Update: App Logout Issues

I just wanted to give an update on where we’ve got to with the logout bug that many of you have been experiencing.

First off, a massive apology for the amount of bother this has caused. It’s really tedious having to sign in every time, and isn’t something you should really ever have to do more than about once a year (i.e. when you first sign up or get a new device). This issue has been compounded by email delivery issues, which are being addressed separately.

I also wanted to say a big thanks to everyone who reported the issue, sent bug reports, and even did some in-depth sleuthing (special shout-out to @RichardR)

tl;dr We’ve found a reproducible cause for logouts and are shipping an update to TestFlight today and the App Store next week.

We now believe we’ve found the cause of logouts for the majority of people.

First, TestFlight: as some alpha testers found, the widget (Today Extension) caused a logout. This was due to a mismatched version number between the widget and the app. We use version numbers as part of our database schema versions. When the app attempted to access the database after the widget, it found its schema version was lower than that of the database, causing the database to be cleared, and thus a logout.

For the majority non-TestFlight users, a more subtle issue was present in which we were firing an event that attempted to access our database before it had been migrated for a schema change between version 1.6 and 1.6.1. Normally, this should succeed (if the database is not migrated, access simply returns nothing), but for a subset of users this was causing an exception to be thrown and, again, a logout. We’ll investigate what the conditions are that cause this to fail for only some users, but either way this bug is now squashed

Finally, an issue that @RichardR highlighted with background refresh: whilst we couldn’t reproduce it, background refreshes don’t currently have a guard to check keychain accessibility before running. If a device’s keychain became inaccessible, it could in theory cause loss of access to authentication tokens, leading the app to believe the user should not be logged in and show the login flow. As a precaution, background refresh is now additionally guarded.

We’ve also added a bunch of extra metrics around keychain and database failure modes and lots more tests. We’re shipping an update to TestFlight today (assuming all gets approved in good time) and an update to the App Store next week

Huge thanks again to everyone who got involved in figuring this out, you folks are all awesome

Thank you for persevering. It remains annoying beyond words. Not long to get the fix though. Appreciated.

Great to hear these are being fixed so quickly and that my time screwing around with the app in the early hours of the mornings was not wasted.

Unfortunately, the background refresh issue was very temperamental on my side too. It would never occur when I was observing the device. Seeing that you believe it’s an issue with Keychain locking, it does explain that though. In my intense testing, the device was unlocked or connected to a computer with an active pairing record, etc. but at the times I experienced it, the device was locked and had been for a while. I’m not entirely sure how the iOS Keychain responds to device locks and unlocks but it roughly matches what I experienced.

I can sadly confirm that while the latest TestFlight build fixes the Widget and decreases the frequency of background logouts, I’m still experiencing them very irregularly.

Is there any better way I can get logging for just the Monzo app? As cool as the new logging system in iOS 10 is, iOS logging in Xcode is fairly annoying on the current betas due to the biometrics debugging spam that also causes the device to get noticeably warm.

My Wife and I just encountered this bug ourselves. Not running testflight.

@anon4562461 Thanks for the feedback! Just to clarify, this update has not been released to the App Store yet, so this bug is unfortunately still present in the App Store version (1.6.2). The fix is in the next release (1.6.3) which we plan to ship net week

@RichardR Cheers for letting us know! Hopefully when iOS 10 goes GM the iOS log spam will go away… For data security, all logging and caching (unless encrypted) is disabled in Monzo production builds. We’ve found that connection failures when the app is fetching OAuth 2 refresh tokens can lead to logouts on occasion, and have some work planned to address this specifically

I’m hoping the spam will go too, makes the device nearly unusable when the devices window in Xcode is open. Completely understand and expected the lack of production logging too. I was wondering why I could only find the bare minimum app suspend/resume logging. Less from Monzo than the Wallet app on a non-internal install device and that’s an achievement!

Hopefully this will be all of the logout issues for a while at least.

@james @RichardR. Also still having issues on the new test flight however nowhere near as regular as before

Indeed, it’s a huge improvement. Went from a logout practically every launch to every few hours and now only once so far on the latest TestFlight release!

Indeed. Think it’s only happened twice for me since the new release. Much better

Hmm that’s two times too many! Feel free to DM me any commonalities or reproduction steps, either here or in the Developer Slack. Thanks!

Found this more entertaining than I probably should. Second time experiencing it. No logout before this latest update did it for me.

IMG_5167.PNG750×1334 123 KB

Only real information I have left is that the Today widget was fine and showing an up to date balance just seconds before I opened the app to this logout. Version 1.6.3 #261

Sorry should have put this here maybe?

I’ve just opened the app and found transactions weren’t updating.

I logged out and was sent a login email. The email arrived, however I get a “Connection Problem” message. My options are Try Again (it tries and keeps failing) and Log Out (which sends me another email… that does arrive). I’m now stuck in an Infinite Loop.

Are you having connection problems at your end?

I’m on the Test Flight version that came out today.

Gah. Since updating to 164 this morning I’ve been logged out twice already.

I updated on test flight this morning , on iPhone 5S no issues, not had many issues at all over 9 months certainly not had the numerous logout issues some seem to be having.
edit - I never log out on the app

I updated to the Test flight version as soon as it was released and just experienced my first logout.

Can the email login thing not be a user selectable option. I never see the need to log out of the app - I’m quite happy having only touchID security on it.

And further logout experienced yesterday evening - which was very inconvenient as I was on the Eurostar and coverage was patchy an so it took a while to send and receive the necessary login email and response…

Can you confirm what build of the app you are using? (Card -> Profile -> App Version)

I ask as I have not been able to reproduce any of the existing publicly known logout issues as of version 1.6.3 #264.

IMG_2255.jpg720×1280 73.3 KB

'Nuff said

P.s. It is the version from TestFlight if that makes any difference…