This is always the part I struggle with. Accepting that these are not enough.
If the card pin is enough security (in combination with possession of the card) for purchases in shops, why would it not be enough (in combination with possession of the phone) for transfers elsewhere? I have my phone nearby almost all the time, as much and probably even more so than my wallet/card. To my mind, that proves the PIN is OK.
In terms of the phone security, with all due respect to everyone at Monzo, what makes anyone think they can secure the app more robustly than Google/Apple can secure your phone’s operating system? Most/all modern phones will be shipped encrypted and you can apply a PIN/passcode/password trivially. Not to mention that you’ll probably have fingerprint security should you choose to in most cases nowadays as well. I firmly subscribe to the philosophy that the phone itself should be secured correctly and then all your apps (banking) will be safe, along with all the others which are arguably nearly as critical but also do not have their own precautions in app, such as email.
To compare this to my legacy bank (Natwest), they secure the app behind a PIN and optionally via fingerprint. In my case, that means I unlock my phone with a touch to the sensor and then unlock the Natwest app via another touch of the same finger to the same sensor. Honestly, is that more secure than doing it just one time? I don’t feel it is.
One problem is the reliance on third parties. If Monzo were to not allow installation unless a phone has a lockscreen (similarly to how - I think - you can’t activate Android Pay without lockscreen) it would be a very different story. But they don’t. Thus security depends on the user, and security that depends on the user in this way won’t work.
Monzo should require the phone to be locked, and not with a pattern. Again, this is what many payment apps and corporate email apps require.
Using a password which is different from, and longer than, the card pin would help, and it wouldn’t require, I’d hope, major revolutions in the IT infrastructure.
Maybe a second password for transfers that seem suspicious or are above a certain threshold.
I see your point here but respectfully again disagree…
There’s no disputing the fact that an unsecured phone is not as safe as a secured one, that is absolutely the case. But I see the fact that Monzo allow this not as a failing or as a lack of responsibility on their part, rather a purposeful hands-off approach which allows everyone to make their own choice. If you choose you keep your device unsecured, that’s your decision. Not one I’d recommend or condone personally, but were I the app developer, I’d have to have some damn good reasons to feel it’s my place to get in your way, especially as there may be reasons I don’t know about for your choice. If anything, I think it says something about Monzo that they care enough about their users right to choose (and respect their users’ intelligence level regarding risk and security) that they’ll shoulder the slightly higher risk to themselves that this approach entails.
That said, I think a middle ground could perhaps be struck… One option would be to detect the lock screen (or lack thereof), if it is possible, and warn the user (e.g. “we note your device isn’t secured and recommend you do so to keep your funds safe”) or perhaps to built the in-app security options people are seeking but most importantly leave them disabled by default. Perhaps again, upon detecting a lack of OS-level security, a recommendation could be shown which takes you to the Monzo app settings screen to flip those switches should you choose to.
Instead of a bulky card reader Nordea have a number generator about 4mm thick and maybe 2.25cm by 3.75cm (approx figures without using a ruler), also Symantec do a reader bank card size that fits in a wallet or purse and a keyfob. There is no need for them to be as huge as those Barclays card readers.
The fact that Monzo doesn’t require lots of passwords/memorable data shows that the security model was a primary consideration from the concept stage. If anything, I find the existing bank login procedures (password, memorable data, card reader) feel a lot more like security ‘bolted on’ an existing infrastructure.
Now, I understand from your posts that you don’t agree with the security model that Monzo uses, but I think there’s been a lot of thought given to it, and into making it seamless so it’s used. The holy grail of good security is something that is strong but you don’t notice in normal use (e.g. the philosophy behind FaceID). You’re saying you don’t think Monzo’s model is strong enough, and you’re certainly entitled to that opinion.
[quote=“markembling, post:24, topic:31201, full:true”]If you choose you keep your device unsecured, that’s your decision.
[/quote]
And what do you think will happen if, say, someone steals the purse of a single mum with her unlocked phone, guesses the Monzo pin from her date of birth, and empties her account?
I can imagine big headlines on how the poor lady hadn’t realised the app was so unsecure, how Monzo should have somehow enforced stricter security, etc.
Should something like this go to trial, I have no idea who’d win, but I know it would be awful publicity.
Let’s also remember we are not talking about entering 40 different passwords before looking at your account, but only to authorise payment. I don’t assume most of us make loads and loads of wire transfers every single day?
The problem with the app is while sending money may be secured by a pin your personal data such as full name, address, sortcode and account number, full transaction history incl amounts merchant and location, recent payee list, etc are all visible to anyone using the phone authorised or not with the only way to prevent access being to ask them nicely not to click on the Monzo logo LOL…OK so I have installed other software to lock this app but I am having to rely on a third party app to protect my personal data as Monzo does not see fit to do so.
It’s a tradeoff. How likely is that to happen? How guessable (or not) is your PIN? If her PIN is her DOB, that’s a very poor decision right there and by the sounds of it, the main contributing factor - maybe they don’t get her phone but get her card and make transactions that way after guessing the PIN - is that still Monzo’s fault for allowing her to choose that particular PIN? And sure, she could and likely would blame Monzo, but everyone always likes to pass blame instead of taking any responsibility.
Would you make the same argument against Google if her Gmail account was compromised and they used it to commit identity theft?
Yes, it’s always a trade off between security and convenience. If I were an investor in Monzo I’d be terrified at the thought of what I described. Low-probability, high-impact events are the kind of things that can break a company.
I am not an investor in Monzo, so I am mostly worried about the security for someone like me, who uses a non-pattern lock, but who doesn’t like it that the same short numeric pin used for my debit card is all that’s needed (other than access to the phone, of course) to transfer money.
I am not saying it is sensible not to lock your phone and to use your DOB as your pin! I am saying that the world is full of idiots who do idiotic stuff, and that any good security policy will prevent idiocies, not assume that people are smart!
I guess we just look at it differently (which is fair enough). To me, debit card spending and in-app transfers carry the same power and level of risk. And that’s why, to me, having the same protection seems logical and reasonable.
Both spending methods also have additional protections that you’d need to be in physical possession of either the card or the phone (again, these seem roughly equal) and in the latter case, also have bypassed the lock somehow. This, to me, makes the app more secure than the card.
But I’m more than happy to agree to disagree. No doubt Monzo will take on board all points of view and make changes accordingly.
I used to keep that HSBC thingy next to my keys. Then the keys broke the screen. Got another one, but, again, the screen didn’t last long. I was so happy when HSBC finally released an app for that. Of course with Monzo it’s different because you are already using your phone.
I have that in two other banks I use overseas and I hate those tokens so much. I’m always misplacing them and don’t bring it out so I have to wait to get home to do it- and I have to use it to log in, add payees and then again to actually make the transaction. It’s so tedious and I hate banking with them
