Stop pushing Face ID as an auth method for payment

This has been nagging at me, but when you make a payment now, face ID is offered as a better alternative to using your Monzo account PIN? At first, this seems like a good idea but has some security concerns. If you enable face ID for login and payments you’re only as secure as your phone’s passcode. However, with pin entry on payments enabled, you have a second factor. I noticed my wife had this enabled the other day and why wouldn’t you there’s no warning in the UI so people will just do it without thinking. The WallStreet Journal has been reporting on people shoulder surfing to steal phone passcodes A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Life - WSJ with Monzo directly pushing the face ID feature your helping to make your customers account less secure, some one gets the phone passcode and they can empty your bank account.

1 Like

Your device pin and your Monzo pin (should) be different.

If someone is watching you, they need to watch for both. If FaceID is on for both then they’ll never see you enter either of them.

FaceID is more secure purely because someone else cannot watch your enter it and copy your face.

7 Likes

Exactly this. So no “emptying of accounts” could happen because it would need authorising.

5 Likes

This is true up to the point when someone has your passcode and then it’s a free for all. Also it’s still 2 factors vs one factor. So it seems like 2 factor is always more secure

It’s not necessarily more secure, it’s just a better safeguard against that sort of attack.

Card pin is such a weak second factor though, it makes little to no difference anyway.

3 Likes

So pleased we have this discussion again! :popcorn:

8 Likes

If you give someone your pin then nothing else matters does it?

If there’s such paranoia about people seeing your pins and security, get yourself a Nokia 3210 and hide from everyone.

1 Like

Not quite!

For app authentication it falls back to device passcode, but for the transactions it should fall back to your card pin! Assuming they’re different numbers, and they should be, that’s still two step security at worst keeping your money safe.

So having Face ID on or off doesn’t make much difference, but it adds a lot of convenience.

10 Likes

Ah ok if the payment fallback is PIN that’s much better. Almost like you’ve thought this through :grinning:

3 Likes

The number of hours I hid from everyone on my 3210 playing Snake.

4 Likes

Who is “you” here? Us mere mortals skiving on the forum when we should be toiling at our corporate masters’ headquarters; or actual Monzo staff who develop features and functionality but are perhaps less visible on this part of the (Community) forum?

4 Likes

If it’s us, we’ve had a lot of practice! This isn’t the first time this exact concern has been raised, and won’t be last. We know how to quell those concerns (to some degree) now.

If it’s Monzo, yes I suspect they did think it through, but it’s largely an Apple design decision that makes it work in this way. I don’t know how this stuff works on android, might be a different experience there for that reason.

Personally, I’m still not particularly fond that the device passcode plays a role at all here! I think the app should have its own, which is also more standard with most other fintechs in the industry. But that’s for another time and place.

1 Like

I absolutely love FaceID because it provides pretty much no usability barrier at all. Just a quick blue circle and a tick. I’d use it for my front door if I could

3 Likes

:wave: This is something we’ve discussed a lot internally so I thought I’d clarify a few points.

When you enable authenticating with biometrics (e.g. for making payments, as opposed to the App Lock feature):

  • We don’t allow falling back to the device passcode, so we’re not relying on the security of your device’s passcode as a factor. If biometrics fail for any reason, we fall back to your Monzo PIN instead.
  • We require the registered biometrics (registered fingers or faces) to have not changed since the setting was enabled, to ensure that no one else has been added to the device in the interim.

The reason we’re encouraging customers to enable biometrics like Face ID is that it helps protect against shoulder surfing where someone may see you type in your Monzo PIN in public (a real risk as illustrated by the Wall Street Journal article linked above), as well as being quicker and more convenient.

23 Likes

Thanks for clarifying!

I found this section particularly reassuring.

4 Likes

All the more reason to go for an 8 digit passcode on your device rather than the typical 4

Or better yet, with how infrequently we have to enter them these days, an alphanumeric one.

3 Likes