Monzo Labs: Improved Card Security

From September 14th this will stop being optional, and all banks in the EU will have to enforce these limits.

This is true. But it doesn’t prove you still have possession of the card, which is something the EBA is looking for.

In Europe (Spain is where I am now) when I pay with my Monzo card and they tap contactless sometimes they ask for pin as well without me having to insert my card, which I am happy with, can Monzo have a similar system instead of first decline then insert then pin?

Have a look at this post a little further up Monzo Labs: Improved Card Security - #6 by erincandescent

Thanks @thomas

k cool, thanks. Are you expecting any changes in user behavior as a result of this? For example, I may now choose to occasionally use chip and pin to avoid the potential “embarrassment” of payments being declined. It would be interesting to track what percentage of possible contactless payments are made by chip and pin following this roll out.

I’m not really sure. Personally I suspect that people will just get used to the declines, every bank is making this change, so soon it will be super common to see people having contactless payments decline. I think the “embarrassment” will vanish pretty quickly.

Most terminals in big shops handle this quite well, rather than declining and making a big fuss, they just politely ask you to insert your card and try again. Some older terminals just explode, and part of this test is trying to understand how often that happens.

Cool

Please never put a limit on Apple/Google Pay

Does this affect online payments, or just POS?

I think the wording around “declined” need to be adjusted, as by the sounds of it, the terminal will just ask you to use to Chip & PIN instead, which other banks already did. In terms of other banks, it never “declined” as such, just asked to insert card usually. People might get confused around the wording for declined in that sense.

But I have enabled it and will feedback on my experience

Is this how the system will work when released, or just for the trial? It seems like it would be unworkable if this exception was removed – you’d potentially end up with someone stranded and not able to get a bus home.

(emphasis mine) Is there a plan to include them in the future? That would seem an unnecessary hassle, given we are already authenticating every one of these transactions with TouchID/FaceID/PIN.

100% agree, I would look at moving my transactions elsewhere if this was something that was introduced (and wasn’t industry wide).

If it’s not mandated by the industry, I’d be surprised if Monzo include them. I imagine Monzo will have one of the least intrusive SCA flows of all banks.

As long as Apple Pay remains as frictionless as it is now then bring it on. Hopefully this pushes more people towards Apple / Google / Samsung pay as this has to be the future and maybe people need a good reason to use it. Now they do

Apple Pay and Android Pay will always rely on FaceID/Fingerprint to authenticate transactions. You should never see a decline on the terminal itself.

I’ve update the post above to remove those words, and prevent further confusion.

Thank you

Is it just me or does the £30 limit not seem very low?

Let’s say your out for lunch and some drinks with some friends or something, you’ll probably have to do this verification every 3-4 times you go up to order something.

Let’s say you do a wee midweek shop comes to £25, then you’re most likely gonna have to verify the very next time you use it.

Seems a lot of hassle, I appreciate it’s mandatory for all banks to implement this but £30 limit just seems very low to me.

The £30 limit is just while we’re getting feedback on the experience of getting a decline. We’ll increase it to ~£100 (the max the law allows) once we start rolling it out to everyone.

Ah right okay my mistake. Thanks for clearing up.

Thanks for confirming!