Web / Online Banking 1

You could log out of your app and let her log in?
The downside is that you may not get your phone back for a few days :rofl:

I’ve had a few offers of help @crablab , however I’m still trying to decide the best way to go. I’ll give you a heads up when I get round to “working” on it rather than mocking-up haha!

I’ve been looking at Google Firebase, using NodeJS Functions - Authentication is handled by Google, which would request user tokens, and store them against a user account they make on whatever I come up with, stored on google servers, limiting the chance of any exploit and access to user tokens and data.

Possibility of using it anonymously too, without an account

2 Likes

Hi guys,

First of all, thank you for the great work you’ve been doing so far. I am pleased with Monzo and their services.
Today, I got my current account card. The activation process worked smoothly.
Does Monzo have any plans to open an online banking as well instead of just using the mobile app?

Thank you!

5 Likes

Whilst it would be great to have one, I think the point of Monzo right now is that it is mobile app only banking.

2 Likes

Are there specific features you want from a desktop web version that the mobile app doesn’t/couldn’t provide?

This has been discussed here…

2 Likes

Not really, but just the same features available from mobile.

Apologies for the stupid questions, but has anyone written a blog post or data sheet around how to manage the ‘app’?

Questions that come to mind include: does the approach require only one instance of the app (from a security perspective, for example), or is it flexible enough to support two concurrent installations with both having full functionality (say on an iPhone and also an iPad? Legacy mobile banking solutions create all kinds of problems in this area - you’re best to define a single device in my experience).

What happens if a device is lost, breaks, or requires a factory reset, or is upgraded? Is there a massive process to regain control? I’m currently a PP user, but we should all be more concerned with CAs now :slight_smile:

When I factory reset I just had to sign in again (with pre-paid). You sign in by clicking the one-time-link in the email and then the app is signed in IIRC

1 Like

I might be one of the very few who wants this, I haven’t seen anyone else post about it yet. Unless I’m looking in the wrong places?

Monzo is a “Digitial only” bank correct? My only concern and one place where Monzo really falls behind the “Traditional” banks, is that they don’t have an Internet Banking Website. If my phone battery dies or I lose my phone but want to access my bank account for whatever reason at the moment on the CA I’m stuck.

  • I can’t go into a branch (They don’t exist)
  • I can’t log into a website version of my computer (Doesn’t exist)
  • I can’t download a Windows 10 Store App (Doesn’t Exist)
  • I can’t phone up and manage my account as CS is done via the app (If I can phone maybe that should be made clearer?)
  • I can’t go to the head office (It’s in London and I’m sure they don’t want to be pestered)
  • I can’t contact them via Twitter about specific issues (I assume/hope. As it’s not really secure for confidential details)

Having a responsive internet banking website would be awesome for the above scenarios and more. Also if it’s responsive and works on all devices that is an extra leap above other “Traditional” banks. At least Lloyds, Metro, Tesco and Santanders online banking efforts.

4 Likes

You might find this discussion relevant

Funnily enough, that post was at the top of my home screen when I backed out from writing this post! Maybe its a sign :wink:

@edstub207 I moved it here, so your feedback/ideas are together with the rest. :slight_smile:

You’ve just linked to this thread

@anon72173902 It was in a separate thread, I merged it. :wink:

1 Like

and web access would make up for the lack of a Windows 10 app for Windows phone users

The problem with web banking is how do you authenticate… Monzo doesn’t have a password, it relies on initial authentication via email then the security on the mobile device as sufficient proof of identity (since it’s sufficient proof to activate android/apple pay already monzo adding another layer doesn’t add anything).

The web is the wild west… it doesn’t have any inbuilt authentication so you end up relying on things like ‘enter the third and fifth character of your password’. Banks know this isn’t sufficient so they rely on 2FA - mostly with hardware dongles, but some with apps now.

Monzo has a form of 2FA already… the phone. Great. but a major reason often given for wanting a web app is ‘what if I lose my phone’. Well, you just lost your identity. Losing a phone these days is a major deal, which is why you plan for it by knowing how to invalidate all your paswords and logins and bootstrap your identity onto a new phone (something I hope I’ll never have to do, but I have a plan just in case).

But then if you’ve done that, you can install the monzo app… so…

2 Likes

Even Bill Gates has ditched windows phone not sure browser access to Monzo account because of Windows Phone has much worth anymore

3 Likes

I loved Windows Phone, I somehow broke my old one hence moving to Android. But, if they still made new phones and supported it I would have stuck with Windows Phone. Clean Simple UI, Fast and has all the basic functions I personally need. (Social Media, Spotify, Texts, Skype, Discord, Email, What’s App and Slack)

2 Likes

The W3C is working on this and eventually you’ll be able to get USB/NFC dongles that implement it in the same way as current FIDO U2F security keys do.

Hopefully any Monzo web interface will use these methods of authentication rather than the horrible card-reading calculator device all other banks use.

The way it could work is on the web banking portal

  • you enter the email address used to register for Monzo
  • a notification requesting confirmation appears on your phone’s Monzo app
  • you enter a new web-only password on the site
  • you get taken to a security section allowing you to add hardware security keys, TOTP, etc.