The Monzo Weekly Diary 2.0


(Kavi Dhokia) #26

Hey

So @zancler has let the cat out of the bag, but I can officially confirm that I am indeed the newest member of the Android team at Monzo! :tada:
I may have only been around a few weeks but I’m already having a great time working with the ridiculously talented people here, and am pretty excited about some of the cool stuff we’ve got planned… :100:

The past couple of weeks for me have been spent getting familiar with how bank things work behind the scenes, getting into the technicals of how the app works, and basically just admiring the general wizadry that makes Monzo so great. (As well as using all the emojis :sweat_smile:)
Perhaps more excitingly though, I’ve also been working on bringing Monzo.me support – and bill-splitting – to the Android app :money_with_wings:. It’s almost ready to go and should be dropping in the app soooon :clock11:.

I guess you’ll find me lurking around here from now on, but you can get at me on Twitter as well if you’d like.
Oh, and don’t forget to drop your awesome ideas on the Extraordinary Ideas Board!

@matt, you’re up next. :v:


#27

and Kavi you can also find us on Slick


(Andrew Schofield) #28

I think you meant the Extraordinary ideas board :stuck_out_tongue:


(Matt Heath) #29

Thanks @kavi, apologies I was away last week :wink: :skier: :mountain_snow: but I have a bumper update for you this week! :dancer:

Hi everyone! :raising_hand: I’m Matt, and I work as a Backend Engineer on our “Core” team where we focus on the systems and infrastructure which power Monzo :tools:

Recently I’ve been building our integration with the Faster Payments network :moneybag: which will let users of our current accounts :soon: send money to other banks :money_with_wings: This has been super interesting for me as it’s involved a huge range of different things - from networking :electric_plug: (in our physical data centres! :flushed:) to deploying messaging systems like IBM MQ to move payment messages :envelope_with_arrow: and finally our business logic which runs as a set of micro services in Kubernetes :cloud: We finally went live as a direct member of Faster Payments last week :tada: so since then I’ve been testing with a few members of the team - sending money back and forth to the other banks! :bank:

This week I’ll be working on a few fixes :hammer: for one of our asynchronous messaging systems to make it a bit more efficient as we grow :chart_with_upwards_trend: then some upgrades to our Bacs and CHAPS payment systems :money_with_wings: and finally some VPN configuration which involves establishing VPNs from our physical data centres into the Kubernetes overlay network :satellite: that’s meant I’ve learnt a lot more about TCP and BGP :books: I’ll also be speaking about our use of the [Go] (https://golang.org/) programming language tomorrow at QCon London if that’s your kinda thing :wink:

Next up I’d love to hear what @ole is up to! :wave:


#30

Is that as a “Direct Participant” at the heart of the FPS system? As while I saw announcements that Metro Bank and Starling had joined I had not seen such an announcement about Monzo.

Or is it just directly connected without using an agency bank?


(Matt Heath) #31

Yes, we’ve joined as a “direct participant” :slight_smile: No announcement as it’s not live for customers, but it will be as soon as we launch our current accounts :soon::bank:


#32

Great news. Congratulations.


(Marta) #33

I would like to give @matt our community award for highest % of emojis used per 100 words in Weekly Diary series. :smiley:


(Matt Heath) #35

Dreams can come true :heart_eyes: :trophy:


#36

There’s a statement that sums up Monzo for me. It’s not available to customers so they don’t make a song and dance about it, unlike some other banks.


(Andrew Schofield) #37

I’m gutted I couldn’t make it to QCon this year otherwise I’d have been there :thumbsup:


(ole) #38

Thanks @matt! Since my last update we have had a reorg and I am now heading up External Product but the objective remains the same: build the best possible banking apps for iOS and Android :muscle: Currently that means two things: preparing for the current account and when we have time left, improving the prepaid card.

On the current account side of things, we are working with the designers on preparing spending overview and targets for salaries and recurring payments :bar_chart:. We might also get an extra category or two which is something many of you have requested :pray: We are also tweaking the signup flow and are ready to start user testing our terms & conditions page :eyeglasses: (I know that sounds super boring but we believe that our customers should be aware of the terms they accept so we’ve put a lot of effort into writing and presenting them in a way that is easy to digest).

For the prepaid card, we recently launched a super simple version of bill splitting (we call it version 0). The uptake of the feature has been very promising so we are eager to improve the experience for when you split with other Monzo users.

That’s it for me for now :wave: Next up let’s hear what @tapas is up to!


#39

This is going to (possibly) please a few people :joy:


(Tapas) #40

Thanks @ole! As always doing a stellar job on the product. :thumbsup: :rolling_eyes:
:stuck_out_tongue_winking_eye: love you really!
Wow! Feels like ages since I’ve posted on the community since my last post way back in yesteryear! :clock:

Since, lots has happened and Monzo has grown! :tada: I’m not sure what I’ve been getting up to really to be honest! All things Monzo and all things Monzonaughts really! We’ve had some extremely busy weeks with some not so great outages recently but as ever we’ve worked hard in the COps team to make sure that we are as responsive, transparent and informative as ever! We can definitely do better though so we’d absolutely love to hear about how if you have ideas :bulb:

Recently I’ve found myself contributing to the overall vision and construction of our COps team with lots of time spent speaking to potential candidates to join our team and working closely with new joiners and bringing them up to speed with all things Monzo support which is interesting! Have you got what it takes to join the team? Check out the careers page here.

I’m spending lots of time too on investigating the tricky queries we get and working alongside the team to ensure we get to the bottom of every issue or problem that gets queried with the COps team!

I’m working on a blogpost to come :soon: too :wink:

I’m interested to find out what my man @Sam is getting up to! Over and out team! :heart_decoration:


(Samuel Michael) #41

Thank you Tapas!

Hey people! sorry, it has been a while :wave:

Amongst other things, this week i’ll be working on the new debit card carrier letters you receive when opening or migrating to a Monzo current account. Here’s a little breakdown on how I’ll approach the task.

First things first, I like to list out the various use cases. These are basically the different situations people receiving cards will be in.

1. People that have a Monzo pre-paid card and want to migrate to a Current Account
2. Fresh users signing up for a Current Account
3. Replacement cards

With these listed I can start mapping out the path for each, starting with the current state of the App. i.e What can the user see when they open the App? I know @zancler is currently working on a prepaid–current account migration flow which could influence the design of these letters, so I will be tapping his shoulders later to see what’s what :soon:

Then the fun bit begins. I start coming up with ideas and rough concepts on how these letters might work and involve @tristan to help think about copy and experiment with different formats, layouts, shapes and sizes until I find a solution that works best.

So then hopefully we can make these a little more delightful than the Alpha and Beta version you may have already received. :crossed_fingers:

I will share some sneaky peaks soon! :soon:. Please bug me if I don’t (I really need to up my forum game!)

I pick @daniel for the next update when he has time! :raised_hands:


(Ben Taylor) #42

Hi Anthony

I only joined very recent and am Impressed with The Monzo App and service. I work at Deutsche Post DHL and look after London for Account Management and Development. I deal with banks and investment companies for distribution and solutions such as Expedited and Post for International deliveries and U.K. I also deal with EPost and Post Ident for Germany. I am not sure if my knowledge would help but happy to provide some ideas. No problem if not I am a customer really just enjoying the Monzo app and service. Good luck with the role.


(Marta) #43

Everyone is invited to throw their 5 cents here. Welcome and enjoy your stay! :smiley: :mondo:


(Adam Hockley) #44

@Sam Sneeky peaks as promised :blush:


(Adam Hockley) #45

@daniel u forget to post


(Daniel Chatfield) #46

Firstly, sorry for the delay in writing this and thank you @naji for reminding me. I’m an engineer in our Financial Crime and Security team.

Payments on the prepaid card are processed by an external card processor. Over a year ago we started the project of creating our own Mastercard processor. This will give us the freedom to do many things that are either more difficult or not possible with the third party processor. These are some of the things I’m looking forward to experimenting with (disclaimer: there is no timeline for these):

  • Different card numbers on different interfaces on the card, e.g. a different card number on contactless and embossed on the front. This helps protect from fraud as details stolen from the contactless interface would be useless to a criminal.
  • The ability to create virtual cards from within the app and use them online.
  • Push notification > Click to approve 3D Secure flow
  • “end to end” encryption of PINs (see below)

As a bank we look after a lot of sensitive data, including PANs (card numbers) and PINs and I’d like to share some information about how we will protect these.

We run hundreds of services in a microservices architecture but only a very small number of services will have access to raw PANs and PINs. This reduces the attack surface and makes it easy to focus efforts into layering lots of additional security measures around those services.

We are able to restrict the number of services that have access to raw PANs and PINs to a very small number because we tokenise all sensitive values. Essentially that means we replace the sensitive value for a “token” that can be passed around dozens of other services but can only be converted back into the raw value by one of the “maximum security” services.

Suppose a user enters their PIN into the app to authorise changing their phone number. The PIN is then sent over an encrypted connection to the internal API where it is forwarded to the phone number service which retrieves the PIN token from the PIN service and gets the tokenisation service to verify that they are the same.

This is perfectly secure, however as part of defence in depth it is prudent to layer an additional security measure that means that the phone service and internal API don’t have access to raw PINs.

The way we plan to do this is by giving the tokenisation service a public / private keypair and then the app will encrypt the PIN such that the internal API and phone service never see the raw PIN and the encrypted data can only be decrypted by the tokenisation service.

Next up I nominate Fred Jónsson


MasterCard SecureCode / 3D Secure
Online Virtual Cards
How easily can the big banks replicate the Monzo experience
Competitor Update 2
Competitor Update 2
Starling Discussion & Feedback
Card Security
Competitor Update 2
Switching from the Preview's Debit Cards to the Final Generation of the Card
Online Virtual Cards
The Next Step: Current Accounts!
Virtual / Disposable Cards