What do the cops actually see?


(Danny) #1

So as the title says, what exactly do the COPS and or other Monzo staff see on our account and what do they have access to in regards to our balances, spending and other personal info such as contact details and wages/employer details?

Is this info locked, how is protected from ‘prying eyes’, are there access logs to see who viewed what and are they regularly checked against contact logs from us?

Is access granted based on a limited time period after us clearing security and if so how long is this access granted for?

EDIT 1:

To add to this do your laptops, main machines that the cops use have things like privacy screens on them to prevent visitors seeing info?

I noticed on a thread that you use MDM on Macs, is this just for pushing software etc or does/can our data get accessed externally and if so how is this protected i.e. is there remote wipe, RSA/2FA tokens etc?

EDIT 2:

Is it possible to add an alert to the app to show that our file has been view by a Monzo staff member and a note as to the reason why this was viewed?


#2

Interesting question.


#3

Interesting questions, I have my theories from working in finance.

Never had a customers account lock after a set time, but I don’t work in banking.


(Lance Rumbolt) #4

Maybe the new GDPR rules cover a lot of these questions? If it’s like a legacy bank then with the customers permission they can see everything.


(Tom ) #5

This is really interesting question, and one I kept meaning to ask.


#6

Be good to see some comms on this… maybe an open office or Monzo insider? With personal details redacted of course.


(Danny) #7

Doesn’t @Naji @simonb or @tristan do the open office stuff?


(Danny) #8

Corr I hope there is a nice reply coming up from Monzo on this as it’s been a while :upside_down_face:


(Super-cali-fragi-listic-expiali-docious) #9

Interesting, I’ve contacted them once about a transaction and they instantly knew what transaction I meant. It would be nice to know how much they have access to :thinking:


(knows someone who knows Tom quite well) #10

You mean I need to change the name of my pots?


(Daniel Warriner) #11

Somebody better warn @Danny


(James Murray-Ferris) #12

Assumidly that’s because you hit a problem on the transaction screen so linked it in the support case


(Danny) #13

When ever I have done that I am always asked what the transaction is as if intercom and the app are not linked, this may have changed though…


(Danny) #14

:eyes:


(Harry) #15

I don’t know why COps at Monzo wouldn’t see the same stuff as most legacy bank customer service teams and I hope they would follow the same standard, for example:

I worked at RBS in the call centre way back when. When a customer phoned and verified their identity I was able to view their complete transaction history, full name, DOB, address, previous address, most recent salary that we were given etc. Obviously when taking on a role like that there’s various bits of paperwork you have to complete to ensure data protection and the accounts were always tracked so if you entered a customers account without permission this would’ve been flagged. When the call ended we would manually leave the account to go onto our next call (in Monzo’s case I assume when the chat ends they would leave our accounts).

I’d be interested in your other points through around where they can access this (e.g. from home?) and how is that protected from family members / friends looking over their shoulder :eyes:


(Simon B) #16

We have access to all the information on your account that you’ve mentioned. Without that, we’d simply be unable to do our jobs.

Yes, we have access logs - we don’t balance them against contact logs because not every check of an account happens in response to contact from the customer - there are all sorts of reasons why we might need to look into an account pro-actively, including financial crime reasons, people affected by fraud rings, people who might be identified as being affected by bugs, people who might have reached out via other third party means, ongoing issues that we need to check over time (not just as a one-off) etc.

Regarding privacy screens - COps within the office work in a secure area where visitors are not allowed. We have provided privacy screens for people who regularly work outside of the office. That said, if a random person were to see our screens, they wouldn’t learn much without understanding our interfaces and what each area of our backend support UI represents. It takes quite a bit of training just to teach us what everything looks like and how everything works in relation to everything else, so if you hadn’t gone through that you would quite frankly be quite lost! We have a strong culture of locking our screens whenever we’re away from our machines and if you leave your machine unlocked in the office and someone notices you will be made to purchase donuts for everyone as compensation :grinning:

I don’t know the technical aspects of MDM but we’re able to remotely wipe a device should it get lost, for example.

Alerting the customer that their account has been viewed is not only a very bad idea, but it’s also illegal under “tipping off” regulations. It is against the law to provide a user who is suspected to be engaging in financial crime with any reason to believe you might know about their activity, in any way shape or form. This obviously still applies even if there are false positives and it ultimately turns out there is no financial crime happening.

Ultimately it comes down to you trusting us as your financial provider, just as you would with any other bank or service. Getting a job at Monzo requires a high level of vetting and trust from the company to us as a member of staff, and part of that trust is to not do things that would in any way damage the company or it’s customers - I imagine this is a similar culture to Facebook or Google, who know much more about all of us than a financial company would!

Hopefully that answers all of your questions! :grinning:


Simple Questions Thread (Newbie friendly 🙂)
(Kevyn) #17

I’m also guessing there is an internal audit trail of the accounts accessed by staff in case of malicious lookup use by staff. Some NHS workers near me have been dismissed for looking at their friends or families medical records when they have had no reason to look at them.


(Danny) #18

It does indeed sir thank you :slight_smile:


(P Burrows) #19

It’s funny you mention about buying doughnuts as compensation, I work in a legacy bank customer service team basically doing the same this as cops.

If we notice someone leaving their screen unlocked We use a keyboard shortcut to flip their screening side down! :grin::joy:

Granted if they keep doing it… then it’s a disciplinary :man_facepalming::frowning:


(Rika Raybould) #20

To fill in the blank from SimonB’s excellent (IMO) response, we take multiple approaches to protecting customer data at the endpoint (or laptops in this case). For a start, user data is not downloaded as part of regular operations.

In cases where we must download user data to complete a task (for example, a technical specialist or engineer generating a list of accounts affected by a particular bug for the purpose of sending out messages), only the bare minimum required is downloaded (in this case, we would only extract a list of user IDs, the same that you see in the API starting with user_00009) and the data is removed immediately after.

Additionally, all local storage is fully encrypted and access to our systems is protected by multi-factor authentication. While the ability to remote wipe a computer is used, there should be nothing of value stored on the computer itself in the first place. Even as a technical specialist, the most sensitive data I have on my laptop right at this moment is my own payslip from last month. :slightly_smiling_face: