Improve Account security via in-app chat

Definitely is

In app chat security has come up more than once, a thread similar to this was merged into the main security thread a few weeks ago.

I’ve messaged you, the email was somewhere around March I think. I’ll check my sent box tomorrow and message you the date and time.

@alexs whilst I can understand your points regarding liability around security, I think that it is valuable for monzo to take on board customer perceptions - and in this case the customer perceives it as being insecure. Hence if it isn’t insecure, there is an education problem to be solved.

I take slight issue with one of your statements - there could well be security experts in the community.

I agree & the best way for a user to get their concerns resolved would be for them to message support, rather than worrying other users in the community.

If there are then I haven’t seen them

But then other members of the community with the same concerns wouldn’t have them addressed.

You’re missing the point, no one in this community can address them, see this topic for example -

It would be addressed if a monzo security expert gave chapter and verse.

Then we can add it to the FFAQ.

Reading posts over the years, I think there is actually a few.

Sure, if you could point me to the last white paper you published, I’ll check it out & start paying attention to your posts

If a user has a concern, I’ve already explained how they can figure out whether it’s a problem or not.

Yeah but as you say, there are no security experts in the community

Let’s not get catty eh? FYI an expert isn’t defined on what they have published, as much as it is obviously necessary in the security community.

I have the necessary qualifications + I don’t need to prove myself, It was merely a rebuttal to your ignorant statement.

Cool so in the meantime, I’m sure we can both agree that the Monzo team are experts & it’s probably best to leave these discussions to them because of their extra context, if nothing else.

Also, it’s not much help being a security expert if you never post about security - that would explain why I haven’t spotted you

My 3 cents

• “how many breaches” is very likely 0, definitely low risk, but you shouldn’t just be questioning the security after a breach
• “Monzo are liable” “they have an incentive to fix it” - their risk assessment of potential losses would be a factor
• “some of whom won’t have the context to judge” - Maybe there could be a technical category in the forum, to discuss the API, implementations, the technical explanations that Monzo give and yes, security concerns etc.

If you leave your phone unattended and unlocked (presumably with auto-lock turned off which by default is on), why should Monzo be to blame?

Would you also like Monzo to also issue free ‘How to secure your smartphone with passcodes, biometrics and common sense’ courses?

Don’t be rude to other users. They have every right to raise issues of concern to themselves and politeness and positivity in replies not only improves the tone of this community and makes it more welcoming to newcomers but also prevents from detracting from your viewpoint which loses it’s impact and credibility if full of ridicule or bile.

It is time this community realise there are two contrasting views on security and respect each other rather than vitriolically stamp upon opposing views

I didn’t read that as vitriol, just a bit of banter!

I ask this all the time… it’s like if you send a ‘Nigerian Prince’ £3000 for £10,000,000.00 why should the bank be held liable when it was YOU that made that transfer…

No, waste of time and money.

Bloody hell, it was just a question about if the current method is secure enough. It’s a perfectly reasonable question to ask of your bank.

In fairness, although I know the comment was intended this way, I think this is what Monzo University is designed to be for