Starling security issue

[Newchodge]

I have used Starling as my business account for some time and have been happy with it.

They have just launched a new mobile layout, which I have trialled. Previously you logged out by pressing the back button twice. Under the new layout pressing the back button once returns you to the phone homescreen but if you then select the Starling icon you are still logged in.

I have ended the trial but now, when I press the back button twice and then selct the Starling icon I am still logged in.

Customer services has just taken a 20 minute chat to understand this is an issue. They state it is normal for the login to remain active for up to a minute after logging out. I have emptied my Starling account. Am I over-reacting?

 

[Darren_Ssc]

I have a Monzo account for small transactions, so never more than £100 in it, and the app is always logged in. I find this quite convenient but, obviously, I am already of the opinion that keeping large amounts of money in these kinds of accounts is not a good idea.

 

[intheTRADE]

I don't use Starling for business but I use it as my personal bank account and pressing the back button twice has always just returned to the homescreen. After a minute or so if I go back in, I am asked for my pin number again. Within that minute it I choose the Starling icon I am still logged in

I think emptying the account is slightly over-reacting

 

[NicoJ]

I use Starling. I always have to enter my pin when I log on and then the password to set up a payment so I've always considered it relatively secure.

I didn't realise that it didn't automatically log you out (perhaps because I don't tend to log in too quickly afterwards) which is a flaw. I personally wouldn't empty the account but then I don't have a lot of money in there so I guess it's subjective.

 

[billybob99]

Why would you empty the account. It's normal for these apps to timeout of the login session after a minute or so anyway.

You might be switching from Starling app to another and its annoying to keep having to enter your pin.

I use Tide and it asks for a fingerprint each and every time.

 

[TheCyclingProgrammer]

I use Starling on my iPhone. It doesn’t log me out which would be really inconvenient but it does require a PIN or biometric auth (Face ID) when reopening the app. It also requires you to enter your password if you want to do things like send money. In addition my phone is protected by Face ID and a PIN. I think you’re overreacting.

 

[estwig]

Yes your overreacting.
You can close the app yourself each time if it bothers you, hit the bottom right button, find the app and close it. You can also add fingerprint to open it via a third party app like bifdefender. You can probably decide for yourself from within the starlings settings, how long the app should stay open for.

Sorry but the problem isn’t the app, it’s your lack of understanding of android, ask a teenager for help.

 

[Mr D]

Agree with estwig.
Cyndy, your problem with them is their failure to immediately do what you can and should be doing yourself.
Logging you off.

And you blame them for it.

Take responsibility for your own financial security.

 

[Newchodge]

Why would you empty the account. It's normal for these apps to timeout of the login session after a minute or so anyway.

You might be switching from Starling app to another and its annoying to keep having to enter your pin.

I use Tide and it asks for a fingerprint each and every time.

I use a fingerprint for Starling. It is hardly inconvenient to do that each time, even if it is a minute since I last used it. My bigger worry is that Starling actually states that there is no logout button so people cannot foget to logout, it is done automatically. Nowhere does it state that there is a time lag.

 

[Newchodge]

Sorry but the problem isn’t the app, it’s your lack of understanding of android, ask a teenager for help

Please try not to be so patronising.

 

[billybob99]

I use a fingerprint for Starling. It is hardly inconvenient to do that each time, even if it is a minute since I last used it. My bigger worry is that Starling actually states that there is no logout button so people cannot foget to logout, it is done automatically. Nowhere does it state that there is a time lag.

Yeah you are right there is no log-out feature in place. But, they say - instead, whenever the app goes into the background, you'll be asked for your fingerprint or 4-digit passcode when you try to access it again, which means there's no chance of you forgetting to log out.

I believe its the same as Tide and Monzo, you're always logged in. There's a fingerprint or passcode that sits inbetween.

 

[estwig]

Please try not to be so patronising.

Note to self: Must try harder not to be patronising, Cyndy said!

 

[Newchodge]

Yeah you are right there is no log-out feature in place. But, they say - instead, whenever the app goes into the background, you'll be asked for your fingerprint or 4-digit passcode when you try to access it again, which means there's no chance of you forgetting to log out.

That is exactly my point. For an unspecified time, certainly in excess of 30 seconds, you can access the app again after it has gone into the background without any restriction or need to enter fingerprint, passcode or anything else.

 

[estwig]

That is exactly my point. For an unspecified time, certainly in excess of 30 seconds, you can access the app again after it has gone into the background without any restriction or need to enter fingerprint, passcode or anything else.

Then find an app that closes other apps for you, as soon as your finished with them. Or go into the android settings and see if you can stop the starling app from going to sleep, this should make it stop. There are lots of ways to do this, you need to find the one that suits you.

 

[STDFR33]

That is exactly my point. For an unspecified time, certainly in excess of 30 seconds, you can access the app again after it has gone into the background without any restriction or need to enter fingerprint, passcode or anything else.

Even if someone had your phone, and in 30 seconds managed to get on to your Starling, they’d need a code / fingerprint to send a payment.

 

[Newchodge]

Then find an app that closes other apps for you, as soon as your finished with them. Or go into the android settings and see if you can stop the starling app from going to sleep, this should make it stop. There are lots of ways to do this, you need to find the one that suits you.

The one that suits me is the one used by the other banks I have accounts with. I select logout. As soon as I have selcted it I need a passcode or fingerprint to gain access.

 

[estwig]

The one that suits me is the one used by the other banks I have accounts with. I select logout. As soon as I have selcted it I need a passcode or fingerprint to gain access.

I have barclays and santander set to do this, the option is inside the app. Then I have an app to close other apps that won't close when I think they should, then another one to keep apps open that I don't want to close on their own.

 

[Kerwin]

Just quit the app when you have finished using it. Not that hard to do. It takes like 2 seconds.