Comment

Monzo adds friction to fight fraud—but the features may not be popular with customers

Benjamin Hatton assesses how customers may react to Monzo’s new optional security initiatives.

Credit: Ascannio / Shutterstock

Monzo is introducing new security controls to combat rising fraud, although concerns around the viability of two of these measures suggest uptake may not be strong. GlobalData’s 2024 Financial Services Consumer Survey indicates that 12.8% of Monzo customers have fallen victim to fraud in the past three years—higher than many top competitors, including NatWest, Lloyds, and HSBC.

GlobalData’s 2023 Financial Services Consumer Survey

According to GlobalData’s 2023 Financial Services Consumer Survey, Monzo’s customers were the least satisfied with their bank’s fraud protection measures last year compared to other major competitors in the UK. As stated in the authorised push payment (APP) Fraud Performance Report, published by the Payment Systems Regulator, Monzo ranked highest for volume of APP fraud sent per million transactions with 141. Monzo has not signed up to the voluntary APP fraud code, although it will be mandatory in October 2024. In GlobalData’s 2024 Financial Services Consumer Survey, net satisfaction for fraud protection at Monzo increased marginally to 90%, suggesting previous enhancements to the bank’s security (such as its call status tool to identify fraudulent callers) have already improved customer relations.

Known locations, trusted contacts and secret QR codes

Monzo’s new optional security controls make customers specify a daily limit for bank transfers and cash withdrawals above which these protocols come into action. If customers opt to add these measures, they must use two of the three provided features. The first is known locations, whereby users specify trusted locations, such as work or home, to which they are limited geographically to make transactions over this limit. This measure cuts the window of opportunity for scammers (if consumers are out, they will not be able to facilitate a transaction). It ensures they are in comfortable locations where they would be most aware of attempted fraud. 

The second is trusted contacts, for which a friend or family member (who must also be a Monzo customer) needs to verify the safety of a transaction exceeding the limit. The use of trusted contacts to approve transactions should lead to fewer fraudulent transactions due to peer review, which Monzo calls a ‘sense-check’. However, this feature brings privacy issues to the fore, effectively asking consumers to share financial information with friends or family. It is unlikely consumers would ask people to verify certain transactions over a limit, most of which will be for genuine, possibly personal, matters. 

The last is a secret QR code—stored on a separate device or printed and then scanned in the Monzo app—to approve these transactions. This adds a layer of defense beyond one-time passwords, deepening security. However, necessitating the QR code be stored on a separate device seems a significant barrier to uptake as very few consumers tend to carry or use two devices. Moreover, given the broad digital shift in consumer behavior (many younger consumers—Monzo’s target demographic—do not even carry a wallet), it seems unlikely they will be willing to carry around an extra piece of paper. If they were to print a QR code and leave it at home, this measure becomes the same as known locations. 

Benjamin Hatton is an analyst, banking and payments, GlobalData