I’m definitely not an expert. Just a consumer who tries to take security seriously (not to imply that Monzo don’t!) and falls more on the security side vs convenience.
To be clear, I’m not comparing to other banks. I have various accounts and some are better than others. Some definitely go to town with the security theatre (NatWest with their ******* PIN terminal) which is annoying to the point of just avoiding it.
I’m all for ML. I work for a tech company and we use a (highly publicised) combination of ML and humans to detect fraud on our customer transactions. I just have the opinion that these things are additive. Not either / or. I’ve also personally had fraudulent activity occur on my Monzo account which only failed because I didn’t have enough funds and then was quick enough to see the transaction and freeze my card.
I wouldn’t say my email comment was refuted. Just that some email is encrypted. Which is great but it it doesn’t completrly solve the problems.
I also was only ever arguing for more security when intially logging into a new phone. Not for every time you use the app. I think the increase in security is worth the trade off.
The comment by @rjevski also indicates that Monzo are solving for the average customer rather than the more security conscious. And that’s a perfectly fine goal. Perhaps it’s is a better solution for the majority of customers and it lowers support costs. But if you do happen to use strong unique passwords that isn’t really a problem you need solved.
I use a lot of online services and a strong unique password coupled with 2FA (not via SMS) seems to generally be a widely accepted good enough solution.