Gotcha, I was getting the impression it would be Face, Finger and PIN all have the same limitation.
And the PIN unlock limitation is because you need to access the server to verify that that is correct?
I think provding the options page makes that really clear (it can be a bit convoluted to explain!) then I wouldn’t have an issue with those two approaches.
Maybe the security control page would be better if you actually had three options:
Check with PIN every 90 days
Check with PIN every app open (disclaimer: no internet bad)
Check with FaceID / TouchID when opening the app and connected to the internet
(Rather than the Face/Touch option being a separate menu)
Don’t see being unable to log in without internet access as an issue.
Anything you might be looking to do that would be urgent enough for this to be a problem for you (maybe transfers out, or authenticating some payment) you couldn’t do those properly right now without internet access anyway.
@Jami sounds perfectly reasonable but make sure customers can still get to the monzo phone number, and maybe a link to a monzo.com help page, for those times when their phone won’t connect to the internet (eg they’re abroad and they’ve lost their card and they want to know how to get in touch)
Personally like the change, I can keep using biometrics the same as I do now since I’m 99% connected to data anyway.
Does the pin used to unlock the app have to be the same as the card pin? I can imagine people might like a different one in case of shoulder surfing, and would using a different pin allow it to be stored locally (encrypted ofc) allowing offline auth?
If you have a JA which Pin would be requested? If it’s the last card open on the carousel this could get a bit confusing.
I would assume to be able to work for SCA, it needs to be the card PIN.
That’s a good point - I assume it would be the Personal account, which is treated as the ‘main’ account.
I imagine that SCA allows you to verify yourself ‘globally’ per app, but could cause a problem if you need to do it for both accounts independently (because your 2nd factor is only relevant to one account in the case of the PIN)
That would make sense but there’s a couple of places in the app currently where you are setting account level options (gambling block, fingerprint auth) but the pin requested is the account in context.
From my point of view you also need to be able to cancel the bio at the point it is asked for and be able to put your pin in. Almost all fingerprint screens provide for a cancel which then makes the password/pin screen available
My device sits on a connector (samsung dex mode ) some time and the fingerprint reader is unavailable on the bottom side
I’m confused. Are you saying that by doing this we would not be able to open the app without internet access, or if we have internet access opening the app would also count as a secure auth and therefore start the 90 days counting again?
Whilst for many a guaranteed internet connection is common, it is not guaranteed and making that a requiement of opening the app could be seriously detrimental to those outside of London (other cities are available).
Firstly, by default you’d only need to perform this check every 90 days.
If you decide you’d like extra security, you can decide for the check to be made every time you open the app. If you use biometrics, you won’t need to be online to unlock the app, if you don’t use biometrics, you’ll need to have an internet connection and will enter your card PIN.
Whilst a successful app unlock will reset the 90 days counter, if you choose to ramp up the security checks to every app open, the 90 day counter isn’t really considered. You’ll always have the option to not use these extra security measures if you’re worried about patchy internet connections, and are unable to use biometrics.
The introduction of Strong Customer Authentication, and the legal requirement for people to authenticate every 90 days led us to find a way to consolidate everything into one approach, to avoid people needing to think about multiple PINs and passwords.
From my perspective I like the idea of extra security, I always use biometrics, and I like that every unlock of the app could effectively be an authentication against the :mondo: servers effectively being an SCA authentication, however I also need the best of both worlds that I can get in to the app with the same biometrics check even if the server check is not possible.
Only if I have not loaded my app and unlocked it while connected to the internet for more than 90 days woudl the SCA countdown reach 0 and require an extra authenticaiton (ever so unlikely for most people).
I don’t consider biometric as secure way of transaction verification, but I think it is secure enought for opening the app. I also don’t like idea of entering pin to unlock app itself. So it feels like I have option between security regression and using only fingerprint for both, or being anoyed by entering PIN when I open the app. That is not only annoying but also decress security, since it increase a chance that somebody will see my pin when I will casualy open Monzo. I can open monzo in buss or shop or anywhere when I want to check my balance, I don’t do loot of money transfers in grocery stores, so there is really not much chance for somebody to see my pin
