Tandem App Settings and Security

Qyburn
Qyburn Forumite Posts: 1,494
1,000 Posts Third Anniversary Name Dropper
Forumite
Hi,
I have Tandem set up on my tablet, not really transferred anything to it other than a wee bit to get the account off the ground. I have a couple of questions about the app before I go too far.

(1) Is there a way to configure a password or code or in fact anything in place of fingerprint authentication?

(2) How does the text authentication work? Occasionally it ask for a number to send the text to. I presume that identifies or confirms the account, is that correct, so putting a different phone number wouldn't work?

(3) Does this mean that if another person had access to read a text on my phone they could setup the Tandem app and access the account, no other details needed?

Comments

  • lithosyork
    lithosyork Forumite Posts: 8
    First Anniversary First Post
    Forumite
    edited 13 July at 10:22AM
    1) I don't have finger print on my phone but I cant see a way to do passcode (I've used App Lock on Andriod as extra layer)

    2) Every time I open the app I have to login, I enter my phone number and it texts me a  OTP. not tried with a different number ?

    3) if someone had your unlocked phone and can open the app they can use the app as you, I am not sure if they could add another account (theirs) and TX your money away
  • Eirambler
    Eirambler Forumite Posts: 122
    Third Anniversary 100 Posts Name Dropper
    Forumite
    If you turn off the fingerprint function in your phone/tablet settings the Tandem app will automatically revert to requiring that you input a code that is texted to you.

    To me that doesn't seem like the greatest form of security because if someone can get into the login page of the app on your phone in the first place they can easily receive and enter the code - so I'd try to keep the fingerprint function turned on if at all possible. If you do turn it off then at least make sure that the device itself can't be operated without a password of some form being input.
  • Qyburn
    Qyburn Forumite Posts: 1,494
    1,000 Posts Third Anniversary Name Dropper
    Forumite
    Cheers. I run my savings apps on a tablet, it's not a phone, so without the fingerprint you'd need both the tablet and my phone. Mind you if it works the way I think, some with access to my phone could install the app on something else of their's and verify via my phone.

    Other banking apps you can disable fingerprint login in the app, without disabling it from the whole device, they then revert to needing passcode or memorable information etc.

    Kind of seems like any e who got hold of my phone would be 100% trusted by Tandem. It also seems that if I lost my phone, or lost the phone number, I'd be permanently locked out.
  • nic_c
    nic_c Forumite Posts: 2,884
    Part of the Furniture 1,000 Posts Name Dropper
    Forumite
    Since many accounts use sms text for some part of authentication, losing you phone isn't a tandem specific problem. 
  • Doctor_Who
    Doctor_Who Forumite Posts: 838
    Part of the Furniture 500 Posts Name Dropper Photogenic
    Forumite
    nic_c said:
    Since many accounts use sms text for some part of authentication, losing you phone isn't a tandem specific problem. 
    Chip also uses texts. If you want to 'move' Chip from one device to another you get a text. I know this because I thought I'd setup Chip on my iPad just in case my phone got lost/stolen/bricked etc. However, Chip can only be active on one device and to use it on the other device you need the text message, which is useless if you've lost your phone! Naively I thought it would work like my online banking apps and be fine on two devices.  
    'Compound interest is the eighth wonder of the world. He who understands it, earns it; he who doesn’t, pays it' - Albert Einstein.
  • flaneurs_lobster
    flaneurs_lobster Forumite Posts: 2,781
    1,000 Posts Fourth Anniversary Photogenic Name Dropper
    Forumite
    I've reluctantly taken the suggestion of a previous thread on here and moved to having my two everyday banking apps on my carry everywhere phone and the rest of the 20-odd bank/savings apps (including Tandem) are on a stay-at-home phone. 

    Each phone is secured by biometrics, the banking apps are in a secure folder on the phone protected by biometrics/password, and each app is again secured. 

    There's a Revolut account on there too, only used for Google Pay contactless on phone/watch, never more than £50 in the account.


  • Qyburn
    Qyburn Forumite Posts: 1,494
    1,000 Posts Third Anniversary Name Dropper
    Forumite
    nic_c said:
    Since many accounts use sms text for some part of authentication, losing you phone isn't a tandem specific problem. 
    Tandem is the only one I've seen that only needs the phone number.

    As a test I just installed the app on a device that's never had it before. All it needed was my mobile number, and the text code, and it's into my account.

    Lloyds, TSB, Santander, Nationwide all need login details entered when the app is first configured.
  • boingy
    boingy Forumite Posts: 646
    500 Posts Name Dropper
    Forumite
    I much prefer the apps that "lock" themselves to a device, even if that means you can only run it on one device at a time.
Meet your Ambassadors

Categories

  • All Categories
  • 338.8K Banking & Borrowing
  • 248.6K Reduce Debt & Boost Income
  • 447.6K Spending & Discounts
  • 230.7K Work, Benefits & Business
  • 600.9K Mortgages, Homes & Bills
  • 171.1K Life & Family
  • 244K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 15.9K Discuss & Feedback
  • 15.1K Coronavirus Support Boards