Unlock on App Open


(Aaron Daniels) #1

I really think that some sort of pin number upon opening the app, or password, would be a good implementation to personal data security.

A lot of people are trustworthy enough to use a simple “swipe to unlock” feature on their phone, or even trustworthy enough to allow their friends and family to unlock their phones.

In doing so, they then are able to access the Monzo app and are able to view all of my transactions (which, usually is something that one might need to or want to hide).

I think that upon opening the app you should always be requested some sort of security question.
One thing that some apps do, is they ask you for a secret word that they then use later on to help log you in.
For example, let’s say your secure word is ‘security123’
The app would then give you three drop downs, full of the alphabet and numerical characters available from a-z and 0-9. It might ask for the 2nd, 5th and 8th character in your secret word. You would then select e, r and y. This would then let you do access anything in the app as normal, until you close or minimize it. Then, upon reopening or maximizing the app… It would again ask you for characters within your secure word… But perhaps different ones. Maybe this time it and for the 4th, 8th and 9th character.

I think this would be good for data protection, security and just general piece of mind in case anyone goes snooping around someone else’s phone…


(Simon B) #2

Hey Aaron, thanks for the feedback!

Locking the app with a PIN is one of the features that’s coming soon as part of our Big List of stuff we’re doing!

You can check it all out here:


(Aaron Daniels) #3

Awesome! Thanks for letting me know… And apologies for not researching this as much as I thought I had :open_mouth:


(Dave) #4

Yeah its a good idea. I use this feature on my samsung s6 for apps like banking etc which require a 6 digit pin for opening. Im not sure if it is available on all android phones.


(Kieren) #5

Am I right in thinking this will only be used as failover if you prefer touch/Face ID on iOS?


(Rob Crawford) #6

Personally this sounds like a nightmare and something that I would expect from a legacy bank.

I hope the PIN lock for Monzo is optional as I prefer to just use Touch ID when unlocking my phone. I can’t think of the last time I gave somebody access to my phone without being present, and can’t imagine ever handing my unlocked phone to somebody if I suspected they were planning to steal money from me… :joy:


#7

For some it is not the worry of someone intentionally trying to steal money (which not going to happen) but them accidentally getting access to your personal financial history.


(Rob Crawford) #8

As I said, I hope the PIN lock is optional. I can’t speak for everyone but I find it hard to imagine even this scenario being an issue. My transaction history isn’t as exciting as I might hope.


(Andre Borie) #9

The app would then give you three drop downs, full of the alphabet and numerical characters available from a-z and 0-9. It might ask for the 2nd, 5th and 8th character in your secret word. You would then select e, r and y. This would then let you do access anything in the app as normal, until you close or minimize it. Then, upon reopening or maximizing the app… It would again ask you for characters within your secure word… But perhaps different ones. Maybe this time it and for the 4th, 8th and 9th character.

Ask some actual security experts and you’ll realize how useless and insecure this idea actually is. Legacy banks do it on purpose to maintain a “security theatre” scenario but it is by no means secure, and actually makes it worse by preventing password manager usage. :wink:


(Kevyn) #10

I hate this about legacy banks. Does nothing to secure my account other than to slow me down entering it.


(Hugh Wells) #11

Agreed. It also then tends to lead to people doing silly things like saying the password to themselves whilst trying to work out what each character is, or writing it down on a scrap of paper.


(Jack) #12

I think the most important thing to remember here is no one can take money from you without your cards pin, the worst they could do is see what transactions have occurred.

I’m curious to find out if we will be using that pin to get into the app or a totally different pin :face_with_monocle: I guess all will be revealed soon…


(Andre Borie) #13

I’m curious to find out if we will be using that pin to get into the app or a totally different pin :face_with_monocle: I guess all will be revealed soon…

I just hope it is optional and isn’t enabled by default, otherwise I might consider jumping ship to a bank that doesn’t enforce such nonsense (thankfully we now have some good competition in the modern bank market).


(Jamie 🏳️‍🌈) #14

I don’t get why people are desperate to lock down their banking app with ridiculous layers of security theatre, on the pretext that someone might see a list of transactions, yet allow folk access to all the photos, browsing history, Uber ride locations, Amazon orders, email, Twitter and Facebook accounts, all of which contains sensitive and potentially life–destroying data.

Get access to someone’s email account alone and that’ll have potentially more harmful repercussions.

In short, your phone carries a hell of a lot more personal data than just your Monzo app. Secure your phone well enough, and you don’t need to double–lock any other app.