In a bid to protect its users from heightened fraud that is surging in the UK, Monzo announced the launch of three new security features this week. 

Known Locations, Trusted Contacts and Secret QR Codes are the latest security measures introduced by the UK challenger bank as consumers in the country are continually losing money to fraud and scams, and at a worryingly increasing rate. 

The first feature allows customers to choose a certain location such as their home or workplace that they need to be in when making transfers or withdrawing from a savings account, whilst Trusted Contacts enables customers to choose a close friend or family member who also uses Monzo to approve bank transfers. 

Lastly, Secret QR Codes provide a personalised, highly-secure QR code stored on different devices or printed, which customers need alongside their phone to approve a payment or savings withdrawal over a chosen limit.

Whilst these three features will no doubt be welcomed to its customers and potentially attract new customers too, there has been talk for a long time now that enhanced security measures often leads to increased customer friction. 

The Strong Customer Authentication (SCA) measures introduced in PSD2 brought about widespread worry in retail and e-commerce over the increased amount of friction that could impact the customer experience and ultimately lead to cart abandonments. 

James O’Sullivan, CEO & Founder of mobile security firm Nuke From Orbit, praised Monzo’s latest security features, but also acknowledged that there may be concerns regarding user functionality. 

He told Payment Expert: “’Monzo’s new anti-fraud control certainly increases security, but they also introduce additional friction to genuine transactions. 

“The limitation on sending large amounts, depending on the definition of ‘large,’ is likely to affect only a small number of users, which should be acceptable. However, I suspect many users will keep the Secret QR Code on their phones for convenience.

“For Known Locations and Trusted Contacts, the true measure of security will be in how quickly and easily new ones can be set up. If adding a new location or contact only takes a few seconds, the security benefit may be minimal. On the other hand, if it is too cumbersome, users might face difficulties in accessing their accounts as needed.”

Whilst the customer experience is always at the forefront of financial services’ minds, Monzo’s new features come during a time of heightened pressure to protect customers from various fraud attacks.

credit: Shutterstock

No fraud type is more prominent in the UK right now than Authorised Push Payment (APP) fraud, indicated by the Payment Systems Regulator’s (PSR) new reimbursement rules set to come into force in October.

According to UK Finance, almost 80% of APP fraud starts online as Brits lost around £459.7m to APP fraud in 2023. Despite these statistics, the Payments Association has been in a constant battle with the proposed regulation. 

Furthermore, in an ever-evolving financial landscape, Signicat’s recent survey revealed that customers are becoming increasingly more worried about Artificial Intelligence-related fraud, such as deepfakes, which are set to explode in usage in the coming years.

O’Sullivan believes that heightened security measures may prove to be a hindrance and ultimately be the result of new and emerging fraud tactics. 

He shared: “The introduction of new security controls marks progress, but they should not hinder legitimate users. Ironically, increased security measures have led to a resurgence of tactics like ‘shoulder surfing,’ where an attacker spies on an individual to obtain their personal information. 

“Today, criminals exploit the enhanced security to access multiple accounts through a single device.”

Nuke From Orbit looks to protect users’ sensitive and personal data and information from potential physical thefts which is also becoming a common occurrence in the UK. 

O’Sullivan explained how the startup, which raised over £500,000 last March, is looking to raise awareness regarding PIN sensitivity and ensuring users protect their mobile phones better.

He said: “While businesses are implementing these security measures, there is a critical need for customer education on safeguarding their smartphones for financial transactions right from the start. One important aspect is maintaining strong PIN hygiene. 

“Our consumer survey revealed that 78% of people use their smartphones for mobile banking, 51% use them for digital wallets, but alarmingly, 45% use the same PIN for both their phones and mobile apps. 

“Ensuring users understand and adopt these practices will be essential in maximising the effectiveness of the new security measures.”