Skip to main content
Return to pay.com.au

How can we help?

How does Basiq securely add my accounts as a payment method?

Payment Methods Open Banking
Who can use this feature?
👤 All account owners and administrators
🏁 Available on all subscriptions

We use Basiq — an accredited Open Banking platform — to securely verify your bank account when you add it as a payment method.

Here's how it works:

  • 1 Basiq verifies your bank account details using Open Banking. Your bank may send you an SMS or email confirming the Basiq connection has been established — and another when it ends (Basiq only maintains the connection briefly).
  • 2 Once verified, your bank account is added to your PayWallet and is ready to use.
Want to know more about Open Banking?

Visit the Australian Banking Association for a plain-English overview of how Open Banking works in Australia.

Your data rights under the Consumer Data Right (CDR)

The Consumer Data Right (CDR) is the legal framework that governs how your banking data is collected, shared, and protected when using Open Banking services like Basiq.

Accredited Data Recipients (ADRs)

Basiq is an Accredited Data Recipient — an organisation approved under the CDR framework to receive and manage consumer banking data. ADRs are required to:

  • Transparently disclose how data is used
  • Ensure secure storage and transfer of your data
  • Implement privacy safeguards to protect your consent

What you can control

Choice and control
You decide what's shared
You choose what data to share, how it's used, and who it's disclosed to.
Manage consent
Change your mind, anytime
View, update, or revoke your consent at any time through your banking app or by contacting us.
Data deletion
Your right, always
You can request data deletion or de-identification at any time.
Retention policy
We don't hold data longer than needed
Data is deleted or de-identified when no longer required, upon consent expiry, or within 24 hours of a revocation request.

How we use CDR data

We may use data collected under the CDR framework for:

  • Personalised services — tailoring recommendations based on your activity
  • Operational purposes — fraud prevention, abuse detection, and anonymised analytics
  • Communications — sending updates and notifications aligned with your preferences

Consent management

You can review, update, or withdraw your consent at any time using either of these methods:

  • Directly through your banking app or online banking
  • By contacting us

Data deletion and de-identification

Your right to deletion

You can request data deletion at any time. Upon consent withdrawal, your data will be securely deleted or de-identified. Redundant data will be destroyed unless we are legally required to retain it. Any third-party processors will also be required to securely erase shared data.

De-identification means removing personally identifiable information while retaining anonymised data for operational use (such as fraud prevention and analytics). This includes:

  • Removing your personal information from transactions
  • Stripping timestamps and descriptions that reveal specific details
  • Aggregating data to ensure anonymity

Related articles

Contact us