Security features


#1

Hi, it would be great if the application would be more secure. 2 specific examples:

  • don’t allow the user to take screenshots of the application, except maybe for the coordinates tab.

  • protect the app with a sign in pin / password / whatever security the device provides you with. And logout at a time specified by the user. For instance the user can choose the app to automatically logout (or lock with the pin) as soon as the user puts Monzo in the background, or after 5 minutes that the app is idle.


(Andre Borie) #2

don’t allow the user to take screenshots of the application, except maybe for the coordinates tab.

Care to explain why? Really curious as to why restricting the account owner from explicitly taking screenshots from their own account would improve security in any way.


(Gareth) #3

Android:
Account > Settings (:gear:) > Hide Monzo from recent apps

edit: to clarify, this has the added effect of blocking screenshots


#4

Sure.
2 reasons specifically , one less serious of the other.
1 - people might take your phone, screenshot stuff you don’t want them to screenshot of your details and send them somewhere unwanted.
2 - automation. Third party apps, malwares can crawl programmatically your phone and take screenshots. Not nice.


(Danny) #5

I have TouchID so that won’t happen


#6

Hi Danny, I just hope you are not serious. If you are, I apologies, and drop off this conversation.


(knows someone who knows Tom quite well) #7

Why are you giving your phone to people you don’t trust?


(Danny) #8

Why would I not be serious?

I have TouchID on my iPhone, could you bypass something that even the FBI struggle to do? I doubt it :upside_down_face:


(Matt) #9

I really like the ability to take screenshots of my banking app, send photos of transactions to people, it’s only ever annoyed me when other banks block this on android. However on iOS i don’t think this is even possible.


#10
  1. use a screen filter app, set to transparent, screenshot using hardware buttons

  2. use multi window, select the other window and move it as far to the corner if your screen as it will go while required banking stuff is visible behind it, use hardware screenshot buttons :white_check_mark:


(robert) #11

Monzo I think has the first and maybe the second on supported handsets.
And you’re phone is probably as Inportant as keeping safe as a passport/driveing licence
Thought biometrics / pin


(Nick) #12
  1. If people have taken my phone, I’d be more worried about them exploiting it directly than faffing around with screenshots. They’d have to unlock my phone to take screenshots - but then by unlocking my phone they’d also have access to my email, which is a far greater concern. They could use that to reset my passwords, etc.

  2. Again, if I ended up with malware, screenshots would be the least of my problems, as email would also be compromised. Also my understanding is this sort of malware is targeted - you’d have to social engineer the victims to download the suspect app in the first place - and Google are getting better at finding and blocking them.

tl;dr, in both situations you describe, screenshots are not actually the main vulnerability.


(Peter Roberts) #13

They could also “screenshot” your phone on theirs using their camera anyway… So disallowing screenshots doesn’t stop them either way


#14

From a customer support point of view, screenshots are super handy when troubleshooting any issues with you :+1:


(Allie) #15

Disallowing screenshots/working keyboards/etc is one of the infuriating things about legacy banking that has driven me to Monzo!


(Jack) #16

I hate apps that make you use their own keyboard. The keyboards are always yuck! (Pointing fingers at Lloyd’s)


(Simon B) #17

We actually had a discussion about this internally recently (when we were building Android fingerprint lock) and we felt that disallowing screenshots is a pretty terrible user experience.

For one thing, we even take screenshots ourselves within the company to load them into the app we use to claim expenses! :grinning:

That’s why we made sure to build the toggle switch. If you don’t want Monzo to appear in your recent apps switcher, you can disable this (which also stops screenshots), and then if you need to take a screenshot you can toggle the switch, so it’s all in your control :grinning:


(Gareth) #18

There are so many people here taking screenshots, maybe you need a “share this transaction” button or an expense report (partial statement?).


(Allie) #19

It takes so many attempts to successfully log in with Lloyds’ keyboard that the app is, effectively, unusable.


#20

Thanks for the correct use of the apostrophe. It stresses me out when Lloyds is written Lloyd’s, as they are two totally different bodies.