New online payment safeguards - BBC


(Alex Sherwood) #1

New standards announced today & some changes which Monzo will need to implement. I was expecting Monzo to create a feature to enable users to have greater control over Direct Debits anyway but I expect the other changes are unexpected. Let’s see if Monzo’s one of the first to implement this :slight_smile:

Two new safeguards to protect people when they pay online or via banking apps

The changes, announced by the payments industry, will allow consumers to double check they are paying the right person.
When money is taken from an account by a direct debit, consumers will also be asked to confirm the payment.

When a bank account holder makes a payment online, a message will come back from the bank, confirming the name of the person they are paying.
Only when they click “OK” will the payment go through.

When a company wants to take a regular payment from a customer’s account - for example gym monthly membership fees, or a mobile phone company charging for extra data used - the consumer will receive a message asking them to approve the payment.

The plans also involve the consolidation of three payment system operators:

  • Bacs, which administers automatic payment methods such as direct debits
  • Cheque and Credit Clearing Company
  • Faster Payments Service, available 24 hours a day

Freeze Card for Certain Merchants
(Ben Green) #2

Constantly approving transactions, especially for those who buy a lot online and/or make a lot of DD payments, won’t get tedious at all. Will be interesting to see how Monzo handles the user experience of this without breaking regulations.


(Leon) #3

Maybe like they do on (Android) apps with three boxes allow once, allow always and cancel.


(Patrick) #4

Love the idea for online payments. Just have your phone ready when typing your card details on the website, click “accept” on the Monzo notification and all is good.

Great two-factor authentication. It ensures no one can use card online without access to my phone app (i.e. only me)

Not sure about Direct Debits though.


(Ben Green) #5

Yeah I suppose it is essentially a form of 2FA and how you’ve described has been discussed for use as Monzo’s own implementation of 3DSecure.


(Gareth) #6

For Direct Debits it sounds like this would be a one-time verification, not per-payment. Which is needed, since at the moment there’s minimal detail required to start a fraudulent DD - Jeremy Clarkson found this out the stupid way (the money went to charity).