Stop offering Faceid authorisation for payment

Every time I make a payment, there is a sticky prompt suggesting that I use FaceId in future. Now, I don’t want this, because in my opinion in reduces my security. At the moment, someone who holds me and my phone hostage, or who manages to fool FaceId biometrics, cannot make payments without extracting the PIN number from me, and this is the way I want it to stay.

Please change this prompt to offer an option of, “Don’t ask me again.” If I want to change my mind later, I can change things in settings. At the moment, there is friction at the point of authorising the payment, because I see this prompt and want to be certain that I don’t press it by accident…


Unless you’re a Guantanamo inmate I don’t think you need to worry about someone holding you hostage and extracting your bank PIN…

Do you mean when you use Apple/Android wallet to make a transaction?

1 Like

How does it reduce your security?

How does someone know whether you have PIN or FaceID setup on your banking app to make you more or less of a target?

There’s a big increase in pin based fraud taking place. With people shoulder surfing at various points to try to catch your pin.

Sure, it may not happen, but it’s a hell of a lot more likely than someone “fooling” faceid which I believe has only ever been accomplished once and cost vast amounts more than someone trying to just steal your money.


If someone is holding a knife you’ll give up your pin.

Having FaceID on and closing your eyes will mean it doesn’t accept you, but I think it’s highly unlikely you’ll shut your eyes and screw your face up if confronted.

1 Like

Not an issue for Bubba Sawyer *precariously changes faces

I honestly believe if you’re being held hostage, your Monzo account will be the last thing on your mind.


There is the crux of the matter. It is just an opinion and not a fact :slight_smile: I don’t see why the app should be changed because your opinion is not based on facts?

1 Like

Cuz the internet. :upside_down_face:


Hostage taker: Show me your face I want to log into your Monzo app and take all of your money
Hostage: No you can’t I have a PIN
Hostage taker: Ok, you’re free to go - sorry



to be fair though I can see the OP’s point if it is a constant popup enticing you to use Face/Touch ID

1 Like

That part is fair, I was only jesting with my last comment.

Is this something to do with the recent-ish, strong customer authentication procedures banks have been forced to implement perhaps?

1 Like

It’s not a pop up. It’s just a toggle there and the keypad is blow as normal.


But it is a correct opinion for the OP.

Have you guys ever heard of ‘threat models’? Every person’s threat model is different. Joking around is nice and all, but if this person’s threat model is what he says it is, maybe it’s actually a serious matter?

Now, individual threat models aside, faceID can be less secure than a PIN generally speaking, as snatching a phone from someone and flashing it in front of their face could result in the attacker possessing a fully unlocked phone.

You can sing “it will never happen unless you’re in Guantanamo” all day long, until it happens to you or someone you know.

But here, it is Monzo that decides on the default threat model. AND provides a choice. It should not be up to consumers to decide on a banks threat model.

Oh is that it? So it’s not a pop up?

I’m not sure where the issue is then.


Monzo has its own threat models, but the important point under discussion here is the individual (customer)'s threat model. More often than not when we discuss threat modelling it’s about an end-user, not about the service providers.

I think the issue is that the OP finds the permanent placement of a less secure option is a) annoying and b) potentially (at least that’s how I understand it) at a position where one might tap it by accident.
I am not familiar with that screen (no faceID on my phone and I don’t use PIN for transaction confirmation) so I can’t tell to what extent (b) is a legitimate concern, however I understand the annoyance of an option that you’ll never ever want to use being shown to you over and over again.

1 Like

It is not less secure.


If someone has abducted me to the point where they can manipulate my eyeballs to look in a specific direction for Face ID to work, I would have given them my PIN at a much sooner point than that.


I’d just give em what they wanted at knife point tbh. I would wanna see the knife first though. No banana under the jumper kinda hijack.