no not at all just seems funny that you comment on a post so old - at least apple pay is now here
Not true for opening joint accounts, at the moment at least:
You can disable access to contacts, but then you can’t use Monzo.me (I don’t think I had an account when that would have stopped bank transfers!).
By contrast, Starling lets you use Settle Up without contacts access.
Contacts access seems to be firmly ‘baked in’ to Monzo - not great, in my opinion, in particular because I can’t see why it would be essential to the above features.
It was the only relevant post I could find when I ran a quick search.
Therefore, looks like this is not a major issue for most users.
Ok that makes sense too - I expect Monzo needs to see your contacts in order to find the person (Monzo user) that you’re opening your joint account with.
This is the alternative to Starling using their proximity feature to find the other user. Which prevents users who aren’t in the same room from opening a joint account together.
But why oh why the necessity? How many joint accounts can you open anyway? Does it really need access to all my contacts?
Surely there’s a simple way of doing it without this level of access.
Same for Monzo.me
Shame that these big features are predicated on unnecessary exposure of users’ contacts.
I’m not quite sure what you’re imagining there. Here’s how Monzo secure’s that data -
Starling Discussion & Feedback
I don’t think either starling or Monzo have bad ways of setting up joint accounts. I am quite happy with Monzo having access to my contacts but I can see the issue if you don’t want that to happen.
I’m thinking more of the principle that you should only collect the minimum data necessary in the first place, then protection and security are unnecessary altogether.
I don’t think anyone could claim to have a totally secure system with a straight face these days
Great, it sounds like we’re both on the same page then
If you are agreeing that contacts access is unnecessary for these features and a data risk, then yes, we’re on the same page!
Totally agree - which is why if someone were to gain access to Monzo’s contact data store, they would find something similar to this for a contact, in place of their name / phone number / etc: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Not much an attacker could do with that.
That’s what the “hashing” process does to your contact’s details, as described in the screenshots I referenced above.
Plus, any contact that doesn’t currently use Monzo has their hash deleted from Monzo’s servers.
Pass the hash maybe? I’m sure there’s someone here who can think of potential routes for an exploit. Gaining access to the data store is surely not the avenue of choice these days. I’d do some behavioural manipulation of the right engineer
You’re assuming the servers are the problem.
What if you don’t trust the app to begin with? The app has full access to your contacts and can do anything it wants with them, like silently stealing them in plain text before doing the hashing process.
There’s also the issue of third-party SDKs.
Yes! The iceberg is huge
Of course, if it was necessary or added some great benefit, the risk might be justified, but I just don’t see it…
If you don’t trust the app… the thing that has direct access to all your money… then might as well not have an account at all.
That’s another potential issue.
My initial response related to the potential motive for Monzo doing this being debated, with “data capture” being a very unlikely reason in my view (unless, of course, you don’t trust Monzo, but I didn’t trust them to a certain extent, I wouldn’t use them as my main account).
With enough effort anything can be hacked, this isn’t news. It’s helpful to keep these situations in perspective - what’s the cost / benefit ratio? (that’s a rhetorical question)
To me, Monzo using phone numbers to attempt to match other users to one another makes sense for P2P payments and for joint accounts and any other situation where one user needs to match another user. I’d actually take it further personally and do this kind of matching with peoples email addresses (and any other publically shared uniquely identifying information) if possible
To me, these data are not really “privileged information” which is not to say its a good idea to go plastering it all over the place but that attempts to hide them from others rarely really work well (probably because they are information designed be shared to allow others to contact you - like a street address)
Couldn’t care less who can see my contacts, particularly if sharing that info gives me features I find easier to use / beneficial