Security - it doesn't 'feel' secure

That sounds perfect. But I’m on android so no Touch ID sadly.

1 Like

Ah - I can understand your concern then! I’m sure given that the Android app is significantly younger than the iOS one they will bring more security features in eventually. Fingers crossed for you. Sounds like you’re making it as secure as you can at the moment, remember it is still a beta after all. :slight_smile:

1 Like

I also would like to see an answer to this question - as a new user who had OKish experience setting up so far. App crashes - had to reinstall. Email animation takes too long and if you quit/switch too early, takes you back to email field - leading to having request another email… What if I didn’t have the email setup on the phone?

I didn’t want my card details saved but it did save it. Neither did I want to top up £100 straight away… HSBC gave me £150 to start using their debit card, why would I want to pay Monzo to use it :smiley:

What’s wrong with standard 4-5 digit pass/pin to login? Little things like that make me question how easy it is to get your money back.

Where are you going to store this PIN? You’ve already got more PINs/passcodes than you can remember - adding one more just means you’ll reuse an existing one and security goes out the window.

I’m grateful Monzo doesn’t ask me for a PIN every time, otherwise it would just be 0000 or something stupid like that (because I can’t be bothered to open my password manager and copy/paste a PIN just to see my balance).

1 Like

You’re not - it’s your money to spend as you see fit. It’s costing :monzo: money to produce these and I guess it’s one way of weeding out people who aren’t going to use it in this beta and provide Feedback?

7 Likes

I really like not having to wait for a spinning wheel to “authenticate” my device, tell me I’m offline (I’m not), crash, ask me for random digit’s from my unmemorable information and card number and then, finally, tell me my balance.

I agree, maybe there should be some more authentication for carrying out actions. I don’t necassaily agree that opening the app constitutes a need to authenticate. After all, I can open the Google Play app and browse my purchased content and that to buy. When I actually want to make a transaction or change some account information - I’m asked to authenticate. As long as you have a passcode on your phone I don’t think there is necassaily anything to be very concerned about.
It is now trivial to remote wipe devices and most are encrypted. There has to be a balance between usability and security otherwise we’d all be going around with air-gapped devices and USB ports filled with epoxy - Monzo != PNC or MOD database. (I speak as a developer and pentester!)

(Edit: my balance and transaction history is personal information and yes can be used as a social engineering tool, but if someone has got that far I think I should be more worried about what else they are doing with my contact list, email, social media etc. As long as they can’t carry out an action without further auth I see no real issue)

9 Likes

Finally someone sane who understands the real risks of an unlocked device and the importance of a system passcode. I find it quite funny that some people here will fight furiously to have a passcode in the Monzo app but are totally fine with an intruder gaining persistent access to their device by leaving malware.

5 Likes

Pin should be necessary in order to access your monzo banking

1 Like

Totally agree, it is a HUGE privacy concern. It is neccessary to keep your personal data secure from prying eyes. That is why I am currently using another app for my main account.

I completely disagree - my phone is personal, it stays locked if I’m not actively using it, I don’t need yet another verification step…

So if they do add it, I hope it will be optional

11 Likes

If implemented it should be optional. I enjoy not having to put in a pin every time I want to view my balance or transactions. My phone is locked anyway so I see that as my security layer.

Touch ID can currently be used to unlock the app if you want it to.

7 Likes

not all devices have fingertip readers and not all people can use them

Some people still use abacuses… abaci?

Monzo is a bank that listens to customers. Something about security that bothers you or you think of improvements, let them know. That is the point of Monzo.

1 Like

Wikipedia says either, and they’re a useful tool to teach blind kids maths.
For the Android equivalent, 1.7% use >v4.1 and 26.6% use >v5…
It’s a wavy graph of people slowly upgrading their devices.

1 Like

I love not having to log in each time. A finger print secures my phone. That’s enough for me.

Possibly in the future on a current account could use fingerprint to confirm a DD or money transfer. I think in a world of contactless payments…that would suffice.

But of course this is just an opinion…

2 Likes

Possibly in the future on a current account could use fingerprint to confirm a DD or money transfer.

You’ll love the current account then :slight_smile:

2 Likes

Mines not 16, its 6 but I have touch ID setup too! The 4 digit can be cracked a lot easier

For the prepaid I didn’t mind, but I think for the current account that before I could fully move my life’s finances to it, it definitely needs some kind of pin, password and ideally fingerprint control.

The reality is that currently, someone who hacks into my Gmail could sign in to my Monzo. Unlikely with the 2FA I have on that, but I would still feel more confident before moving everything regardless.

Thanks

1 Like

We do know that the security features for the app are due to be redesigned so let’s see what Monzo comes up with :slight_smile:


I’ve moved your post here to keep all of the discussion about this topic in one place.