Can we move to 5 digit PIN for app access? At least 2 other finansial apps I use have 5 digit PIN’s and revolut’s 4 digit PIN feels outdated.
This is a sensible suggestion. It would add greater security, even for those using biometrics.
I occasionally find biometrics to be flaky.
Currently you get three tries before the card gets locked. That seems to me to be more effective to stop unauthorized use than increasing the number of PIN digits.
You would have to be very lucky to guess a 4-digit PIN in three tries. Increasing to a 5-digit PIN doesn’t change that materially.
But if someone finds your PIN, whether by hacking the encrypted PIN on R’s side or finding it written down somewhere in your wallet, it will not matter whether the PIN was 4 digits, 5 digits – or 45 digits.
@Bear You misunderstood. I am not talking about card(s) PIN(s).
You’re right. I read too quickly.
But what’s the difference in practice? Does the app not also place a limit on the number of wrong PINs you can try before it blocks?
It does. 5 digit Pin is also more difficult for me to remember, personally
Which means you’re more likely to write it down somewhere that a thief could find
I probably would keep it in notes
What about the fingerprint?
I know, not every phone does it, but I don’t want to have more PINs, it would be good to have it as an optional setting I guess.
I would like a 6 digit PIN like at Bunq.
Why not use a real password?
Like the option you have on your phone
I already have trouble remember a 4 pin
5 pin don’t make it easier
Yeah 6 digits would be good also my other bank accounts also use 6 digits
same here! it would make a lot more sense
I agree it’s ridiculous that my bank account is less secure than… basically anything else. Every regular website with email/password and 2FA is a thousand times more secure than logging into Revolut.
Then again, there are many many dumb people who 1) have no idea about security, 2) don’t care about security (unless someone steals their money, but then of course it is never their fault), and 3) fail at remembering a 2-digit PIN if someone like that existed.
So Revolut will balance security with convenience. Also remember that the 4-digit PIN is inherently more secure than you think, simply because there will be lock out periods if you enter a wrong pin 3 times or more. It’s not like someone can simply get a new SIM card for your phone line via social engineering and then test all possible 9999 combinations.
Thanks for the link. You need to read again what I wrote. I never said SIM-swapping wasn’t a problem. That’s why in addition to access to the mobile number, Revolut requires a PIN. You can’t test out 9999 combination because Revolut will delay-lock the attempts.