I like Daniel’s Q&A answer for this for the overall context.
It’s all in the lead up to PSD2’s Strong Customer Authentication that becomes a requirement in September 2019. You’ll start to see a lot more banks up their game in terms of payment security (including with 3D Secure) and Mastercard has a decent document on it.
Mastercard is mandating that Issuers offer their customers biometric authentication for Mastercard Identity Check/SecureCode […]. Issuers will have to offer an alternative authentication method for cardholders without a smartphone (e.g., an OTP via SMS).
Remember that you can enable Touch ID/Face ID/Android biometrics for authentication from the settings page of the account tab if it’s available on your device!
The reason I don’t have biometric for authentication turned on is because the pin entry gives me an additional step to double check bank transfers rather than instantly approving because I’m looking at the screen (thanks Face ID). 3DS shouldn’t need that additional step as I’ve already used Face ID to get into the app in the first place to approve the transaction.
I really do not possess this level of paranoia to need this feature.
Can I please-please-please, pretty please have a toggle switch for this on my whole Monzo profile?
It is a nice development and of course, good job and all due respect is still valid, but I am really not this paranoid to require this obstacle during all of my payment processes in the future…
With the already embedded excellent and top-notch security features of Monzo (like, the ability to freeze my card as well as the real-time notifications of all kinds if activity on my account), this 3DS is more of a PITA than anything productive for the healthy Monzo account holders like myself.
This feature was really invented and introduced by and for the other type of legacy banks without the modern security features and capabilities of Monzo.
I have already dropped other banks in favour of Monzo exactly because of this feature with their online payment - and I did even filed a complaint with the financial ombudsman about the VISA equivalent feature (after which this step was skipped for my other bank debit card during payment), but I really hope that Monzo is still more innovative than other banks and soon I can forget about this “feature” while still using Monzo for online payments…
The bottom line is and should be that this is about my money, where I should have the final say and accepting whatever risks regarding using them.
It only comes up if the merchant requests it I believe so not ‘all’ payments at all.
I believe the risk lies with the bank if they’re not able to support this functionality, not with us. In that sense it’s probably their decision to take rather than ours.
It’s been mentioned elsewhere, but it’s not your money that’s at risk, if a fraudulent transaction is made with a retailer that requests 3DS and Monzo don’t use is, Monzo is liable for any losses.
Used this for the first time today. Did it in the BarclayCard app, saved my card (still thought it was a Maestro card), then it defaulted to SMS verification. Simple and painless. Big fan.
Just had my first 3DS transaction. GWR train ticket. Pretty slick.
But why, after I’ve authenticated into the Monzo app with my fingerprint, do I a whole 0.5 secs later, have to redo the fingerprint to authorise the 3DS request?? Surely at that point it should be a straight click???
T the moment the Monzo app does not even start up (keeps crashing) after I attempted to pay online with this bad feature 3ds is.
I cannot even contact them.
So, now what? I am stuck while wanting to pay online, and I can’t, as the Monzo app does not even start up…
Also, I am planning to drop mobile phone for good - will that rule me out for Monzo? I guess so…
Will be checking other online banks to see where to move to if this 3DS is enforced without exceptions. Does Revolut have this I wonder?
Is there any way to opt out entirely of this? Almost all other providers I’ve have have moved on from 3D Secure and no longer ask you for anything, instead just waving you through. This new feature has just made Monzo the least pleasant of all of my cards to use for online payments since now I have to go grab my phone whenever I buy something which is just an annoying hurdle for each purchase. I get notifications for purchases, if it isn’t me I’ll dispute it and cancel my card immediately, that’s the whole point.
