kieranmch
15 July 2018 21:28
62
Gaoler:
Again, that will depend on who you are and who your contacts are.
At Monzo we use Private Contact Discovery. We do not store your phone contacts on our backend, and our backend doesn’t even see their phone numbers or personal details. Here is a summary of the protocol.
What does Monzo do with my contacts?
The details
Your device generates a hash for each of the contacts in your address book
Your device then uploads a portion of that hash to the Monzo servers
The server checks if the hash matches any existing users and if it does, sends your device a slightly larger portion of the hashed contact
Your device then matches the larger hash with its existing hash to confirm the correct contact record has been matched
If there’s a match, we show you that contact as a Monzo contact. If there’s no match, the hash is deleted from the server and Monzo never sees any of the contact’s information.
The server never receives any of your contacts’ phone numbers, names or any other personal details during this process. The only time we transmit their full phone number is when you actually send money to that person and this is fully encrypted in transit, stored securely as part of our banking infrastructure, and only sent once you’ve confirmed the payment using your PIN or fingerprint.
10 Likes