I don’t see what the difference in leaving Facebook logged in and Monzo logged in is. At least with Monzo to send money or reveal your PIN your fingerprint or verification is required. Your phones security should provide enough for privacy.
Your email and phone are the two things you should ensure are secure for Monzo to be secure.
No one ever seems to care that they’ve probably got their email on their email app accessable without a finger print, password or pin reader even though access to that means access to most of your accounts.
If you value privacy of your banking data, then I think you have two options:
Listen to Monzo fans telling you that Monzo knows best, and that if Monzo says you dont need additional app security, then you don’t.
Don’t use Monzo.
I think it is very unlikely monzo will change their mind on this matter, and certainly Monzo’s fans won’t.
I have chosen option 2, and I think the community would to well to accept that people are different, and that some people just don’t like their banking app to be open to all if they don’t have, or can’t, or don’t want to use a fingerprint reader, rather than to try and tell them how extremely wrong they are. Monzo just isn’t the right bank for these type of* people.
* that may sound condescending. It isn’t meant that way at all. Remember: I’m one of those people.
I’d agree. In addition, it’s worth bearing in that staying logged into the Monzo app has a few benefits - one of which is instant notifications.
If your card has been stolen and starts being used fraudulently, instant notifications will let you catch it right away and either freeze your card when you see the first transaction in real-time, or ideally when you notice you’ve lost a card before any spending starts
Our app isn’t really intended to be a log in/log out kind of experience. We aim to give you real time visibility and control of your money, and this becomes pretty much impossible to do when you aren’t logged in
But if people do not have or can’t use a fingertip reader that is what they have to do for security of their personal and financial data as anyone can access and hence view transaction history, name and account number etc, all because of lack of provision of the most basic of app security, a pin or password.
I have my phone encrypted with a phone device pin, a sim pin for sim 1, a sim pin for sim 2, and Norton Applock enabled with a pattern for every single app on my device plus the settings.
However, in principle I should not have to resort to using third party software (Norton) to make up for lack of security on my Monzo app.
All other banking apps I have contain a 4, 5 or 6 digit pin to prevent unauthorised access to the data and I expect no more from Monzo. The security of anyone’s personal and financial data in their bank premises is fine, but the weak point is at the user end of the chain at their device.
I still believe Monzo have an obligation to take steps to protect that user data, which they have partially done with the introduction of fingertip unlocking. However, it is not always practical or desirable to keep your phone locked at all times, so authorised users of that device be it your spouse, your kid (or your boss if a work phone) can accidentally or intentionally go into the app and see what you have purchased and where you have been, balance, account number, overdraft amount, address, tax residency, etc. All data that could or should be protected from prying eyes.
Now I worked in IT so I know it is only a deterrent or delay to slow down anyone determined to access your data, and that they can get around those methods either with uninstall/install or using an email link blah blah, but that friction should still be there.
Now before Alex pops up and tells me off for raising the issue again, I didn’t, I am purely providing a reply in response to your question
I don’t think I would have my bank app and details on my work phone (if I had one) that your boss could in theory demand unlocked access to , I wouldn’t give my unlocked phone to anybody I didn’t trust or let them walk away with it out of view, but I suppose some people would and do they could then potentially see my account balance , if I was that concerned about them seeing it I wouldn’t do it but thats my personal obligation I suppose
I know a few people with Windows phones who have fintech apps on their work’s Android phones, because only the big banks have Windows apps. Personally I would never put my bank app on a work phone, wouldn’t want the boss to see how big my overdraft is
Primarily it’s a matter of principle: My mailbox is reasonably secure, but I want to have multiple layers of security for anything that’s important. Having just one potential point of failure is too risky for something that can reveal so much about me.
As for specific scenarios: This twitter thread neatly summarises one scenario where my email would be completely and irrevocably compromised:
so its up to yourself to secure your email - you either choose to take the risk / or not of not fully securing your email which can then change all of your details on other sites with presumably a few other security questions (DOB etc) ?
I get around this by appending a password to my email address - so it’s something like email+XXXXXXX@provider.abc. That makes it reasonably secure as long as I delete Monzo’s magic link emails. Most email providers allow you to have virtually unlimited addresses by suffixing your address with +something.
Why do you care? The bank is ultimately responsible for any fraud occurring on your account. I’d be more worried about the irreversible damage caused by an email compromise (leak of personal data and access to other accounts by resetting their passwords); as far as money is concerned the bank will refund it.
It is not the issue of the money but the data that is of concern. Like you say if money is lost it will be recovered but if any of your financial or personal data is seen it can’t be unseen!
But that’s my point, doesn’t your phone, email, text, pictures and social network apps contain way more sensitive information than your transaction feed?
so don’t let anybody borrow your unlocked phone if you are that concerned about somebody you have given your phone to seeing your finances is surely the answer ?
That is a matter of opinion. Personally I don’t care about people knowing about my medical problems; or them wasting their time reading all my emails between family or friends; seeing fashion pages I follow on Instagram; foodie pages I follow on Snapchat; or what pop stars I follow on Twitter. But when it comes to a app showing how much I spend where along with a map showing where I went I find that more personal. I am happy for people to view my emails, if I wanted the content of one confidential I would copy it to somewhere secure and delete it from the email server. However, I don’t want people knowing if I am spending an inordinate amount on spa treatments or fine wine. So each to their own.
they could then potentially see my account balance , if I was that concerned about them seeing it I wouldn’t do it but thats my personal obligation I suppose
