We care about the security of our user's financial and personal information. That is why we have banking grade technology to ensure that our customers and their information, are kept safe. 

To mitigate fraud, we have put the following in place:

  • We leverage global leaders in our microservices architecture, such as, Stripe, BPAY, OKTA, Twilio, Microsoft, and SendGrid to leverage their built-in anti-fraud protection. 
  • For payment processing, we meet the relevant PCI Data Security Standard for our service and have an Attestation of Compliance.
  • For fraud mitigation on our financial transactions, we deploy ‘Stripe Radar’ as an additional service on our payment gateway. This helps to distinguish fraudsters from Customers and blocks fraud for any type of business using machine learning. 
  • We apply ‘3D Secure’ to high-risk payments. 3D Secure is an international payment system technology, that is a safe method for effecting various payment operations through the internet. 
  • The BPAY APIs we use to validate billers verify valid BPAY biller codes and CRNs. The payout files we generate via BPAY APIs and thus we leverage all the verifications that BPAY can provide.
  • We have 24/7 monitoring and alerts on transactions, processes, database connections, and any brute force attacks.
  • Automated detection from Azure’s Application Insights management consoles for monitoring of all our infrastructure (availability, failures, attacks, etc.).
  • We complete 2FA verification on the email address and phone number before can create an account and access the platform.
  • We use the highest grade 2048-bit RSA SSL certificates on all web transactions and connections.
  • We have undertaken 3rd party penetration testing of our app and are independently verified that we have no technical vulnerabilities that can be exploited for technical fraud or security risk. 
  • We meet all relevant industry standards and benchmarks for web applications security, such as OWASP and CIS to apply application hardening and best practice guidelines in an Azure environment. Our microservices information architecture ensures the highest level of security built into our application and development operations. 
  • We are only available to Australian companies that accept BPAY payments, and we currently only accept Australian credit cards. 
  • Only bills with a maximum of $1,500 due can be uploaded into HelpPay. A maximum payment of $800 per transaction is also in place. 
  • The HelpPay technology only allows one person at a time to contribute to a certain bill. This prevents over-payments. 
  • The bill amount remaining is always up to date, with live updates once payment has been made.
  • We have patent-pending technology (Application AU 20211902740) that only allows for one person at a time to contribute to that bill. Preventing over-payments or multiple payments greater than the bill amount. 

We strive to continually update and improve our fraud prevention strategies.