hopefully Leah doesn’t mind giving her address away ?
I’d definitely use the Touch ID option.
Being able to see your registered address very easily is valuable I think. We get a lot of customers confused about why their address isn’t working, so it’s good that they could easily see what we’re talking about when we refer to their billing address.
With regards to third party API use, it’d be pretty cool to be able to see a log of exactly what the third parties have been doing - e.g. I tap “TfL” and can see something like:
- scanned for transactions matching TfL
- added journey details to 8 transactions
- checked authorization to charge card
I’d imagine some people who are particularly privacy conscious might even want to receive these as notifications.
@iansilversides omg, I should have told @leah Now all our happy users are going to start sending flowers and chocolates to that address without knowing that it’s actually a fake mix of my two previous home addresses
@billinghamj thanks a lot for sharing that idea, I wonder if that’s the kind of thing that should be API / Developers portal territory, helpful to debug, etc. I’ll keep it on mind
I will cancel my order
Brilliant! Anything to make it a bit more toddler proof !
Along with your home address, would you be able to change your email address here also?
I’m guessing you’d need to authenticate again to change any of this info too - if so have you thought about what mechanism you’d use (OTP code perhaps)?
I’m sure you’re a million miles ahead of me but as this profile data is fundamental to the account and I find the actual vs perceived strength of auth fascinating your thoughts would be interesting.
Completely agree with the visibility of sessions and third parties too, its really valuable and empowering for a user to know the who, what, wheres and whys of account access.
Can definitely lose the close account link though, I mean, who would?
Totally. We haven’t decided the mechanism yes though. Since we’re now password-less I can imagine something like sending you an email to the “old address” for you to click in order to take you to the “give us your new email” screen, and after that another email to the “new address” for you to confirm the change.
All that sprinkled with timeouts so nothing breaks if you make a mistake typing the “new address” and you can keep logging in with the “old address”. If you think about it it’s very similar to any other password recovery flow.
The perceived strength of auth is a critical matter for us, in a world of banks asking you for crazy long passwords and PIN calculators we’ll need to make a big effort to educate our users (not developers but regular people) that Mondo is perfectly safe without all those inconvenient steps. I wonder how many “measures” on legacy banks are just pure placebo.
Log in links now coming via SMS too
In App switches and location based security
Implementation of SafetyNet & Screenshot Prevention - Security
Exactly!!! Unfortunately educating users isn’t the easiest endeavour either - fingers crossed clear messaging and awesome design to boot will win them over
Do remember that sometimes, the reason why people need to change their email address is because they’ve lost access to their old one! I’ve seen a crazy number of people register for things with school, work or ISP provided email, lose the address almost immediately when they leave one of those and not realise that it’s still on file with many services. I’ve personally had one of my joke domains expire and didn’t realise that one of my Twitter accounts was tied to a now-inaccessible email address. Thankfully Keychain had the password still.
It’s a difficult case to have to resolve if you’re password-less but quite common in my experience. Sending a selfie to support with some kind of account identifying information feels like a good way to fix it though.
Even though that makes total sense I think at least for now we’ll deal with edge cases and exceptions manually through customer support. In fact, we are already doing it since the profile page doesn’t exist in the app
Once we have a volume big enough to really understand the different scenarios we’ll build multi-factor systems to get to know that you are actually you (ask you to take a selfie, a picture of your passport or driving license, check if you are on the same WiFi that your home is, ask you for some numbers from your card, check your PIN, biometrics, etc.)… so, don’t worry, we’re not going to let people out. However at this point we need to focus on solving 99% of the problem on the easiest possible way.
Good to hear!
Just warning that not having access to the old address may be common so the app should offer some kind of resolution flow, even if that’s just a little “I can’t access that inbox” button that opens support chat. As long as the automated method covers almost everyone’s case, a good, empowered support team can handle the rest. (Related: Mondo has some of the best support I’ve seen from any service I’ve used, keep it up as you grow!)
You’re totally right about the “I can’t access that inbox” thing. This is what we did for the regular login precisely because of that. We’ll have it covered.
Fun Mondo history fact: I didn’t consider that scenario WHATSOEVER when designing the password-less flow. Five minutes before submitting the app to the App Store our CTO @jonas made me understand the issue, we added the extra button and @james coded it faster than the speed of light. Something something, move fast, break things
when is the new profile coming
i reaily hope she dont lol
I would definitely use the TouchID to enter feature!
i would use touch id
I’d prefer it if it didn’t show my full address - maybe with the numbers scrubbed out, vowels replaced and common words removed - so my address would be “*** Eld*r , Clpstn **, NG *FU” : it’ll be more than enough for me to recognise it, but useless to anyone that gets hold of an unlocked phone and the card (baring in mind, that for CNP (Cardholder Not Present: internet transactions mainly), the numerics of the address are used for authentication).
I do hope to see this soon. Anyone sent flowers already?
Touch ID +1
That’s the biggest missing feature for me right now. Just makes me uncomfortable not having the app protected in some way. Love the app otherwise.
Brilliant idea doesn’t need to be glamorous but functional