Security
Take Five - Stop, challenge and protect yourself against fraudsters
How we're building moments of pause into the Monzo app to help protect customers from fraud and purchase scams.
A trio of industry-first security tools to help stop fraudsters in their tracks
We're focused on giving customers protection and peace of mind to make Monzo a safe place to manage your money. Find out how we're achieving this with our latest release: a trio of industry-first security tools
Scaling our security detection pipeline with Sigma
Detective controls help us monitor our systems for unwanted behaviour, but since writing our first detection rules, our company and team has grown. This post explains how we scaled those detection rules using Sigma and have open sourced our tooling.
Humans who can RPC: securing staff access to 2000 microservices
With over 2000 microservices and lots of Remote Procedure Calls (RPCs) that are constantly changing, we needed a new way to manage staff access. The Security Platform team explain how we now define RPC permissions directly in proto files.
How we secure Monzo’s banking platform
Our Security Infrastructure team introduces the principles we follow to build security in Monzo’s fast-moving engineering environment and how they work with other engineering teams to keep our customers and platform safe.
Securely delegating trust with digital signatures and secret storage systems
This post explains how our public key infrastructure uses a combination of different secret storage systems to implement a balance between security assurances and usability.
How we protect our most sensitive secrets from the most determined attackers
As a bank, we have private keys and other 'secrets' we need to protect, to keep our customers and ourselves safe. Our security controls work together to stop even the most determined and capable attackers.