When u were on the plane??? Or you saw it when you landed?
I did an offline payment but I didn’t get a notification it just showed up a few days later.
A few days later when it was presented. No push for the authorisation (that wouldn’t be possible) but on presentment there was. I think. Now I’m doubting my memory…
Could you reply and answer my queries about Monzo security and fraud protection
(fraud question added to wiki about now)
Thanks
I feel some building societies are better maybe? I feel that banks/buildings societies have more resources maybe…
Additional questions as current post maybe too long to read for some users… 
Fraud protection
Could you go into more detail about this, as I think you don’t have a passcode on the app itself?
I appreciate others have explained why this should or shouldn’t be an issue. However I view it like a house, you have a good lock on the front doors/back door (access codes to the phone), but you might keep your valuables (monzo/pictures) in a safe (additional passcodes)?
There is a partial trade off usability vs security
Q: Should you use Monzo, if your security and privacy are more important to you than convenience?
A: Given that Monzo make it very difficult to revoke API access, don’t have pin protection for the app (on Android), show previous security questions and answers visible in the app (which is usually unprotected), and a number of other issues, it seems fair to conclude that Monzo generally prioritise usability and convenience over security and privacy. Thus, if you do not share this view you may consider alternative options instead.
If I was to invest in Monzo, how are you mitigating costs if fraud happens and people make off with mine or others money? I appreciate you have reserves as mentioned here
“…a very small proportion of your money (around 10% of total deposits) will be lent to Monzo customers in the form of unsecured personal overdrafts.
The rest sits in cash in our Reserves Account at the Bank of England or be used as collateral for payment schemes.”
Monzo Investment Ethics
1 Like
No one seem to want to reply to answer the questions. Hopefully Monzo will be secure and I can start using it.
All the best with it, looks like a good service! 
This struck me - we do have a super computer in our pockets - in fact one iPhone X has almost as much processing power as all of the Cray 1 supercomputers sold! There were a hundred or so. It cost over $8 million dollars, used over 100kW of power and weighed over 5 tonnes!
1 Like
Thanks, just would like some of the questions, answered i.e. “very difficult to revoke API access, don’t have pin protection for the app (on Android), show previous security questions and answers visible in the app (which is usually unprotected), and a number of other issues”
You can contact us and we can revoke it on our end 
There is a fingerprint lock which uses the Android System APIs. This may fall back to PIN/password but I’ll check what in possible here.
We are aware of this, thanks
Sorry to hear that - which are those?
1 Like
‘Aware of this’… we know that 
You could do better than this. How about saying sorry we will be working to resolve this issue in future.
When are you planning to implement this in-app.
2 Likes
Well maybe they aren’t gonna fix this. They’re responsible for any eventual fraud and they’ve decided that the risk is low enough they’re happy to take the loss should it happen. What’s the problem for the customer in any case? You’ll get refunded if bad things happen. 
2 Likes
Well, then Monzo should say so if the intention is to not do anything.
1 Like
Apologies if that seemed short.
This is something that has been raised many times before, and again recently. The Security team are aware of this and I will let you know as and when there is an update 
Unfortunately, because we use a 3rd party to handle chats this means it isn’t quite as simple to build the obvious solution to this (a pop up UI element to enter your DOB that returns a true/false to COps)
You keep coming back to this. But it avoids the actual issue: Some of these things (API revocation, lacking app protection, in particular) aren’t in my mind about potential monetary losses. They are about the potential for data leaks. Monzo can’t really make a refund for someone stealing my data.
I’m assuming, that when talktalk had their breach a while ago, you used some not-so-friendly words to describe them? Including, I imagine, one beginning with ‘shi’, ending ‘tty’? I’m sure you had some less than supportive thoughts about talktalk having a SQLi vulnerability?
Having API access that is not easily revocable by the customer (and going via customer support is NOT easy) in particular, is quite similar to SQLi vulnerability to my mind, because both are well understood, not rocket science, and easy to fix.
So, why should we hold Monzo to a weaker standard than TalkTalk?
2 Likes
Agreed! We’re aware that contacting COps adds unecassary friction for what should be a simple task 
I’ve checked and it is something we’re building as part of wider GPDR related so keep your eyes peeled 
Thanks again for keeping this on our radar 
5 Likes
That’s really good!
Still a shame, because it should’ve never been released in this way!
Not for me, I was told not possible.
Wow! That’s something that I would’ve made a formal complaint about, and if that hadn’t resolved it, I would’ve taken it to the relevant obudsman/authorities. Being told you can’t revoke API access (whether true or not) is pretty low, to be honest!
1 Like
I asked to revoke access to my account from an app and was told to contact said app direct and ask them to remove my details… 
EDIT:
I did that and the account appears closed but I have no idea if they are actually still linked to my account.