Other bank accounts in your Monzo App?

Yeah this is a PSD2 requirement, since no banks will be ready when it becomes law in Jan, they’re having to add these terms.

3 Likes

like the others say, it’s a no to giving passwords to accounts with real money in them. I simply don’t trust any online company with all that power.

DaveTMG’s first rule of the internet - everyone is compromised eventually, the defenders have to get it right every time, the attackers just once.

The second rule is - never put anything on the net you wouldn’t be happy to be made public at some point.

Once read only access is available then yes, I’d love monzo to aggregate it all for me.

For credit cards etc, I’d be less worried.

5 Likes

I do exactly the same, but with a different app to you. Adding stuff manually is a bit of a pain, but obviously it’s secure and i don’t have to do all my spending with one account to keep track of it

2 Likes

Once a substantial chunk of the industry moves over then the rest will do so pretty rapidly, especially as they get bombarded by customers asking why they’re not compatible with x or y. Better to name and shame the few who won’t get on board by not supporting them.

1 Like

If there was an OAuth like API, where I could revoke access from the legacy bank, then yes I’d be interested. I’m not keen at all of giving full access to my other online banking systems, without having logs or revokable controls from the legacy bank.

I keep track of my spending manually in an app, though am interested to see what could be done with these new open banking APIs.

2 Likes

Yes! I’d particularly like to be able to connect my Amex etc to Monzo, so I get the best of both worlds: points, chargeback protection, etc, but also with the data enrichment and clean data and app experience from Monzo.

I’d also be happy for Monzo to use that data in aggregate with others’ in order to learn why some existing non-Monzo services are good to potentially enable Monzo to offer better services in the future.

5 Likes

I would really like to aggregate account details. There are so many logins to keep track off and so many apps required for each one; so the ability to see it all quickly in one place would be ideal.
I used to have a similar system with Egg (if anyone remembers them) where they held the account details, logins and passwords. There was always a delay of a few days after each bank changed there login procedures or they updated there systems before Egg would catch up and adapt there system to match.
There was also always someone who would complain because their particular bank or small company wasn’t on the list of the ones that Egg would cover.
Holding the login in details in the app on the phone rather than a server somewhere should allow this to be secure, that way you are always in control of your own data and wouldn’t be in breach of any T&C’s with others as you haven’t actually shared it with any one.

Ultimately it would be a very good addition to the Monzo app.

2 Likes

As long as it’s read only, I’d find this really useful :+1:

It’s too easy to overlook my balance on my credit cards & just focus on my bank balance at the moment.

I trust Monzo to keep my password more secure than my legacy banks so I’m not worried about sharing my login credentials. In other words, I think it’s more likely that it’ll be my legacy bank that’s compromised, rather than Monzo. Security built on legacy technology seems much more vulnerable to modern hacking techniques to me.

5 Likes

The difference is that your legacy bank doesn’t actually store your password, only a cryptographic hash of it. So even if their security is completely breached, the hackers don’t get access to your actual password. Monzo, on the other hand, would need to store your actual password to use it to log in. So whilst you may believe that Monzo has a lower chance of being breached, the consequences of a Monzo breach if they did this would be far worse.

1 Like

Are you sure about that? :joy:

3 Likes

Haha I mean, they employ lots of cyber security people, surely they can’t all be complete idiots to miss such a fundamental thing…

The issue with bank technology (generally) isn’t whether or not their employees are competent, it’s whether or not their legacy enables them to do what they need to & whether they can get sign off to do it.

You may be right about hashed passwords - I don’t know - my point is that I still consider sharing my bank account’s login credentials with Monzo as less risky than trusting my legacy bank’s security.

I use a different password for every online account so I don’t see why losing my bank account’s password via would be worse would be worse than my legacy bank account being breached directly?

1 Like

I think what makes me nervous is that if I had multiple other financial accounts, a successful attack on Monzo, however unlikely, would expose all my logins at once.

Saying that, aside from Monzo I only use Nationwide and one other savings account, so I’m not particularly worried. If banks are updating their T&Cs to allow me to share my login details with other financial institutions, without shifting liability to me if something goes wrong, I’d happily us Monzo aggregation by providing login details. It would be immensely useful.

5 Likes

Because if Monzo is breached, all your accounts are breached. If your legacy bank is breached, only that account is breached. It introduces a single point of failure

5 Likes

I used to be able to do this with First Direct until I started using a Mac so not sure if it is still available. I found it really useful. From memory the details of my other accounts were held on my desktop.

Personally I’d love to have this as I use my credit card for everyday spending. Just so I can get the points. Giving out my login details is something I’d have to think about though. Even though I trust Monzo. When the API’s launch I think it’s a no brainer. Or at least the ability to import statements!

Maybe it’s worth launching as a test with login details until API’s are out there. And just make that clear to the user. I guess it boils down to how long we have to wait for other banks to put the API’s in place. I imagine these would appear similar to the pots idea. And feed into your targets.

Good point, I just have accounts with one other bank so I hadn’t considered that.

To add some context, I’d be interested to hear how many bank accounts other users have whose data you’d want to view in a single app, assuming you didn’t have any concerns about security etc. -

  • 1
  • 2
  • 3
  • 3+
0 voters

I would love this if:

  1. It was read only

  2. Monzo masked the bank details of the other bank (so I could see balance /transactions etc but not sort codes, bank name etc) and let me label the feed as I wished eg “Legacy savings”

  3. Monzo could do this without me breaching any of my legacy banks TS and C’s…

(and 4. pulling data from things like moneybox might be nice too?)

1 Like

That data can be retrieved via their (most modern apps’s) API’s so you’ll have access to that :soon:

If this is down to PSD2 and PSD2 is Europewide will such functionality enable viewing accounts in multiple countries, e.g. a UK bank app also display accounts from Ireland and Holland?

2 Likes