[We Value Your Feedback] Share Your Experience with Our Login and Authentication Process

I am concerned about the increasing number of "SIM swam scams", exploiting weaknesses in mobile phone networks' MFA process.  See Which? article

How about adding support for passkeys?

I am concerned about sim swap fraud. Are there any options to protect against this?

Thank you.

The parallel login test did not work…still the same behaviour i.e the app forgets the Trust this device and Face ID.  It seems to log me out now after about 5-6 hours, despite whether I go into the app or not.  

My overall experience with authentication is not great - I read somewhere that when the device is 'trusted' then the Smarty app should remember -  this certainly isn't happening with me. Not with the Android app for sure, where I often find myself having to re-login EVERY DAY and in many cases on the SAME day. This is despite having biometrics and 'trusted' device enabled. Each time I need to quickly check usage in the app I'm hit with the requirement to 2FA. Every other networks' app that I've used prior to this one has kept me signed in (mostly indefinitely) so I don't know what's gone wrong here or whether something needs to be implemented for it to work.

Even when I had the biometrics enabled, the first few times I used the app it worked by prompting me but more recently I've seen in the last few weeks I've not been asked at any point to use this method! It just presents the login screen instead. Not sure if even having that enabled is doing anything. 

I know that this is done for a reason to keep our information secure but still, it starts to **** people right off having to keep signing in! I think this is the general consensus amongst users if you read the reviews of the app on the app stores.

Unless of course, something has broken in the authentication mechanism of the latest update that maybe has caused this to happen recently - I've not been with Smarty for long enough to know if this is a historical issue or not. I'm going to test the app on another phone also to rule out maybe any potential problems with Android versions or phone software that could also be causing this, and see if anything improves.

I believe that the web dashboard keeps me signed in longer than the mobile apps. Anyways, I hope that this can be fed back to the team working on the apps and hopefully put a fix in for it! 

App Version: 1.11.5, Android 11

MSF Very odd indeed!  I’m now testing a parallel login on my phone, to see if this solves the issue?!!.  So, I’ve signed back in within the app, ticking the Trust this device, and I’ve also signed in via Safari, and clicked on remember this device.  The app opens pages virtually in Safari, so hoping that by going in both routes it will remember one of them 😂🤣!

Over the past week or so the SMARTY app (iOS) has stopped remembering the Trust Device and Face ID tick in security settings area.  So, every few hours I’m having redo the 2FA i.e having to re-input my username and password, plus verification code via SMS.  Before this, I’d get around 90days before it reset this and I’d have to login again.

Prior to this, I’d open the app it would read my face and open my account details. NOT every few hours as it is currently configured?!?

What is the point of the app asking if you “Trust the Device?” AND allow you to select a security setting of ticking to use FaceID (or any other biometric option available on a phone) in the app, if it doesn’t retain this information?

No worries for me, login, authentication works fine each & every time! SMARTY ROCKS!

Hi Just confused why tha extra security. I can log into my banking app with just my fingerprint, but Smarty also wants to send a text everytime. Bit over the top don't you think. 

I will tell you a little story. I have 3 friends in there 80's who not able to do pay as you go because some operators no longer use swipe top up cards. So i get 3 sims one for each , fit to there phones, manage the account online . I was abe to check balances and top up for them and they would pay me later. Some wise guy decided to start sending these texts with log in codes to the phones. As the people not into texts i was unable to access these accounts so could not top up phones easily anymore. That was a brilliant way to lose customers....... and cause more problems 

I'm still in the process (activated my SIM, and waiting for my number to be ported) but one of the first things I wanted to do was to set up my password to my online account.  Although Google found me a page (probably from this forum) telling me to do this via Account Settings under Menu, there was nothing of the sort on my Menu.  I opened a Chat to try and find out how to access Account Settings, but apart from checking my security details, telling me how to request my number transfer (which I had already done) and suggesting that I should clear my cookies, I got nowhere;  it was only when the e-mail arrived to confirm that my SIM had been activated that a myriad of new options appeared under my Menu!  It might be a good idea if, when somebody clicks on "Forgotten Password" (the usual route to set or re-set one's password on most sites) the e-mail which it generates were to mention that until the SIM activation has been processed it will not be possible to set the password.

Also, when I signed up for this forum, I was told I would be sent an e-mail to confirm my joining and (AFAIR) to set up a password for the forum;  no such e-mail has ever arrived, but here I am, able to post regardless!

remember this browser option never works, please allow me to disable 2 factor authentication