I’ve recently taken possession of a new Apple mobile phone and have used the Monzo app on both iPhone and android platforms for sometime now.
With the most recent handset I decided to take advantage of the Quick start feature on the Apple device to aid migration of apps and user data from a previous Apple device.
While this eventually worked as expected without too much grief I did notice, a seamless integration with the Monzo app.
All good so far but it did give raise to something which I would possibly class as a security vulnerability.
Other colleagues who also use ‘other’ banking apps on these same devices have found that they need to re-authorize / reset their banking apps after they had performed the Quick Start setup for their new handsets.
So - just to put this one out there really and see what your views would be:
Would it be better from a security point of view to have the new device re-authorized with Monzo as a standard procedure if a Monzo user upgrades their handset?
Technically it works both ways - Great seamless integration is definitely a benefit, but also gives rise to security issue if a users handset was ever stolen and possibly cloned in this manner.