” and expect the reader to draw the necessary inferences rather than say
“there are a number of factors in the decision not to do this but ultimately there would be no commercially viable way to offer this service in a manner that falls within our risk appetite as an app-based bank and so we made the decision not to offer this and as it was a service we had chosen not offer we did not need to build the tooling for it and so even if you rang us up and offered to slip us a fiver it is literally impossible, by design, for our ops staff to do this thing”

That is not my contention

Dan Said:

I am saying that

• for data protection reasons
• we apologise for any inconvenience that may have been caused
• we’re sorry you think that
• Health and safety reasons
• We can’t tell you why
• For security reasons

Are all used far to often to justify something that they don’t have an explaination for or don’t want to provide an explaination for

Starling for example won’t let some people add their debit cards to Apple Pay. Their answer… We can’t tell you why. Now we all know this isn’t true UNLESS they don’t know why it’s happening which is very unlikely.

In Monzo’s case there is an undisclosed reason why they can’t to do this. I would hazard a guess that Dans earlier comment about Monzo being an app only bank is the real reason for it.
For the record I do not think (as others have suggested) that it is an unreasonable reply. You sign up for Monzo you know they are app only, if you want to telephone banking thne pick a bank that offers it.

My issue is and remains the blanket “we don’t do it for security reasons” which clearly isn’t true. They don’t do it because they are an app only bank that doesn’t offer that facility.

I think we’re getting slightly off topic but I don’t think people should be saying Monzo don’t do something security reasons when the answer is simply that they don’t offer that facility or product

This feels like a confected argument. This is a conversation, not a formal piece of correspondence. Indeed, Dan even followed up and explained what he meant.

I agree there’s a time to challenge sloppy wording - or companies trying to hide behind vagaries. But this isn’t it.

For the folk wondering why we have less staff engagement than we used to, this might give you one insight as to why.

All too often maybe, but in a comment on why Monzo don’t offer to make any changes over the phone, whether or not those words are used as a cop-out elsewhere is irrelevant, because that is not the context those words are being read in here.

Is it definitively known that it is up to Starling? See previous conversations about Apple pay; Apple have egregious NDAs that industry only puts up with because Apple is an 800lb gorilla, so even if Starling did know why Apple pay won’t work with that card, or if there is a reason Apple have prohibited that user from using that card on Apple pay, they probably can’t tell you. Or, they genuinely don’t know, because Apple won’t tell them. Or there’s a bug, and they don’t know what the cause is. But nobody who works in customer facing roles (or businesses) wants to tell angry customers “we can’t tell you why”.

I don’t know why you have decided there is some secret undisclosed reason for making this decision. They have disclosed it: it is a security / fraud control not to offer anything relating to account manipulation over the phone. The limited “out of app” account modification that they do offer (“Help, I can’t access my email so can’t sign in”), has to be done in writing.

That they are app-first means that yes it should be expected for everyone that specific day-to-day telephone banking services are not available.

But you can’t say that “security reasons” is some sort of cop-out when that is the basis of Monzo’s decision not to offer any out-of-app functions over the phone.

They genuinely can’t tell you why. It’s part of Apple’s financial crime rules - we have to abide by the same processes. In lots of cases we can only tell a customer that they’re unable to add their card to Apple Pay (similar things exist for Google Pay too) except in Google’s case they won’t allow person A to use MDES tokens, then tell person A the problem is on the bank’s side when it’s very clearly not.

It’s daft, but the rules put into place to protect against fraud, money laundering and other types of financial crime are closely guarded. So we don’t know the reason a customer is unable to activate an MDES token other than the error code we’re provided by either Apple or Google and they’re about as generic as can be.

Individually everything you say here makes sense. But there’s a large part of me that worries about the system as a whole. Does anyone understand how these various things interact? How do we avoid Kafkaesque situations?

(Not after an answer, more for general musing).

You’ve hit the nail on the head!

It’s really frustrating to tell somebody we don’t know why, but often we don’t.

As another example a customer gets in touch because their card has declined in the shop. It’s a logical expectation that you can contact your bank and they’ll be able to tell you. Sometimes we can, but in the following what would we tell somebody:

• We don’t see any authorisation request coming through in our internal tooling or in the raw MasterCard messages. As far as we’re concerned there was no attempt to make a payment, is this an issue within our data centre, MasterCard, the acquirer, the terminal, the card? Most people don’t want an explanation of how the payments process works, just that their card will work next time they use it.
• A customer tries to use their card and it declines. We can see the decline reason on our tooling as ‘05 do_not_honour’ which is the most generic message you can see for authorisations. This could be caused by any number of things, so again - we genuinely don’t know.

I guess you have to put your faith in the regulators to do their job to keep everybody in check…

I am sure there have been instances where financial institutions have lost cases sent to the ombudsman because of regulations that obligated the financial institution to essentially treat the customer the way they were treated (but which were ultimately ‘unfair’ as experienced by the customer particularly where subsequently to have been found to not in fact be a money launderer).

It’s a bit of a mess, and I would argue does little to enhance the effect of fincrime regulations as criminals will know that when their account mysteriously stops working for no apparent reason and nobody at the bank can tell them why that the jig is probably up and it’s time to move on. The artificial shroud of secrecy banks are obligated to maintain really helps nothing, but the issue is that without some sort of police / regulator / bank SLA on how quickly these matters should be initially investigated and cleared up you would still end up with an infuriating black box where the customer can be told nothing useful about when they might get their account back (or not).

I don’t think is quite true but again it’s hard to discuss without going into too much detail.

Let’s create a fictional scenario though

Joe Bloggs is a very bad, criminally minded, person. Joe’s been a Banko customer for a year and has been successfully laundering drug money through his account for the past nine months.

Joe’s pretty confident that he’s managed to evade Banko’s financial crime rules, so his activity has been pretty consistent for the last nine months with nothing out of the ordinary.

Suddenly, one Thursday morning Joe’s wakes up and gets a letter from the customer services team at Banko. The letter states they’re closing his account and will return any monies owed as soon as possible. It also tells him that they have no further information to give.

Joe’s a bit confused - he’s not done anything different with his account for the past nine months. Nothing has changed, so although Joe knows he’s been caught for laundering funds he doesn’t know exactly what triggered the closure of the account.

He tells his gang what’s happened, but can’t offer them any advice as to what to avoid doing on their account because he doesn’t know.

All these are possibilities:

• Banko’s internal rules spotted something which triggered a manual review
• Banko received a communication from Bankz which resulted in the closure
• The customer’s account was frozen by lawn enforcement
• etc, etc, etc

(Also I’m sorry that sounds patronising - it isn’t the intention but it’s the easiest way to try explain some of the context with giving anything anyway).

Fascinating. Is this where the term ‘grass’ (whistle blower, tell tale) originates?

Darn autocorrect, I hope I haven’t sown the seed of doubt about my authenticity…